Chapter 5: The Data Link Layer Application Transport Network data link layer service Moving data between nearby network elements • Move data between end-host and router • Move data between end-hosts • Move data between routers error detection, correction Encryption sharing a broadcast channel: multiple access link layer addressing and routing reliable data transfer, flow control Interact/act as a bridge between the network layer and the physical layer • There are many types of physical layer Which services does the link layer provide that other layers also provide?
136
Embed
Chapter 5: The Data Link Layer r Application r Transport r Network r data link layer service m Moving data between nearby network elements Move data between.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Chapter 5 The Data Link Layer Application Transport Network data link layer service
Moving data between nearby network elementsbull Move data between end-host and routerbull Move data between end-hostsbull Move data between routers
error detection correction Encryption sharing a broadcast channel multiple access link layer addressing and routing reliable data transfer flow control Interactact as a bridge between the network layer and the physical
layerbull There are many types of physical layer
Which services does the link layer provide that other layers also provide
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing and routing (ARP)
55 Ethernet
56 Link-layer switches 57 PPP 58 Link virtualization
ATM MPLS
Link Layer IntroductionSome terminology hosts and routers are nodes communication channels
that connect adjacent nodes along communication path are links wired links wireless links LANs
layer-2 packet is a frame encapsulates datagram
data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes
Link layer context
datagram transferred by different link protocols over different links eg Ethernet on first
link frame relay on intermediate links 80211 on last link
each link protocol provides different services eg may provide
reliability over link
transportation analogy trip from Newark to San Jose
limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose
tourist = datagram transport segment =
communication link transportation mode = link layer
protocol Note that a bus or plane trip
might contain many changes of the bus or plane but this seems like a single hop
travel agent = routing algorithm
Link Layer Services framing link access
encapsulate datagram into frame adding header trailer
channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify
source dest bull different from IP address
Routing reliable delivery between adjacent nodes
we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted
pair) wireless links high error rates
bull Q why both link-level and end-end reliability
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing and routing (ARP)
55 Ethernet
56 Link-layer switches 57 PPP 58 Link virtualization
ATM MPLS
Link Layer IntroductionSome terminology hosts and routers are nodes communication channels
that connect adjacent nodes along communication path are links wired links wireless links LANs
layer-2 packet is a frame encapsulates datagram
data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes
Link layer context
datagram transferred by different link protocols over different links eg Ethernet on first
link frame relay on intermediate links 80211 on last link
each link protocol provides different services eg may provide
reliability over link
transportation analogy trip from Newark to San Jose
limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose
tourist = datagram transport segment =
communication link transportation mode = link layer
protocol Note that a bus or plane trip
might contain many changes of the bus or plane but this seems like a single hop
travel agent = routing algorithm
Link Layer Services framing link access
encapsulate datagram into frame adding header trailer
channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify
source dest bull different from IP address
Routing reliable delivery between adjacent nodes
we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted
pair) wireless links high error rates
bull Q why both link-level and end-end reliability
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer IntroductionSome terminology hosts and routers are nodes communication channels
that connect adjacent nodes along communication path are links wired links wireless links LANs
layer-2 packet is a frame encapsulates datagram
data-link layer has responsibility of transferring datagram from one node to adjacent node over one or more links - Without visiting any layer 3 nodes
Link layer context
datagram transferred by different link protocols over different links eg Ethernet on first
link frame relay on intermediate links 80211 on last link
each link protocol provides different services eg may provide
reliability over link
transportation analogy trip from Newark to San Jose
limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose
tourist = datagram transport segment =
communication link transportation mode = link layer
protocol Note that a bus or plane trip
might contain many changes of the bus or plane but this seems like a single hop
travel agent = routing algorithm
Link Layer Services framing link access
encapsulate datagram into frame adding header trailer
channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify
source dest bull different from IP address
Routing reliable delivery between adjacent nodes
we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted
pair) wireless links high error rates
bull Q why both link-level and end-end reliability
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link layer context
datagram transferred by different link protocols over different links eg Ethernet on first
link frame relay on intermediate links 80211 on last link
each link protocol provides different services eg may provide
reliability over link
transportation analogy trip from Newark to San Jose
limo Newark to PHL plane PHL to SFO BART SFO to SF train SF to San Jose
tourist = datagram transport segment =
communication link transportation mode = link layer
protocol Note that a bus or plane trip
might contain many changes of the bus or plane but this seems like a single hop
travel agent = routing algorithm
Link Layer Services framing link access
encapsulate datagram into frame adding header trailer
channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify
source dest bull different from IP address
Routing reliable delivery between adjacent nodes
we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted
pair) wireless links high error rates
bull Q why both link-level and end-end reliability
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer Services framing link access
encapsulate datagram into frame adding header trailer
channel access if shared medium ldquoMACrdquo addresses used in frame headers to identify
source dest bull different from IP address
Routing reliable delivery between adjacent nodes
we learned how to do this already (chapter 3) seldom used on low bit-error link (fiber some twisted
pair) wireless links high error rates
bull Q why both link-level and end-end reliability
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer Services (more)
flow control pacing between adjacent sending and receiving nodes
Encryption Some links can easily be tapped so encryption is needed for
privacy
error detection errors caused by signal attenuation noise receiver detects presence of errors
bull signals sender for retransmission or drops frame
error correction receiver identifies and corrects bit error(s) without resorting to
retransmission half-duplex and full-duplex
with half duplex nodes at both ends of link can transmit but not at same time
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Where is the link layer implemented
in each and every host in the network
Which other layers are implemented in every host
link layer implemented in ldquoadaptorrdquo (aka network interface card NIC)
Ethernet card PCMCI card 80211 card
implements link physical layer
attaches into hostrsquos system buses
combination of hardware software firmware
controller
physicaltransmission
cpu memory
host bus (eg PCI)
network adaptercard
host schematic
applicationtransportnetwork
link
linkphysical
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Adaptors Communicating
sending side encapsulates datagram
in frame adds error checking bits
rdt flow control etc
receiving side looks for errors rdt flow control
etc extracts datagram
bull passes to upper layer at receiving side
bull Moves frame to another link
controller controller
sending host receiving host
datagram datagram
datagram
frame
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Error DetectionEDC= Error Detection and Correction bits (redundancy)D = Data protected by error checking may include header fields
bull Error detection not 100 reliablebull protocol may miss some errors but rarelybull larger EDC field yields better detection and correction
otherwise
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Parity Checking
Single Bit ParityDetect single bit errors
Two Dimensional Bit ParityDetect and correct single bit errors
0 0
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Internet checksum (review)
Sender treat segment contents
as sequence of 16-bit integers
checksum addition (1rsquos complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver compute checksum of
received segment check if computed
checksum equals checksum field value NO - error detected YES - no error detected
But maybe errors nonetheless
Goal detect ldquoerrorsrdquo (eg flipped bits) in transmitted packet (note used at transport layer only)
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Checksumming Cyclic Redundancy Check view data bits D as a binary number choose r+1 bit pattern (generator) G goal choose r CRC bits R such that
ltDRgt exactly divisible by G (modulo 2) receiver knows G divides ltDRgt by G If non-zero
remainder error detected can detect all burst errors less than r+1 bits
widely used in practice (Ethernet 80211 WiFi ATM)
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CRC ExampleWant
D2r XOR R = nGequivalently
D2r = nG XOR R equivalently if we divide D2r by
G want remainder R
R = remainder[ ]D2r
G
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Multiple Access Links and Protocols
Two types of ldquolinksrdquo point-to-point
PPP for dial-up access point-to-point link between Ethernet switch and host
broadcast (shared wire or medium) old-fashioned Ethernet 80211 wireless LAN
shared wire (eg cabled Ethernet)
shared RF (eg 80211 WiFi)
shared RF(satellite)
humans at acocktail party
(shared air acoustical)
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Multiple Access Control (MAC) protocols
single shared broadcast channel two or more simultaneous transmissions by
nodes interference collision if node receives two or more signals at the
same time
multiple access protocol An algorithm that determines how nodes
share channel ie determine when node can transmit
communication about channel sharing must use channel itself out-of-band channel for coordination is difficult
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ideal Multiple Access Protocol
Broadcast channel of rate R bps1 when one node wants to transmit it can send
at rate R2 when M nodes want to transmit each can
send at average rate RM3 fully decentralized
no special node to coordinate transmissions no synchronization of clocks slots Generally centralized MAC are much more efficient
4 simple
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
MAC Protocols a taxonomy
Three broad classes Channel Partitioning
divide channel into smaller ldquopiecesrdquo (time slots frequency code)
allocate piece to node for exclusive use this approach is difficult since we know that statistical
multiplexing can support more users Random Access
channel not divided allow collisions Detect and recover from collisions Detection and recovery (eg retransmission) can be
inefficient Predictableguaranteed performance is difficult to achieve
Centralizedtaking turns
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Channel Partitioning MAC protocols TDMA
TDMA time division multiple access access to channel in rounds each station gets fixed length slot (length = pkt trans time) in
each round unused slots go idle GSM (some cell phones) uses TDMA
Why So service is predictable and calls can be rejected if there is not enough
bandwidth
example 6-station LAN 134 have pkt slots 256 idle
1 3 4 1 3 4
6-slotframe
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Channel Partitioning MAC protocols FDMA
FDMA frequency division multiple access channel spectrum divided into frequency bands each station assigned fixed frequency band unused transmission time in frequency bands go idle GSM also uses FDMA example 6-station LAN 134 have pkt frequency bands
256 idle
frequ
ency
bands time
FDM cable
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Random Access Protocols
When node has packet to send transmit at full channel data rate R no a priori coordination among nodes
bull Some approaches use limited coordination
two or more transmitting nodes ldquocollisionrdquo random access MAC protocol specifies
how to detect collisions how to recover from collisions (eg via delayed
retransmissions)
Examples of random access MAC protocols slotted ALOHA ALOHA CSMA CSMACD CSMACA
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
The ALOHA Protocol
Developed U of Hawaii in early 70rsquos Packet radio networks ldquoFree for allrdquo whenever station has a frame to
send it does so Aloha is the simplest of MAC protocols Aloha is old but still widely used
As will be seen many protocols have a period of time where nodes transmits when they want
During such periods of time the MAC essentially Aloha
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Collisions
Invalid frames may be caused by channel noise or
Because other station(s) transmitted at the same time collision
Collisions and other link layer losses must be detected and corrected Question 1 Where are all the places that losses can
occur
Question 2 where can errors be detected and corrected
Roughly speaking a collision happens even when the last bit of a frame overlaps with the first bit of the next frame
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ALOHArsquos Performance 1
Timet0
t0+t t0+2t t0+3t
If another node transmits here then there is a collision
vulnerableIf another node starts to transmit
during this vulnerable period then a collision will occur
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ALOHArsquos Performance
Assume that users try to send frames at random times (Poisson events)
Let G be the average rate that users try to send frames per frame time
G is the utilization Why
Model the moment transmission start as points along the time line
Next slide
The probability of trying to send k frames during the vulnerable period (which is TWO frame times long) is
2 2
k
eGkP
Gk
The probability zero other frames are sent is P(0)=e-2GThe throughput is the rate that frames are sent multiplied by the probability that the transmission is successful
G e-2G
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Poisson process
events
Events are distributed according to a Poisson process with parameter if
P(k events in period of length T) = exp(-T)(T)k k
is the rate that events occur = number of events in period WW (when W is large)
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Aloha performance
vulnerabilityperiod
P(k events in period of length T) = exp(-T)(T)k k
The probability of no collision is probability of no event in the vulnerability period = 2T
Let T = 1 (ie our time is measured in packet transmission times not seconds)Then what is = average number of transmission attempts per transmission time So = utilization Ie = G And the probability of no collision is exp(-2G)(2G)00=exp(-2G)
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ALOHArsquos Performance
The best throughput occurs for what value of GWhat is this best throughput
0 1 2 30
01
020184
0
G e 2 G
30 G
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Timet0
t0+t t0+2t t0+3t
If a frame is transmitted here then a collision
occursBut this will only happen if
a packet arrives at the MAC layer during this
period
vulnerable
If another node selects to transmit during this vulnerable period then a collision will occur
The vulnerable period is half the size of unslotted aloha
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Slotted Aloha
Vulnerable period is halved Doubles performance of ALOHA Throughput=S = G e-G S = Smax = 1e = 0368 for G = 1
G=1 means typically a node tries to transmit each slot
However the throughput is well below 1 there any many collisions
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Slotted Aloha Performance
0 2 40
02
040368
0
G e G
40 G
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ALOHA and Slotted ALOHA
Pros single active node can
continuously transmit at full rate of channel
decentralized simple
Cons Collisions
wasting slots Inefficient
idle slots nodes may be able to
detect collision in less than time to transmit packet
Slotted aloha requires clock synchronization
Lose synchronization requires guard times which reduces efficiency
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMA (Carrier Sense Multiple Access)
CSMA listen before transmitIf channel sensed idle transmit entire frame If channel sensed busy defer transmission
human analogy donrsquot interrupt others
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Question
For 10 Mbps ethernet the maximum cable length is 2000m
For 100Mbps ethernet the maximum cable length is 200m
Why is the maximum length for 100Mbps 10 times shorter than 10Mbps
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMA collisions
collisions can still occurpropagation delay means two nodes may not heareach otherrsquos transmissioncollisionentire packet transmission time wasted
spatial layout of nodes
noterole of distance amp propagation delay in determining collision probability
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMACD collision detectionTransmitter 1
Transmission time
time
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Collision detectedby transmitter 1When is it detected
Receiver 1 receives garbled signal
Position on wireReceiver 1
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMACD collision detectionPosition on wireTransmitter 1
Transmission time
Collision NOT detected
by transmitter 1
Transmitter 2
Propagation delay
Collision detectedby transmitter 2
Receiver 1
Receiver 1 receives garbled signal
What are the requirements to ensure that collisions are detected
The transmitter must transmit for 2timesTpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
time
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMACDWhat are the requirements to ensure that collisions are detected
The transmitter must transmit for 2Tpropagation + epsilonThe transmit time is frame length bit rateTherefore
2timesCableLengthspeed of propagation + epsilon lt FrameLengthbit-rate
If frame length can be arbitrarily small then the cable length must be very shortThus frames cannot be arbitrarily small Minimum frame length in Ethernet is 64B
Why is the maximum cable length of a 10Mbps ethernet cable 10 times longer than the maximum cable length of a 100Mbps ethernet
The minimum frame length in Ethernet is independent of bit-rate
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMACD (Collision Detection)CSMACD carrier sensing with collision
detection collisions detected within short time colliding transmissions aborted reducing
channel wastage collision detection
easy in wired LANs measure signal strengths compare transmitted received signals
Difficultimpossible in wireless LANs received signal strength overwhelmed by local transmission strength
human analogy the polite conversationalist
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
persistent
1-persistent If medium is idle then transmit If medium is not idle then wait until it is and then transmit
bull In this case all nodes that desire to transmit during the period when a node is transmitting will collide
p-persistent If medium is idle then transmit If medium is not idle then wait until it is idle Once idle then transmit with probability p And wait for the
next slot with probability 1-p and repeatbull Here slot does not have to be the time to send a full frame but
just enough time to let other hosts start sending
Exponential Backoff Next slide
What to do when the link is found to be busy
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
1 Upon desiring to transmit a frame set BackOff = BO (some starting value 4 and 8 are common)
2 If medium is idle then transmit3 If medium is not idle then wait until it is idle4 Once idle
a pick an integer r between 0 and BO-1b Wait r time slots
1 A time slot is long enough so that if a node begins to trasnmit at the beginning of the time slot then all nodes will hear the transmission before the time slot end
2 Give an equation for the length of a time slotc If no other transmission begins before the r time slots then
transmit5 If a collision is detected
a Continue to transmit so that all nodes will know that a collision occurred then stop
b Set BO = min( 2 BO BO_Max )a In ethernet BO_max = 1024
c Go to step 4
Exponential Backoff
Question discuss the different ways in which backoff is used in network protocols
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocolschannel partitioning MAC protocols
share channel efficiently and fairly at high load inefficient at low load delay in channel access 1N
bandwidth allocated even if only 1 active node Random access MAC protocols
efficient at low load single node can fully utilize channel
high load collision overheadbull Be careful Here we say that high load is when the number
of users increases If the number of users is fixed (and small) then the efficiency under high load is not as bad
ldquotaking turnsrdquo protocols look for best of both worlds Use in mobile phones data access 80216 aka WiMax partly uses this approach 80211 specifies this capability but it is not widely
deployed YET
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn
master
slaves
data
data
data
poll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
master
slaves
data
datapoll
data
pollpollpoll
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master) master
slaves
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocols
Polling master node ldquoinvitesrdquo slave
nodes to transmit in turn After each node is given a chance the
pattern repeats If a slave has no data to send then it
does nothing and the master quickly polls the next node
concerns polling overhead latency single point of failure (master)
QoS guarantees can be made
If a VoIP call requires 12bps The master can determine if the call will receive the desire quality and ensure that it does
bull When congested new calls are rejected but existing call continue to receive good performance
bull Consider the difference between the demands by VoIP and services provided by TCP
Guarantees are worth much more money than non-guarantees
master
slaves
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ldquoTaking Turnsrdquo MAC protocolsToken passing control token
passed from one node to next sequentially
token message concerns
token overhead Latency single point of failure
(token)
T
data
(nothingto send)
T
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Summary of MAC protocols
channel partitioning by time frequency or code Time Division Frequency Division
random access (dynamic) ALOHA S-ALOHA CSMA CSMACD carrier sensing easy in some technologies (wire)
hard in others (wireless) CSMACD used in Ethernet CSMACA used in 80211 (Wersquoll study it when we talk
about wireless)
taking turns polling from central site token passing Bluetooth FDDI IBM Token Ring
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM MPLS
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
MAC Addresses and ARP
32-bit IP address network-layer address used to get datagram to destination IP subnet
MAC (or LAN or physical or Ethernet) address function get frame from one interface to another
physically-connected interface (same network)bull The textbook is wrong about this Today hosts are
almost never physically connected 48 bit MAC address (for most LANs)
bull burned in NIC ROM also sometimes software settable
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
LAN Addresses and ARPEach adapter on LAN has unique LAN address
Broadcast address =FF-FF-FF-FF-FF-FF
= adapter
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN(wired orwireless)
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
LAN Address (more)
MAC address allocation administered by IEEE manufacturer buys portion of MAC address space (to
assure uniqueness) Check OUI lookup
bull Google OUI lookupbull Enter MAC addressbull See manufacture
analogy (a) MAC address like Social Security Number (b) IP address like postal address MAC flat address portability
can move LAN card from one LAN to another IP hierarchical address NOT portable
address depends on IP subnet to which node is attached If a NIC is changed then the MAC is changed
bull Whereas the IP address can stay the same
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP Address Resolution Protocol
Each IP node (host router) on LAN has ARP table At prompt gtgt arp -a
ARP table IPMAC address mappings for some LAN nodes
lt IP address MAC address TTLgt
TTL (Time To Live) time after which address mapping will be forgotten (typically 20 min)
Question how to determineMAC address of Bknowing Brsquos IP address
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
137196723
137196778
137196714
137196788
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP protocol Same LAN (network) A wants to send datagram to C
Check if Crsquos IP address is in the same subnet
Use subnet mask and compare this nodes IP to Crsquos IP
Eg bull my IP=12843567bull Brsquos IP=12851912bull Subnet mask is 25525500 =gt
the first 8 bytes define the subnet
bull So in this case A and B are in different subnets
bull Thus the datagram is sent to the gateway which must be in the same subnet
bull Suppose that the B is the gateway but only the IP address of B is known
Suppose a host wants to send to B and only Brsquos IP address is know and B is in the same subnet
and Brsquos MAC address not in Arsquos ARP table A broadcasts ARP query packet containing
Bs IP address dest MAC address = FF-FF-FF-FF-FF-FF Ethernet frame type = ARP query
bull Other types include datagram all machines on LAN receive ARP query
B receives ARP packet replies to A with its (Bs) MAC address
frame sent to Arsquos MAC address (unicast) A caches (saves) IP-to-MAC address pair in its
ARP table until information becomes old (times out)
soft state information that times out (goes away) unless refreshed
ARP is ldquoplug-and-playrdquo nodes create their ARP tables without
intervention from net administrator
A
C
B
D
LAN
Who has IP 1114Tell 1112Who has IP 1114Tell 1112Who has IP 1114Tell 1112
I have 1114
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Addressing routing to another LAN
R
1A-23-F9-CD-06-9B
222222222220111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
walkthrough send datagram from A to B via R assume A knows Brsquos IP address
two ARP tables in router R one for each IP network (LAN)
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
A creates IP datagram with source A destination B A uses ARP to get Rrsquos MAC address for 111111111110 A creates link-layer frame with Rs MAC address as dest
frame contains A-to-B IP datagram Arsquos NIC sends frame Rrsquos NIC receives frame R removes IP datagram from Ethernet frame sees its
destined to B R uses ARP to get Brsquos MAC address R creates frame containing A-to-B IP datagram sends to B
R
1A-23-F9-CD-06-9B
222222222220
111111111110
E6-E9-00-17-BB-4B
CC-49-DE-D0-AB-7D
111111111112
111111111111
A74-29-9C-E8-FF-55
222222222221
88-B2-2F-54-1A-0F
B222222222222
49-BD-D2-C7-56-2A
This is a really importantexample ndash make sure youunderstand
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP
Watch wireshark without any connections What happens if I set an entry in the ARP table
with the IP address of my gateway but my MAC address
Eg take two machines A and B on the same LAN (what does this mean How can you tell if two machines are on the same LAN) Let P be a nonexistent IP address in the LAN On machine A ping P
bull Use wireshark on B to see no evidence of the ping On A set an arp entry on A with IP = P and MAC =
Brsquos MAC Then ping P Watch ping messages appear in wireshark on B But still no response
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP spoofing ndash man-in-the-middle attack
If the medium is shared then a node can eavesdrop on transmissions Wireless uses link layer encryption These days wired ethernet used a dedicate
wires from the switch (link layer router) to each host
bull But ARP attack still works
Goal intercept messages between the victim and anyone else I record the real MAC address of the victim When an ARP query request is made for the
victim I respond with my MAC
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Who has IP address 1234
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Who has IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
MAC 0012121212 has IP address 1234
MAC 0012121212 has IP address 1234
Save MACIP mapping in cache for 20 minutes
Attacker knows the MAC of victim
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the MAC of victim
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Source MAC 0011111111 Who has ip blablablablaTell IP address 1234
Save IPARP mapping in cache
Confusedhellip but ignores it
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP spoofing ndash man-in-the-middle attack
VictimMAC=001212121212
IP 1234
attackerMAC=001111111111
IP= 5678
Some other hostswitch
Attacker knows the secret plan
MAC 0011111111 IP1234 The secret plan is hellip
MAC 0012121212 IP1234 The secret plan is hellip
Ahh I got the secret plan I was expecting
Changed MAC address to correct address
Later (when all caches have been cleared) the attacker floods ARP queries The attacker continues to flood ARP queries
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
ARP spoofing ndash man-in-the-middle attack
Some new switches can protect against these attacks How can these attacks be detected and stopped One way is to detect a attacker is to look at ARP
tables and see is a single IP has two MACsbull Is real IP and the victims IPbull But if a machine has wired and wireless NICs and is
running microsoft OS the OS will sometimes send a frame with the wireless IP as source address over the wired LAN and hence with the wired MAC address
bull Then tables will record the mapping between the MAC and IP and there will be two IPs for a single MAC
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Link Layer
51 Introduction and services
52 Error detection and correction
53Multiple access protocols
54 Link-Layer Addressing
55 Ethernet
56 Link-layer switches 57 PPP 58 Link Virtualization
ATM and MPLS
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernet
ldquodominantrdquo wired LAN technology cheap $20 for NIC first widely used LAN technology simpler cheaper than token LANs and ATM kept up with speed race 10 Mbps ndash 10 Gbps
Metcalfersquos Ethernetsketch
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Star topology bus topology popular through mid 90s
all nodes in same collision domain (can collide with each other)
star topology active switch in center each ldquospokerdquo runs a (separate) Ethernet protocol (nodes
do not collide with each other) LAN
Multiple stars connected (wersquoll see later)
switch
bus coaxial cable star
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernet Frame Structure
Sending adapter encapsulates IP datagram (or other network layer protocol packet) in Ethernet frame
Preamble 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011 used to synchronize receiver sender clock
rates
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernet Frame Structure (more) Addresses 6 bytes
if adapter receives frame with matching destination address or with broadcast address (eg ARP packet) it passes data in frame to network layer protocol
otherwise adapter discards frame (unless in promiscuous modes) Type
ARP queryresponse LAN routing higher layer protocol (mostly IP but others possible eg Novell
IPX AppleTalk) CRC checked at receiver if error is detected frame is
dropped
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernet Unreliable connectionless connectionless No handshaking between sending
and receiving NICs unreliable receiving NIC doesnrsquot send acks or
nacks to sending NIC stream of datagrams passed to network layer can have
gaps (missing datagrams) gaps will be filled if app is using TCP otherwise app will see gaps
Ethernetrsquos MAC protocol unslotted CSMACD
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernet CSMACD algorithm
1 NIC receives datagram from network layer creates frame
2 If NIC senses channel idle starts frame transmission
3 If NIC senses channel busy waits until channel idle then transmits 1-persistant
4 If NIC transmits entire frame without detecting another transmission NIC is done with frame
4 If NIC detects another transmission while transmitting aborts and sends jam signal
5 After aborting NIC enters exponential backoff after mth collision NIC chooses K at random from 012hellip2m-1 NIC waits K slots where one slot is 512 bit times returns to Step 2
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Ethernetrsquos CSMACD (more)
Jam Signal make sure all other transmitters are aware of collision 48 bits
Bit time 1 microsec for 10 Mbps Ethernet for K=1023 wait time is about 50 msec
Exponential Backoff Goal adapt retransmission
attempts to estimated current load heavy load random
wait will be longer first collision choose K
from 01 delay is K 512 bit transmission times
after second collision choose K from 0123hellip
after ten or more collisions choose K from 01234hellip1023
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
CSMACD efficiency Tprop = max prop delay between 2 nodes in LAN
ttrans = time to transmit max-size frame
efficiency goes to 1 as tprop goes to 0
as ttrans goes to infinity bull larger frame size is better higher bit-rate is worst
better performance than ALOHA and simple cheap decentralized Most ethernet is used with switches So collision never occur
transprop ttefficiency
51
1
960
1010081500
102200
51
1
68
m
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
8023 Ethernet Standards Link amp Physical Layers
many different Ethernet standards common MAC protocol and frame format different speeds 2 Mbps 10 Mbps 100 Mbps 1Gbps 10G bps different physical layer media fiber cable Very large ethernets are possible QoS MPLS runs over ethernet (so traffic engineering is possible)
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
bits coming in one link go out all other links at same rate
all nodes connected to hub can collide with one another no frame buffering no CSMACD at hub host NICs detect collisions
twisted pair
hub
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Interconnecting with hubs Backbone hub interconnects LAN segments But individual segment collision domains become
one large collision domain Canrsquot interconnect 10BaseT amp 100BaseT
hub
hubhub
hub
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Switch link-layer device smarter than hubs take active role
Store and forward Ethernet framesbull Question do switches in circuit switching networks store and
forward examine incoming framersquos MAC address selectively forward
frame to one-or-more outgoing links when frame is to be forwarded on segment uses CSMACD to access segment
transparent hosts are unaware of presence of switches
plug-and-play self-learning switches do not need to be configured
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Switch allows multiple simultaneous transmissions
hosts have dedicated direct connection to switch
switches buffer packets Ethernet protocol used on
each incoming link but no collisions full duplex each link is its own collision
domain switching A-to-Arsquo and B-
to-Brsquo simultaneously without collisions not possible with dumb hub
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Switch Table
Q how does switch know that Arsquo reachable via interface 4 Brsquo reachable via interface 5
A each switch has a switch table each entry (MAC address of host interface
to reach host time stamp)
looks like a routing table Q how are entries created
maintained in switch table something like a routing
protocol
A
Arsquo
B
Brsquo
C
Crsquo
switch with six interfaces(123456)
1 23
45
6
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Switch self-learning
switch learns which hosts can be reached through which interfaces Some interfaces are
configured But in other caseshellip
when frame received switch ldquolearnsrdquo location of sender incoming LAN segment
records senderlocation pair in switch table
A
Arsquo
B
Brsquo
C
Crsquo
1 23
45
6
A Arsquo
Source ADest Arsquo
MAC addr interface TTL
Switch table (initially empty)
A 1 60
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Switch frame filteringforwardingWhen frame received
1 record linkinterface associated with sending host 3 if entry found for destination
then if dest on segment from which frame arrived
then drop the frame else forward the frame on interface indicated else flood3 periodically purge all old table entries
forward on all but the interface on which the frame arrived
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-Learning
MAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
Dest=B Source=A
Make table entry for A No table entry for B so flood
Dest=B Source=A
Note if the switch has ports that are manually configured then the frame is not flooded to a hostBut they are only flooded to other switches
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
MAC Interface
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=ADest=B Source=A
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Make table entry for A No table entry for B so flood
Dest=B Source=A
Dest=B Source=ADest=B Source=A
Dest=B Source=A
Make table entry for A No table entry for B so flood
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
MAC Interface
A 2
A
B
Dest=A Source=B
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
A 1
B 3
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
A 1
B 3
MAC Interface
A 1
B 2
MAC Interface
A 2
A
B
Dest=A Source=B
Make table entry for B Have a table entry for A so forward
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Self-LearningMAC Interface
1
2
3 1 2
3
21
3
2 3
1
MAC Interface
MAC Interface
MAC Interface
A
B
20 minutes later all table entries are deleted
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Poorly Designed Institutional network Why
to externalnetwork
router
LAN - IP subnet
mail server
web server
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
Explain self learning on this networkSuppose that A sends a frame to the mail server and all tables are emptyDue to the loops the frames will loop and overwhelm the networkLoops provide robustness but have to be eliminated
A
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Institutional network without a single point of failure
to externalnetwork
router
IP subnet
mail server
web server
A
Edge in spanning tree
ldquodisconnectedrdquo interface ie do not forward or flood frames through this interface
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Loop Resolution Goal remove ldquoextrardquo paths by removing ldquoextrardquo bridges Spanning tree
Consider the network as a graph G(VE) LANs are represented by vertices and bridgesswitches are
represented by edgesbull This is backwards from what you might expect ie switches as
vertices and LANs as edges On any graph there exists a tree that spans all nodes where
there is only one path between any pair of nodes ie NO loops
If a LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
This tree is formed by ldquodisconnectingrdquo switches from some LANs
bull The switches are not physically disconnected Instead when ldquodisconnectedrdquo from a LAN they simply never flood packets over to the LAN
bull Of course the spanning tree is recomputed often and if something breaks then the LAN might be ldquoreconnectedrdquo to the switch
B3
LAN A
LAN B
B2
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Spanning Tree Algorithm (1)
LANs are represented by vertices and bridgesswitches are represented by edges
This is backwards from what you might expect ie switches as vertices and LANs as edges
When manufactured each bridge is given a unique ID The root is the node with the smallest ID
Approach Compute paths to the node with smallest ID
Paths indicate which of a bridgersquosswitchrsquos interface leads to the switch with smallest ID
If LAN Arsquos next hop toward the root is LAN B then the switch between LAN A and B uses the interfaces to A and B
If bull LAN Brsquos next hop to the switch with lowest ID is
LAN A andbull LAN Crsquorsquos next hop to the switch with lowest ID is
LAN Dbull then switch B2 will disconnect from LAN B and C
B3
LAN A
LAN B
B2
LAN C
B1
LAN D
B0
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Spanning Tree Algorithm (2)
Bridges exchange messages with the following information 1 The ID of the bridge that is sending the message 2 The ID for what the sending bridge believes to be the
root bridge 3 The distance (hops) from the sending bridge to the root
bridge
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
Note we find these paths not for forwarding but only to decide which interfaces to ldquoturn offrsquordquoOf course if a frame is headed to the root then it will follow the shortest path Unfortunately the root might not be the gateway
A B
C
DE F
GH
I
J
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each switch computes distance to root in terms of LAN hops
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Each of the roots interfaces is ON
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Arsquos next hop is LAN E Turn on the two interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7 so LAN E is used as the next hop
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Brsquos next hop is LAN E or FBut B5 has a lower ID than B7so LAN E is used as the next hop Turn on the interface
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Drsquos next hop is LAN GTurn on the two interfaces
Note that B3 will not have any interfaces ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
LAN Crsquos next hop is LAN F Turn on the interfaces
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
B3
B1
B7
B2
B5
B4B6
Which interfaces to keep and which to ignorePretend that the objective is to find shortest paths from each LAN to root switch (the one with smallest ID) and use least cost with minimum ID to break ties By shortest path we mean paths from a LAN to the route switch that visits the smallest number of switches
A switch will keep an interface active if1 the interface is along a LANrsquos shortest
path to the root2 If a LAN has more than one shortest
path then switch with the smallest ID is used
Take a distance vector approach so we only consider neighbors
A B
C
DE F
GH
I
J
0
12
1
1 1
1
Which other interfaces are ldquoonrdquo
Layer 2 Routing
L2 routing table is automatically maintained (set up and updated as topology changes)
3 mechanisms Loop resolution Address learning Frame forwarding Typically ignore security such as ARP attacks access
control etc Loop resolution must happen before address
learning On the EECIS network the link to the campus
network would go down for ~50ms This would trigger loop resolution
bull During which time no packets were forwarded
Switches vs Routers both store-and-forward devices
routers network layer devices (examine network layer headers) switches are link layer devices
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
hellip ldquoinvisiblerdquo at internetwork layer Looks like a link layer technology to IP
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of
Slotted Aloha ndash frames are only transmitted during slots they cannot cross slot boundaries
Slotted Aloha
Slotted Aloha Performance
ALOHA and Slotted ALOHA
CSMA (Carrier Sense Multiple Access)
Question
CSMA collisions
CSMACD collision detection
Slide 43
CSMACD
CSMACD (Collision Detection)
persistent
Exponential Backoff
ldquoTaking Turnsrdquo MAC protocols
Slide 49
Slide 50
Slide 51
Slide 52
Slide 53
Summary of MAC protocols
Slide 55
MAC Addresses and ARP
LAN Addresses and ARP
LAN Address (more)
ARP Address Resolution Protocol
ARP protocol Same LAN (network)
Slide 61
Addressing routing to another LAN
Slide 63
ARP
ARP spoofing ndash man-in-the-middle attack
Slide 66
Slide 67
Slide 68
Slide 69
Slide 70
Slide 71
Ethernet
Star topology
Ethernet Frame Structure
Ethernet Frame Structure (more)
Ethernet Unreliable connectionless
Ethernet CSMACD algorithm
Ethernetrsquos CSMACD (more)
CSMACD efficiency
8023 Ethernet Standards Link amp Physical Layers
Manchester encoding
Slide 82
Hubs
Interconnecting with hubs
Switch
Switch allows multiple simultaneous transmissions
Switch Table
Switch self-learning
Switch frame filteringforwarding
Self-Learning
Slide 91
Slide 92
Slide 93
Slide 94
Slide 95
Slide 96
Slide 97
Slide 98
Slide 99
Poorly Designed Institutional network Why
Institutional network without a single point of failure
Slide 102
Loop Resolution
Spanning Tree Algorithm (1)
Spanning Tree Algorithm (2)
Slide 106
Slide 107
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Layer 2 Routing
Switches vs Routers
Summary comparison
Slide 120
Typical LAN
VLAN
VLAN
LAN VS VLAN
VLAN across backbone
Routerrsquos Role
VLAN Techniques
Frame Tagging
VLAN implementation
Port-Centric VLAN
Static VLAN
Dynamic VLAN
Virtualization of networks
The Internet virtualizing networks
Slide 135
Cerf amp Kahnrsquos Internetwork Architecture
Multiprotocol label switching (MPLS)
MPLS capable routers
MPLS forwarding tables
Chapter 5 Summary
Chapter 5 letrsquos take a breath
Multiprotocol label switching (MPLS)
initial goal speed up IP forwarding by using fixed length label (instead of IP address) to do forwarding borrowing ideas from Virtual Circuit (VC) approach but IP datagram still keeps IP address
PPP or Ethernet header
IP header remainder of link-layer frameMPLS header
label Exp S TTL
20 3 1 5
MPLS capable routers
aka label-switched router forwards packets to outgoing interface based
only on label value (donrsquot inspect IP address) MPLS forwarding table distinct from IP forwarding
tables signaling protocol needed to set up forwarding
RSVP-TE forwarding possible along paths that IP alone would
not allow (eg source-specific routing) use MPLS for traffic engineering
must co-exist with IP-only routers
R1R2
D
R3R4R5
0
1
00
A
R6
in out outlabel label dest interface 6 - A 0
in out outlabel label dest interface10 6 A 1
12 9 D 0
in out outlabel label dest interface 10 A 0
12 D 0
1
in out outlabel label dest interface 8 6 A 0
0
8 A 1
MPLS forwarding tables
Chapter 5 Summary principles behind data link layer services
error detection correction sharing a broadcast channel multiple access link layer addressing
instantiation and implementation of various link layer technologies Ethernet switched LANS PPP virtualized networks as a link layer ATM
MPLS
Chapter 5 letrsquos take a breath journey down protocol stack complete
(except PHY) solid understanding of networking
principles practice hellip could stop here hellip but lots of