|
|
|
|
Ethernet
|
| |
|
| |
Ethernet is a family of frame-based computer networking technologies for local area networks (LANs). The name comes from the physical concept of the ether. It defines a number of wiring and signaling standards for the Physical Layer of the OSI networking model, through means of network access at the Media Access Control (MAC) /Data Link Layer, and a common addressing format.
Ethernet is standardized as IEEE 802.3. The combination of the twisted pair versions of Ethernet for connecting end systems to the network, along with the fiber optic versions for site backbones, is the most widespread wired LAN technology.
Discussion
Ask a question about 'Ethernet' Start a new discussion about 'Ethernet' Answer questions from other users |
Encyclopedia
Ethernet is a family of frame-based computer networking technologies for local area networks (LANs). The name comes from the physical concept of the ether. It defines a number of wiring and signaling standards for the Physical Layer of the OSI networking model, through means of network access at the Media Access Control (MAC) /Data Link Layer, and a common addressing format.
Ethernet is standardized as IEEE 802.3. The combination of the twisted pair versions of Ethernet for connecting end systems to the network, along with the fiber optic versions for site backbones, is the most widespread wired LAN technology. It has been in use from around 1980 to the present, largely replacing competing LAN standards such as token ring, FDDI, and ARCNET.
History
Ethernet was originally developed at Xerox PARC in 1973–1975. In 1975, Xerox filed a patent application listing Robert Metcalfe and David Boggs, plus Chuck Thacker and Butler Lampson, as inventors (: Multipoint data communication system with collision detection). In 1976, after the system was deployed at PARC, Metcalfe and Boggs published a seminal paper.
The experimental Ethernet described in that paper ran at 3 Mbit/s, and had 8-bit destination and source address fields, so the original Ethernet addresses were not the MAC addresses they are today. By software convention, the 16 bits after the destination and source address fields were a packet type field, but, as the paper says, "different protocols use disjoint sets of packet types", so those were packet types within a given protocol, rather than the packet type in current Ethernet which specifies the protocol being used.
Metcalfe left Xerox in 1979 to promote the use of personal computers and local area networks (LANs), forming 3Com. He convinced DEC, Intel, and Xerox to work together to promote Ethernet as a standard, the so-called "DIX" standard, for "Digital/Intel/Xerox"; it standardized the 10 megabits/second Ethernet, with 48-bit destination and source addresses and a global 16-bit type field. The standard was first published on September 30 1980. It competed with two largely proprietary systems, token ring and ARCNET, but those soon found themselves buried under a tidal wave of Ethernet products. In the process, 3Com became a major company.
Twisted-pair Ethernet systems have been developed since the mid-80s, beginning with StarLAN, but becoming widely known with 10BASE-T. These systems replaced the coaxial cable on which early Ethernets were deployed with a system of hubs linked with unshielded twisted pair (UTP), ultimately replacing the CSMA/CD scheme in favor of a switched full duplex system offering higher performance.
General description
Ethernet was originally based on the idea of computers communicating over a shared coaxial cable acting as a broadcast transmission medium. The methods used show some similarities to radio systems, although there are fundamental differences, such as the fact that it is much easier to detect collisions in a cable broadcast system than a radio broadcast. The common cable providing the communication channel was likened to the ether and it was from this reference that the name "Ethernet" was derived.
From this early and comparatively simple concept, Ethernet evolved into the complex networking technology that today underlies most LANs. The coaxial cable was replaced with point-to-point links connected by Ethernet hubs and/or switches to reduce installation costs, increase reliability, and enable point-to-point management and troubleshooting. StarLAN was the first step in the evolution of Ethernet from a coaxial cable bus to a hub-managed, twisted-pair network. The advent of twisted-pair wiring dramatically lowered installation costs relative to competing technologies, including the older Ethernet technologies.
Above the physical layer, Ethernet stations communicate by sending each other data packets, blocks of data that are individually sent and delivered. As with other IEEE 802 LANs, each Ethernet station is given a single 48-bit MAC address, which is used both to specify the destination and the source of each data packet. Network interface cards (NICs) or chips normally do not accept packets addressed to other Ethernet stations. Adapters generally come programmed with a globally unique address, but this can be overridden, either to avoid an address change when an adapter is replaced, or to use locally administered addresses.
Despite the significant changes in Ethernet from a thick coaxial cable bus running at 10 Mbit/s to point-to-point links running at 1 Gbit/s and beyond, all generations of Ethernet (excluding early experimental versions) share the same frame formats (and hence the same interface for higher layers), and can be readily interconnected.
Due to the ubiquity of Ethernet, the ever-decreasing cost of the hardware needed to support it, and the reduced panel space needed by twisted pair Ethernet, most manufacturers now build the functionality of an Ethernet card directly into PC motherboards, obviating the need for installation of a separate network card.
Dealing with multiple clients
CSMA/CD shared medium Ethernet
Ethernet originally used a shared coaxial cable (the shared medium) winding around a building or campus to every attached machine. A scheme known as carrier sense multiple access with collision detection (CSMA/CD) governed the way the computers shared the channel. This scheme was simpler than the competing token ring or token bus technologies. When a computer wanted to send some information, it used the following algorithm:
Main procedure
- Frame ready for transmission.
- Is medium idle? If not, wait until it becomes ready and wait the interframe gap period (9.6 µs in 10 Mbit/s Ethernet).
- Start transmitting.
- Did a collision occur? If so, go to collision detected procedure.
- Reset retransmission counters and end frame transmission.
Collision detected procedure
- Continue transmission until minimum packet time is reached (jam signal) to ensure that all receivers detect the collision.
- Increment retransmission counter.
- Was the maximum number of transmission attempts reached? If so, abort transmission.
- Calculate and wait random backoff period based on number of collision
- Re-enter main procedure at stage 1.
This can be likened to what happens at a dinner party, where all the guests talk to each other through a common medium (the air). Before speaking, each guest politely waits for the current speaker to finish. If two guests start speaking at the same time, both stop and wait for short, random periods of time (in Ethernet, this time is generally measured in microseconds). The hope is that by each choosing a random period of time, both guests will not choose the same time to try to speak again, thus avoiding another collision. Exponentially increasing back-off times (determined using the truncated binary exponential backoff algorithm) are used when there is more than one failed attempt to transmit.
Computers were connected to an Attachment Unit Interface (AUI) transceiver, which was in turn connected to the cable (later with thin Ethernet the transceiver was integrated into the network adapter). While a simple passive wire was highly reliable for small Ethernets, it was not reliable for large extended networks, where damage to the wire in a single place, or a single bad connector, could make the whole Ethernet segment unusable. Multipoint systems are also prone to very strange failure modes when an electrical discontinuity reflects the signal in such a manner that some nodes would work properly while others work slowly because of excessive retries or not at all (see standing wave for an explanation of why); these could be much more painful to diagnose than a complete failure of the segment. Debugging such failures often involved several people crawling around wiggling connectors while others watched the displays of computers running a ping command and shouted out reports as performance changed.
Since all communications happen on the same wire, any information sent by one computer is received by all, even if that information is intended for just one destination. The network interface card interrupts the CPU only when applicable packets are received: the card ignores information not addressed to it unless it is put into "promiscuous mode". This "one speaks, all listen" property is a security weakness of shared-medium Ethernet, since a node on an Ethernet network can eavesdrop on all traffic on the wire if it so chooses. Use of a single cable also means that the bandwidth is shared, so that network traffic can slow to a crawl when, for example, the network and nodes restart after a power failure.
Repeaters and hubs
For signal degradation and timing reasons, coaxial Ethernet segments had a restricted size which depended on the medium used. For example, 10BASE5 coax cables had a maximum length of 500 meters (1,640 ft). Also, as was the case with most other high-speed buses, Ethernet segments had to be terminated with a resistor at each end. For coaxial-cable-based Ethernet, each end of the cable had a 50-ohm resistor attached. Typically this resistor was built into a male BNC or N connector and attached to the last device on the bus, or, if vampire taps were in use, to the end of the cable just past the last device. If termination was not done, or if there was a break in the cable, the AC signal on the bus was reflected, rather than dissipated, when it reached the end. This reflected signal was indistinguishable from a collision, and so no communication would be able to take place.
A greater length could be obtained by an Ethernet repeater, which took the signal from one Ethernet cable and repeated it onto another cable. If a collision was detected, the repeater transmitted a jam signal onto all ports to ensure collision detection. Repeaters could be used to connect segments such that there were up to five Ethernet segments between any two hosts, three of which could have attached devices. Repeaters could detect an improperly terminated link from the continuous collisions and stop forwarding data from it. Hence they alleviated the problem of cable breakages: when an Ethernet coax segment broke, while all devices on that segment were unable to communicate, repeaters allowed the other segments to continue working - although depending on which segment was broken and the layout of the network the partitioning that resulted may have made other segments unable to reach important servers and thus effectively useless.
People recognized the advantages of cabling in a star topology, primarily that only faults at the star point will result in a badly partitioned network, and network vendors started creating repeaters having multiple ports, thus reducing the number of repeaters required at the star point. Multiport Ethernet repeaters became known as "Ethernet hubs". Network vendors such as DEC and SynOptics sold hubs that connected many 10BASE2 thin coaxial segments. There were also "multi-port transceivers" or "fan-outs". These could be connected to each other and/or a coax backbone. The best-known early example was DEC's DELNI. These devices allowed multiple hosts with AUI connections to share a single transceiver. They also allowed creation of a small standalone Ethernet segment without using a coaxial cable.
Ethernet on unshielded twisted-pair cables (UTP), beginning with StarLAN and continuing with 10BASE-T, was designed for point-to-point links only and all termination was built into the device. This changed hubs from a specialist device used at the center of large networks to a device that every twisted pair-based network with more than two machines had to use. The tree structure that resulted from this made Ethernet networks more reliable by preventing faults with (but not deliberate misbehavior of) one peer or its associated cable from affecting other devices on the network, although a failure of a hub or an inter-hub link could still affect lots of users. Also, since twisted pair Ethernet is point-to-point and terminated inside the hardware, the total empty panel space required around a port is much reduced, making it easier to design hubs with lots of ports and to integrate Ethernet onto computer motherboards.
Despite the physical star topology, hubbed Ethernet networks still use half-duplex and CSMA/CD, with only minimal activity by the hub, primarily the Collision Enforcement signal, in dealing with packet collisions. Every packet is sent to every port on the hub, so bandwidth and security problems aren't addressed. The total throughput of the hub is limited to that of a single link and all links must operate at the same speed.
Collisions reduce throughput by their very nature. In the worst case, when there are lots of hosts with long cables that attempt to transmit many short frames, excessive collisions can reduce throughput dramatically. However, a Xerox report in 1980 summarized the results of having 20 fast nodes attempting to transmit packets of various sizes as quickly as possible on the same Ethernet segment. The results showed that, even for the smallest Ethernet frames (64B), 90% throughput on the LAN was the norm. This is in comparison with token passing LANs (token ring, token bus), all of which suffer throughput degradation as each new node comes into the LAN, due to token waits.
This report was wildly controversial, as modeling showed that collision-based networks became unstable under loads as low as 40% of nominal capacity. Many early researchers failed to understand the subtleties of the CSMA/CD protocol and how important it was to get the details right, and were really modeling somewhat different networks (usually not as good as real Ethernet).
Bridging and switching
While repeaters could isolate some aspects of Ethernet segments, such as cable breakages, they still forwarded all traffic to all Ethernet devices. This created practical limits on how many machines could communicate on an Ethernet network. Also as the entire network was one collision domain and all hosts had to be able to detect collisions anywhere on the network, and the number of repeaters between the farthest nodes was limited. Finally segments joined by repeaters had to all operate at the same speed, making phased-in upgrades impossible.
To alleviate these problems, bridging was created to communicate at the data link layer while isolating the physical layer. With bridging, only well-formed packets are forwarded from one Ethernet segment to another; collisions and packet errors are isolated. Bridges learn where devices are, by watching MAC addresses, and do not forward packets across segments when they know the destination address is not located in that direction.
Prior to discovery of network devices on the different segments, Ethernet bridges and switches work somewhat like Ethernet hubs, passing all traffic between segments. However, as the switch discovers the addresses associated with each port, it only forwards network traffic to the necessary segments, improving overall performance. Broadcast traffic is still forwarded to all network segments. Bridges also overcame the limits on total segments between two hosts and allowed the mixing of speeds, both of which became very important with the introduction of Fast Ethernet.
Early bridges examined each packet one by one using software on a CPU, and some of them were significantly slower than hubs (multi-port repeaters) at forwarding traffic, especially when handling many ports at the same time. This was in part due to the fact that the entire Ethernet packet would be read into a buffer, the destination address compared with an internal table of known MAC addresses and a decision made as to whether to drop the packet or forward it to another or all segments.
In 1989 the networking company Kalpana introduced their EtherSwitch, the first Ethernet switch. This worked somewhat differently from an Ethernet bridge, in that only the header of the incoming packet would be examined before it was either dropped or forwarded to another segment. This greatly cut down the forwarding latency and the processing load at a stroke, revolutionising Ethernet. One drawback of this cut-through switching method was that packets that had been corrupted at a point beyond the header could still be propagated through the network, so a jabbering station could continue to disrupt the entire network. The remedy for this was to make available store-and-forward switching, where the packet would be read into a buffer on the switch in its entirety, verified against its checksum and then forwarded. This was essentially a return to the orginal approach of bridging, but with the advantage of more powerful, application-specific processors being used. Hence the bridging is then done in hardware, allowing packets to be forwarded at full wire speed. It is important to remember that the term switch was invented by device manufacturers and does not appear in the 802.3 standard.
Since packets are typically only delivered to the port they are intended for, traffic on a switched Ethernet is slightly less public than on shared-medium Ethernet. Despite this, switched Ethernet should still be regarded as an insecure network technology, because it is easy to subvert switched Ethernet systems by means such as ARP spoofing and MAC flooding. The bandwidth advantages, the slightly better isolation of devices from each other, the ability to easily mix different speeds of devices and the elimination of the chaining limits inherent in non-switched Ethernet have made switched Ethernet the dominant network technology.
When a twisted pair or fiber link segment is used and neither end is connected to a hub, full-duplex Ethernet becomes possible over that segment. In full duplex mode both devices can transmit and receive to/from each other at the same time, and there is no collision domain. This doubles the aggregate bandwidth of the link and is sometimes advertised as double the link speed (e.g. 200 Mbit/s) to account for this. However, this is misleading as performance will only double if traffic patterns are symmetrical (which in reality they rarely are). The elimination of the collision domain also means that all the link's bandwidth can be used and that segment length is not limited by the need for correct collision detection (this is most significant with some of the fiber variants of Ethernet).
Dual speed hubs
In the early days of Fast Ethernet, Ethernet switches were relatively expensive devices. However, hubs suffered from the problem that if there were any 10BASE-T devices connected then the whole system would have to run at 10 Mbit. Therefore a compromise between a hub and a switch appeared known as a dual speed hub. These devices consisted of an internal two-port switch, dividing the 10BASE-T (10 Mbit) and 100BASE-T (100 Mbit) segments. The device would typically consist of more than two physical ports. When a network device becomes active on any of the physical ports, the device attaches it to either the 10BASE-T segment or the 100BASE-T segment, as appropriate. This prevented the need for an all-or-nothing migration from 10BASE-T to 100BASE-T networks. These devices are also known as dual-speed hubs because the traffic between devices connected at the same speed is not switched.
More advanced networks
Simple switched Ethernet networks, while an improvement over hub based Ethernet, suffer from a number of issues:
- They suffer from single points of failure. If any link fails some devices will be unable to communicate with other devices and if the link that fails is in a central location lots of users can be cut off from the resources they require.
- It is possible to trick switches or hosts into sending data to your machine even if it's not intended for it (see switch vulnerabilities).
- Large amounts of broadcast traffic, whether malicious, accidental, or simply a side effect of network size can flood slower links and/or systems.
- It is possible for any host to flood the network with broadcast traffic forming a denial of service attack against any hosts that run at the same or lower speed as the attacking device.
- As the network grows, normal broadcast traffic takes up an ever greater amount of bandwidth.
- If switches are not multicast aware, multicast traffic will end up treated like broadcast traffic due to being directed at a MAC with no associated port.
- If switches discover more MAC addresses than they can store (either through network size or through an attack) some addresses must inevitably be dropped and traffic to those addresses will be treated the same way as traffic to unknown addresses, that is essentially the same as broadcast traffic (this issue is known as failopen).
- They suffer from bandwidth choke points where a lot of traffic is forced down a single link.
Some switches offer a variety of tools to combat these issues including:
- Spanning-tree protocol to maintain the active links of the network as a tree while allowing physical loops for redundancy.
- Various port protection features, as it is far more likely an attacker will be on an end system port than on a switch-switch link.
- VLANs to keep different classes of users separate while using the same physical infrastructure.
- Fast routing at higher levels to route between those VLANs.
- Link aggregation to add bandwidth to overloaded links and to provide some measure of redundancy, although the links won't protect against switch failure because they connect the same pair of switches.
Autonegotiation and duplex mismatch
Many different modes of operations (10BASE-T half duplex, 10BASE-T full duplex, 100BASE-TX half duplex, …) exist for Ethernet over twisted pair cable using 8P8C modular connectors (not to be confused with FCC's RJ45), and most devices are capable of different modes of operations. In 1995, IEEE standard 802.3u (100baseTX) was released, allowing two network interfaces connected to each other to autonegotiate the best possible shared mode of operation. This works well for a network in which every device being set to autonegotiate.
The autonegotiation standard contained a mechanism for detecting the speed but not the duplex setting of an Ethernet peer that did not use autonegotiation. An autonegotiating device defaults to half duplex, when the remote does not negotiate, as the remote peer is assumed to be a hub (which always has autonegotiation disabled and supports only half duplex mode).
If the remote is operating in half duplex mode this works. But if remote is in full duplex mode, this generates a duplex mismatch.
When two interfaces are connected and set to different "duplex" modes, the effect of the duplex mismatch is a network that works, but is much slower than its nominal speed, and generates more collisions. The primary rule for avoiding this is to never set one end of a connection to a forced full duplex setting and the other end to autonegotiation.
Interoperability problems lead some naive network administrators to manually fix the mode of operation of interfaces on network devices. What would happen is that some device would fail to autonegotiate and therefore had to be set into one setting or another. This often led to duplex setting mismatches. In particular, when two interfaces are connected to each other with one set to autonegotiation and one set to full duplex mode, a duplex mismatch results because the autonegotiation process fails and half duplex is assumed. The interface in full duplex mode then transmits at the same time as receiving, and the interface in half duplex mode then gives up on transmitting a frame. The interface in half duplex mode is not ready to receive a frame, so it signals a collision, and transmissions are halted, for amounts of time based on backoff (random wait times) algorithms.
When both packets start trying to transmit again, they interfere again and the backoff strategy may result in a longer and longer wait time before attempting to transmit again; eventually a transmission succeeds but this then causes the flood and collisions to resume.
Because of the wait times, the effect of a duplex mismatch is a network that is not completely 'broken' but is incredibly slow. This bad behaviour can be tolerated on low traffic link, but is really dramatic under heavy bandwidth transfer attempt, and can lead to a complete stop of the traffic.
Take note that while autonegotiation is not required for 10/100 Mbit/s, it is recommended as default behaviour by IEEE 802.3u.
However, 1000baseT devices require autonegotiation to be active to elect the clock master (source of timing).
Enabing autonegotiation on every node eases transition from 10/100Mbit/s to 1000baseT switch and LAN.
There are no disadvantages of keeping autonegotiation active on all devices, because complete physical link behaviours are controlled through autonegotiation (speed, duplex, clock master and flow control). For example, to force a single speed link you can keep negotiation on, but negotiate only one speed. So the old method with autonegotiation off is deprecated everywhere, on switch and LAN cards.
Physical layer
The first Ethernet networks, 10BASE5, used thick yellow cable with vampire taps as a shared medium (using CSMA/CD). Later, 10BASE2 Ethernet used thinner coaxial cable (with BNC connectors) as the shared CSMA/CD medium. The later StarLAN 1BASE5 and 10BASE-T used twisted pair connected to Ethernet hubs with 8P8C modular connectors (not to be confused with FCC's RJ45).
Currently Ethernet has many varieties that vary both in speed and physical medium used. Perhaps the most common forms used are 10BASE-T, 100BASE-TX, and 1000BASE-T. All three utilize twisted pair cables and 8P8C modular connectors (often called RJ45). They run at 10 Mbit/s, 100 Mbit/s, and 1 Gbit/s, respectively. However each version has become steadily more selective about the cable it runs on and some installers have avoided 1000BASE-T for everything except short connections to servers.
Fiber optic variants of Ethernet are commonly used in structured cabling applications. These variants have also seen substantial penetration in enterprise datacenter applications, but are rarely seen connected to end user systems for cost/convenience reasons. Their advantages lie in performance, electrical isolation and distance, up to tens of kilometers with some versions. Fiber versions of a new higher speed almost invariably come out before copper. 10 gigabit Ethernet is becoming more popular in both enterprise and carrier networks, with development starting on 40 Gbit/s and 100 Gbit/s Ethernet. Metcalfe now believes commercial applications using terabit Ethernet may occur by 2015 though he says existing Ethernet standards may have to be overthrown to reach terabit Ethernet.
A data packet on the wire is called a frame. A frame viewed on the actual physical wire would show Preamble and Start Frame Delimiter, in addition to the other data. These are required by all physical hardware. They are not displayed by packet sniffing software because these bits are removed by the Ethernet adapter before being passed on to the host (in contrast, it is often the device driver which removes the CRC32 (FCS) from the packets seen by the user).
The table below shows the complete Ethernet frame, as transmitted. Note that the bit patterns in the preamble and start of frame delimiter are written as bit strings, with the first bit transmitted on the left (not as byte values, which in Ethernet are transmitted least significant bit first). This notation matches the one used in the IEEE 802.3 standard.
802.3 MAC Frame | Preamble | Start-of-Frame-Delimiter | MAC destination | MAC source | Ethertype/Length | Payload (Data and padding) | CRC32 | Interframe gap |
|---|
| 7 octets of 10101010 | 1 octet of 10101011 | 6 octets | 6 octets | 2 octets | 46-1500 octets | 4 octets | 12 octets | | | 64-1518 octets | | | 72-1526 octets | |
After a frame has been sent transmitters are required to transmit 12 octets of idle characters before transmitting the next frame. For 10M this takes 9600 ns, 100M 960 ns, 1000M 96 ns.
10/100M transceiver chips (MII PHY) work with 4-bits (nibble) at a time. Therefore the preamble will be 7 instances of 0101 + 0101, and the Start Frame Delimiter will be 0101 + 1101. 8-bit values are sent low 4-bit and then high 4-bit. 1000M transceiver chips (GMII) work with 8 bits at a time, and 10 Gbit/s (XGMII) PHY works with 32 bits at a time.
Some implementations use larger jumbo frames.
Ethernet frame types and the EtherType field
There are several types of Ethernet frames:
In addition, all four Ethernet frames types may optionally contain a IEEE 802.1Q tag to identify what VLAN it belongs to and its IEEE 802.1p priority (quality of service). This encapsulation is defined in the IEEE 802.3ac specification and increases the maximum frame by 4 bytes to 1522 bytes.
The different frame types have different formats and MTU values, but can coexist on the same physical medium.
Versions 1.0 and 2.0 of the Digital/Intel/Xerox (DIX) Ethernet specification have a 16-bit sub-protocol label field called the EtherType. The new IEEE 802.3 Ethernet specification replaced that with a 16-bit length field, with the MAC header followed by an IEEE 802.2 logical link control (LLC) header. The maximum length of a frame was 1518 bytes for untagged (1522 for 802.1p or 802.1q tagged) classical Ethernet v2 and IEEE802.3 frames. The two formats were eventually unified by the convention that values of that field between 64 and 1522 indicated the use of the new 802.3 Ethernet format with a length field, while values of 1536 decimal (0600 hexadecimal) and greater indicated the use of the original DIX or Ethernet II frame format with an EtherType sub-protocol identifier. This convention allows software to determine whether a frame is an Ethernet II frame or an IEEE 802.3 frame, allowing the coexistence of both standards on the same physical medium. See also Jumbo Frames.
By examining the 802.2 LLC header, it is possible to determine whether it is followed by a SNAP (subnetwork access protocol) header. Some protocols, particularly those designed for the OSI networking stack, operate directly on top of 802.2 LLC, which provides both datagram and connection-oriented network services. The LLC header includes two additional eight-bit address fields, called service access points or SAPs in OSI terminology; when both source and destination SAP are set to the value 0xAA, the SNAP service is requested. The SNAP header allows EtherType values to be used with all IEEE 802 protocols, as well as supporting private protocol ID spaces. In IEEE 802.3x-1997, the IEEE Ethernet standard was changed to explicitly allow the use of the 16-bit field after the MAC addresses to be used as a length field or a type field.
Novell's "raw" 802.3 frame format was based on early IEEE 802.3 work. Novell used this as a starting point to create the first implementation of its own IPX Network Protocol over Ethernet. They did not use any LLC header but started the IPX packet directly after the length field. This does not conform to the IEEE 802.3 standard, but since IPX has always FF at the first two bytes (while in IEEE 802.2 LLC that pattern is theoretically possible but extremely unlikely), in practice this mostly coexists on the wire with other Ethernet implementations, with the notable exception of some early forms of DECnet which got confused by this.
Novell NetWare used this frame type by default until the mid nineties, and since Netware was very widespread back then, while IP was not, at some point in time most of the world's Ethernet traffic ran over "raw" 802.3 carrying IPX. Since Netware 4.10, Netware now defaults to IEEE 802.2 with LLC (Netware Frame Type Ethernet_802.2) when using IPX. (See "Ethernet Framing" in References for details.)
Mac OS uses 802.2/SNAP framing for the AppleTalk V2 protocol suite on Ethernet ("EtherTalk") and Ethernet II framing for TCP/IP.
The 802.2 variants of Ethernet are not in widespread use on common networks currently, with the exception of large corporate Netware installations that have not yet migrated to Netware over IP. In the past, many corporate networks supported 802.2 Ethernet to support transparent translating bridges between Ethernet and IEEE 802.5 Token Ring or FDDI networks. The most common framing type used today is Ethernet Version 2, as it is used by most Internet Protocol-based networks, with its EtherType set to 0x0800 for IPv4 and 0x86DD for IPv6.
There exists an Internet standard for encapsulating IP version 4 traffic in IEEE 802.2 frames with LLC/SNAP headers. It is almost never implemented on Ethernet (although it is used on FDDI and on token ring, IEEE 802.11, and other IEEE 802 networks). IP traffic cannot be encapsulated in IEEE 802.2 LLC frames without SNAP because, although there is an LLC protocol type for IP, there is no LLC protocol type for ARP. IP Version 6 can also be transmitted over Ethernet using IEEE 802.2 with LLC/SNAP, but, again, that's almost never used (although LLC/SNAP encapsulation of IPv6 is used on IEEE 802 networks).
The IEEE 802.1Q tag, if present, is placed between the Source Address and the EtherType or Length fields. The first two bytes of the tag are the Tag Protocol Identifier (TPID) value of 0x8100. This is located in the same place as the EtherType/Length field in untagged frames, so an EtherType value of 0x8100 means the frame is tagged, and the true EtherType/Length is located after the Q-tag. The TPID is followed by two bytes containing the Tag Control Information (TCI) (the IEEE 802.1p priority (quality of service) and VLAN id). The Q-tag is followed by the rest of the frame, using one of the types described above.
Runt frames
A runt frame is an Ethernet frame that is less than the IEEE 802.3 minimum length of 64 bytes. Possible causes are collision, underruns, bad network card or software.
Varieties of Ethernet
Some early varieties
- 10BASE5: the original standard uses a single coaxial cable into which you literally tap a connection by drilling into the cable to connect to the core and screen. Largely obsolete, though due to its widespread deployment in the early days, some systems may still be in use.
- 10BROAD36: Obsolete. An early standard supporting Ethernet over longer distances. It utilized broadband modulation techniques, similar to those employed in cable modem systems, and operated over coaxial cable.
- 1BASE5: An early attempt to standardize a low-cost LAN solution, it operates at 1 Mbit/s and was a commercial failure.
10Mbit/s Ethernet
- 10BASE2 (also called ThinNet or Cheapernet): 50-ohm coaxial cable connects machines together, each machine using a T-adaptor to connect to its NIC. Requires terminators at each end. For many years this was the dominant Ethernet standard 10 Mbit/s.
- 10BASE-T: runs over four wires (two twisted pairs) on a Category 3 or Category 5 cable. A hub or switch sits in the middle and has a port for each node. This is also the configuration used for 100BASE-T and gigabit Ethernet. 10 Mbit/s.
- FOIRL: Fiber-optic inter-repeater link. The original standard for Ethernet over fibre.
- 10BASE-F: A generic term for the new family of 10 Mbit/s Ethernet standards: 10BASE-FL, 10BASE-FB and 10BASE-FP. Of these only 10BASE-FL is in widespread use.
- 10BASE-FL: An updated version of the FOIRL standard.
- 10BASE-FB: Intended for backbones connecting a number of hubs or switches, it is now obsolete.
- 10BASE-FP: A passive star network that required no repeater, it was never implemented
Fast Ethernet
- 100BASE-T: A term for any of the three standard for 100 Mbit/s Ethernet over twisted pair cable. Includes 100BASE-TX, 100BASE-T4 and 100BASE-T2.
- 100BASE-TX: Uses two pairs, but requires Category 5 cable. Similar star-shaped configuration to 10BASE-T. 100 Mbit/s.
- 100BASE-T4: 100 Mbit/s Ethernet over Category 3 cabling (as used for 10BASE-T installations). Uses all four pairs in the cable. Now obsolete, as Category 5 cabling is the norm. Limited to half-duplex.
- 100BASE-T2: No products exist. 100 Mbit/s Ethernet over Category 3 cabling. Supports full-duplex, and uses only two pairs. It is functionally equivalent to 100BASE-TX, but supports old cable.
- 100BASE-FX: 100 Mbit/s Ethernet over fibre.
Gigabit Ethernet
- 1000BASE-T: 1 Gbit/s over Category 5e copper cabling.
- 1000BASE-SX: 1 Gbit/s over fiber.
- 1000BASE-LX: 1 Gbit/s over fiber. Optimized for longer distances over single-mode fiber.
- 1000BASE-CX: A short-haul solution (up to 25 m) for running 1 Gbit/s Ethernet over special copper cable. Predates 1000BASE-T, and now obsolete.
10-gigabit Ethernet
The 10-gigabit Ethernet family of standards encompasses media types for single-mode fibre (long haul), multi-mode fibre (up to 300 m), copper backplane (up to 1 m) and copper twisted pair (up to 100 m). It was first standardised as IEEE Std 802.3ae-2002, but is now included in IEEE Std 802.3-2008.
- 10GBASE-SR: designed to support short distances over deployed multi-mode fiber cabling, it has a range of between 26 m and 82 m depending on cable type. It also supports 300 m operation over a new 2000 MHz·km multi-mode fiber.
- 10GBASE-LX4: uses wavelength division multiplexing to support ranges of between 240 m and 300 m over deployed multi-mode cabling. Also supports 10 km over single-mode fiber.
- 10GBASE-LR and 10GBASE-ER: these standards support 10 km and 40 km respectively over single-mode fiber.
- 10GBASE-SW, 10GBASE-LW and 10GBASE-EW. These varieties use the WAN PHY, designed to interoperate with OC-192 / STM-64 SONET/SDH equipment. They correspond at the physical layer to 10GBASE-SR, 10GBASE-LR and 10GBASE-ER respectively, and hence use the same types of fiber and support the same distances. (There is no WAN PHY standard corresponding to 10GBASE-LX4.)
- 10GBASE-T: designed to support copper twisted pair was specified by the IEEE Std 802.3an-2006 which has been incorporated into the IEEE Std 802.3-2008.
Ten-gigabit Ethernet is still an emerging technology, and it remains to be seen which of the standards will gain commercial acceptance.
Related standards
- Networking standards that are not part of the IEEE 802.3 Ethernet standard, but support the Ethernet frame format, and are capable of interoperating with it.
- LattisNet—A SynOptics pre-standard twisted-pair 10 Mbit/s variant.
- 100BaseVG—An early contender for 100 Mbit/s Ethernet. It runs over Category 3 cabling. Uses four pairs. Commercial failure.
- TIA 100BASE-SX—Promoted by the Telecommunications Industry Association. 100BASE-SX is an alternative implementation of 100 Mbit/s Ethernet over fiber; it is incompatible with the official 100BASE-FX standard. Its main feature is interoperability with 10BASE-FL, supporting autonegotiation between 10 Mbit/s and 100 Mbit/s operation – a feature lacking in the official standards due to the use of differing LED wavelengths. It is targeted at the installed base of 10 Mbit/s fiber network installations.
- TIA 1000BASE-TX—Promoted by the Telecommunications Industry Association, it was a commercial failure, and no products exist. 1000BASE-TX uses a simpler protocol than the official 1000BASE-T standard so the electronics can be cheaper, but requires Category 6 cabling.
It has been observed that Ethernet traffic has self-similar properties, with important consequences for traffic engineering.
See also
External links
|
| |
|
|
