Ethernet LAN switching (2)

Ethernet frame

Ethernet LAN switching (1)#Ethernet frame

  • The Preamble + SFD is usually not considered part of Ethernet header, although it is sent with every Ethernet frame.

  • So Ethernet header = Destination + Source + Type/Length.

  • Size (header + trailer) = 6+6+2+4 = 18 bytes.

  • Minimum size of an Ethernet frame (header + payload-packet + trailer) = 64 bytes.

  • Therefore, the minimum payload (packet) size is 46 bytes (64-18).

  • Maximum payload (packet) size is 1500 bytes.

  • If the payload is less than 46 bytes, padding bytes are added (which are all 0s).

  • Eg: 34-byte packet + 12-byte padding = 46 bytes.

Data path

  • A frame is sent with, but not limited to, destination and source MAC addresses. IP will also be encapsulated within that frame, which includes source and destination IP address.

  • When you send data to another computer, you enter the IP address and not the MAC address.

  • Though the user entered the destination IP address, PC1 has to discover PC3's MAC address by itself.

  • Switches are Layer2 devices and they don't operate at Layer3. So they need to use MAC addresses and not IP.

  • So if PC1 wants to send the ethernet frame to PC3, it has to learn PC3's MAC address. To do so, it uses ARP.

ARP

Intro

  • Address Resolution Protocol.

  • ARP is used to discover the Layer2 address (MAC) of a known Layer3 address (IP).

  • ARP ethernet Type : 0x0806 (indicates ARP packet is inside of that ethernet frame). This indicates that the payload the ethernet frame carries is an ARP packet.

  • Before a PC sends the original frame, it sends the ARP request frame and receives ARP reply (Flooding and Forwarding - Ethernet LAN switching (1)#Scenario).

  • Through that it learns the MAC address of the destination PC and uses that info to add the 'destination MAC address' to the Ethernet frame it wants to send.

  • ARP packet contains : (not limited to) Src IP, Dst IP, Src MAC, Dst MAC.

  • Consists of 2 messages : ARP request, ARP reply.

ARP request

  • sent by the device that wants to know the MAC address of the other device.

  • ARP Request is Broadcast - sent to all hosts on the network, except the one the frame was received on.

  • FFFF.FFFF.FFFF is the broadcast MAC address.

ARP reply

  • sent to inform the requesting device of the MAC address.

  • ARP Reply is Unicast - sent only to one host (the host that sent the request).

ARP table

  • Use 'arp -a' to view the ARP table in Windows/Linux.

  • In Cisco IOS, use 'show arp' from privileged EXEC mode.

  • Columns : Internet address, Physical address, Type

  • Internet address = IP address (Layer3).

  • Physical address = MAC address (Layer2) that correspond to the IP address.

  • Type static = default entry, it wasn't learned by sending an ARP request.

  • Type dynamic = learned via ARP

Extra software used :

  • GNS3 (free) with wireshark and Cisco IOS (paid).

  • Packet tracer is a network simulator, designed to simulate the operation of a real network.

  • GNS3 runs actual Cisco IOS software. So those are real Cisco switches running virtually.

Ping

Intro

  • A network utility that is used to test reachability.

  • Measures the round trip time (from PC1 to PC3 and back to PC1).

  • Uses 2 messages : ICMP Echo request, ICMP Echo reply.

  • ICMP echo request is not broadcasted, it is sent to a specific host.

  • So it has to know the MAC address of the destination host, which is why ARP must be used first.

Process

  • Command : ping (ping-address)

  • Eg: PC1#ping 192.168.1.3

  • By default, a ping in Cisco IOS sends 5 ICMP echo requests, and then you should get 5 ICMP echo replies back, whereas Windows PCs send 4 requests.

  • Default size of each ping is 100 bytes.

  • .!!!! - success rate 80% (period indicates failed ping, exclamation indicates successful ping).

  • First ping failed because PC1 did not know the destination MAC address, so it had to use ARP and in that time first ping failed. And after it learned, the other pings succeeded.

Basically if device A wants to send traffic to device B, which is on the same network, device A has to use ARP to learn device B's MAC address and then it can send traffic.

  • PC1#ping 192.168.1.3 size 36

  • This adds 10 bytes of padding (20 times 0's - hex digits) because the minimum payload size for an ethernet frame is 36 bytes.

MAC address table

Showing

  • Switch#show mac address-table.

  • Columns: Vlan, MAC address, Type, Ports(interfaces)

Aging - If the switch does not get any traffic from that MAC address for 5 minutes, it will remove the entry from the MAC address table.

Clearing

  • Switch#clear mac address-table dynamic

  • Switch#clear mac address-table dynamic address (mac-address)

  • Switch#clear mac address-table dynamic interface (interface-id)

(Packet tracer does not allow you to clear the mac addresses separately, you got to clear them all).

PreviousEthernet LAN switching (1)NextIPv4 addressing (1)

Last updated