content analysis
saumyamadusanka
Topic4-DataLinkLayer.pptxITECH1102 Networking and Security
Topic 4 – The Data Link Layer (Layer 2) [Network Interface]
1
ITECH1102 Networking & Security
2
Last week
Last week we looked at:
The Application Layer
Application layer programs are able to interact by virtue of computer networks.
Examples:
Web Browser (client application) can communicate with a Web Server (Server program)
FTP client (user application) downloading/uploading files from/to an FTP Server (Server program)
Email client accessing Email from an Email server.
Phone App accessing Domino’s Pizza online.
We saw many other categories of Client (user applications) communicating with other application layer programs, including:
BitTorrent
NTP
POP & others.
2
ITECH1102 Networking & Security
3
Application to Application communications
Client Application
Transport
Network
Data Link
Physical
Server Application
Transport
Network
Data Link
Physical
Actual communications proceeds
down through each layer, across the network then up through each server layer.
ITECH1102 Networking & Security
4
Last week (continued)
Last week we also saw:
There are many Application protocols used for data exchange
Examples:
HTTP is used for web traffic
FTP for FTP file transfers
POP for access to email
Protocols define the rules by which communications can take place, for example:
How data is formatted
Who speaks first, then next etc. etc.
ITECH1102 Networking & Security
5
Visualization of client HTTP request from Firefox.
Application
Transport
Network
Data Link
User Program (Firefox)
Physical
Step 1:
User opens browser and enters URL to a web site.
HTTP request is created at the Application layer.
Step 2:
HTTP request is passed to the Transport layer.
Transport layer information (TCP) is added.
Step 3:
The process continues.
IP information is added at the Network layer.
Step 4:
Ethernet information is added at the Data Link Layer.
Then the resulting frame that is sent to the network media.
The reverse process occurs at the server end.
Headers are removed at each layer as the data moves up through the network layers to the application layer.
This is how layers on the source device communicates with its peer layer on the destination device.
The process of adding headers at each Layer is called encapsulation.
Each layer encapsulates the Protocol Data Unit (PDU) from the previous layer with a header.
Headers pass Addressing and other information between peer layers
ITECH1102 Networking & Security
6
This week – Overview of content
The Data Link:
The role of the Data Link
Data Link in the Internet Model of networking
The two parts of the Data Link
The role of the Network Interface Card (NIC)
Identification of NIC’s (MAC addresses)
Network cards are smart devices
Media Access Methods
Local Address Resolution (using ARP)
ITECH1102 Networking & Security
7
Role of the Data Link Layer
The Data Layer only communicates with devices on its local network.
Example:
Another PC on your home network
A Printer on your local network
The Router on your local network
This is often described as Hop to Hop communication.
Question.
Wide Area Networks often involve significant distances through fibre optic or satellite connections. Would communication between two satellite interfaces be considered local networking ?
Yes!!!
Why? Because the two interfaces are on the same Network. This applies to other Wide area network links for instance between Melbourne & Sydney.
The Data Link is only responsible for communication between two machines that are connected to the same network. This network could be your home WiFi network, it could be a section of the university network (for instance all computers in labs 1 & 2), or it could be two machines that are connected at each end of a long fibre optic or satellite link.
Hence the idea of local when discussing networks at the data link has more to do with the connection to a single network than it does to distance. Two computers connected at each end of a 1 metre cable are considered local as is two routers connected at each end of a geostationary satellite link.
7
ITECH1102 Networking & Security
8
Data Link Layer in the Internet Model
The Internet Model
Application (Layer 5)
Transport (Layer 4)
Internet (Network) (Layer 3)
Network Interface (Data Link) (Layer 2)
Physical (Layer 1)
Data from Application programs passes down through the Transport and Internet layers.
The Data Link Layer is the Interface between the Network layer and the Physical network (Cable, Fibre, WiFi, Satellite etc.)
Data from the Network media passes up through the network layers to the Application on the receiving host
ITECH1102 Networking & Security
9
The two parts of the Data Link layer
Logical Link Layer (LLC)
Media Access Control (MAC)
The LLC is the interface with the upper layer.
It allows IPv4, IPv6, IPX and other protocol transactions concurrently. (More on this next week)
The Media Access Control layer sends traffic to the network media and receives traffic from the network media.
This is the Data Link Layer
ITECH1102 Networking & Security
10
The role of the Network Interface Card (NIC)
The Network Interface Card is the connection to the Network.
Notebooks and other devices often have multiple connections:
Ethernet connection (via blue Cat 5 or Cat 6 cable)
WiFi connection
Bluetooth connection
Network interfaces are also built into Printers, Network scanners Routers and other network devices.
Routers have one NIC connected to the local network and one or more connected to other networks.
ITECH1102 Networking & Security
11
Network Cards have a unique MAC (Media Access Control) address.
All Network Interface cards have a unique 48 bit MAC address.
The MAC address is built into each interface by the manufacturer.
All Data Link data exchanges use the source and destination MAC addresses for any communication.
MAC addresses consist of two parts:
OUI (Organisation unique Identifier) [ first 24 bits ]
Unique 24 bit number [ last 24 bits ]
Hence MAC address are globally unique!
ITECH1102 Networking & Security
12
How to determine your MAC address
On a Windows system running the command ipconfig /all will display network setting such as:
IPv4 address
IPv6 address
MAC address (Also called the Physical Address)
ITECH1102 Networking & Security
13
Determining the MAC address on a Linux System
The Linux command to determine network settings is ifconfig
The output displays:
MAC address (HWaddr)
IPv4 address (inet addr)
IPv6 address inet6 addr
ITECH1102 Networking & Security
14
Network cards (NICs) are smart devices
Network cards filter traffic
Networks cards inspect every packet they see on the local network.
Packets that are for other machines are discarded.
Packets for the host device (PC, Router etc) are delivered to the host device. (To do this the NIC Interrupts the host and passes the network packet to it.)
Benefits:
The host machine only deals with important network traffic, not packets that other devices must process. Hence the filtering of traffic by the NIC reduces processing by the host machine and hence does not impede host performance.
ITECH1102 Networking & Security
15
The NIC also checks for errors
How the Cyclic Redundancy Check (CRC) works
Prior to sending a network packet a NIC performs a 32 bit CRC calculation that characterises the contents of the network packet.
The 32 bit CRC is appended to the end of the packet then sent to the destination.
When the packet arrives at the destination its NIC does the same CRC calculation on the received data.
If the two CRC values are different then the destination knows the packet is corrupt and so discards it.
This type of error checking is common in networking.
ITECH1102 Networking & Security
16
Ethernet Frame Format
There is a strict format for Ethernet Frames.
A Ethernet frame contains the payload from all upper layers which consists of headers and the upper layer protocol data (Eg. HTTP).
Example:
We will refer to this as DATA.
A 32 bit Frame Check Sequence is attached to the end of the frame.
The Destination (first) and Source MAC addresses are also required to specify where the packet came from and its destination.
ITECH1102 Networking & Security
17
Format of Ethernet Frames
The Destination MAC address is at the front of an Ethernet frame so the destination NIC can drop unwanted frames quickly.
The DATA field is often the largest part of the frame, it contains the application payload (HTTP, FTP or other protocol information) plus any headers from upper layer protocols.
ITECH1102 Networking & Security
18
A network packet captured in Wireshark
This is a Ping packet.
It is 74 bytes in length. The first 14 are the Ethernet frame.
These 6 bytes are the Ethernet destination MAC address
These 6 bytes are the Source MAC address.
Ethernet Type is IPv4 (08 00)
ITECH1102 Networking & Security
19
Broadcast addressing
If the destination MAC address in an Ethernet frame is all binary 1’s the frame must be processed by all machines on the local network.
Such broadcast packets are a requirement of many network protocols. (Example ARP discussed later).
When expressed in Hexadecimal a broadcast address is:
FF FF FF FF FF FF
(that is 48 bits)
ITECH1102 Networking & Security
20
Media Access Control
Media Access Control is concerned with arbitrating access to the network.
For shared media (for example WiFi) there are two categories of media access:
Controlled Access
Contention Based Access
In controlled access only one station can transmit at a time. Devices wanting to transmit must wait their turn.
Token Ring & FDDI are two examples that use this type of media access control. Both are known as deterministic protocols because they are guaranteed a minimum level of access to the media.
ITECH1102 Networking & Security
21
Media Access Control (continued)
Contention based Media Access
In shared networks the most common type of media access control is contention based.
One issue with contention based protocols is collisions can occur.
Protocols used in such network are:
CSMA/CD for Ethernet networks
CSMA/CA for 802.11 wireless networks
CSMA (Carrier Sense multiple Access)
CD Collision detect | CA Collision Avoidance.
ITECH1102 Networking & Security
22
CSMA/CD protocol
Carrier Sense Multiple Access with collision detect (CSMA/CD)
This is the Media Access Protocol used by Ethernet.
Ethernet is the most widely used Data Link method for connecting computers and other devices to a network.
This media access method allows multiple computers to all use a common network media.
One issue is that collisions can occur when two machines try to send an Ethernet packet simultaneously.
ITECH1102 Networking & Security
23
How CSMA/CD works
Carrier Sense: NIC listens to the network media to see if another device is transmitting. If it is it waits for the network to become available.
Multiple Access: Multiple devices can be connected to the same network.
Collision Detect: After transmitting a station will listen to the network to determine if there has been a collision.
ITECH1102 Networking & Security
24
How CSMA/CD works
Collisions: If a collision does occur, both stations will detect the collision.
Both will stop transmitting.
Both will wait a random period of time then attempt a retransmission.
In shared networks (networks with hubs) collisions can occur.
In switched networks collisions are less of a problem.
ITECH1102 Networking & Security
25
CSMA/CA
Carrier Sense Multiple Access with Collision Avoidance.
In many ways this Data Link protocol works in a similar way to CSMA/CD however the stations try to avoid collisions by reserving the network media.
Before transmitting a data frame a station can send a Request To Send frame to the Wireless Access Point.
The Access Point sends a Clear To Send (CTS) frame to the wireless network.
The CTS reserves the network for the requesting station for a specified period of time.
The requesting station sends the frame without fear of a collision.
ITECH1102 Networking & Security
26
Local Address resolution
How does your machine know the MAC address of other machines on the network?
Answer: In most cases it doesn’t !!!
In IP networking a Protocol called ARP (Address Resolution Protocol) is used to determine the MAC address of a specific machine on the local network.
If your machine does not know the MAC address of a particular machine it asks.
ITECH1102 Networking & Security
27
ARP – How it works
Network Operating Systems (like Windows and Linux) maintain a table in RAM (called the ARP cache) that contains the IP Address and MAC address of machines that have been contacted recently.
These entries age out so that the table does not become too large.
If your machine wants to contact a machine with a particular IP address it:
Looks in the ARP cache
If the entry is not found it sends a broadcast to the network asking who has the IP address 192.168.12.14 (for example)
The machine with that IP address will respond with its MAC address
The ARP cache is updated with the new entry
The NIC now has all the information it needs to form the Ethernet frame.
ITECH1102 Networking & Security
28
The Data Link Layer
The Data Link layer is only responsible for exchanging data between two locally connected devices (Hop to Hop).
The diagram in this slide shows a PC sending a request to a remote web server.
The Data Link Layer on the local PC packages the request (for instance into an Ethernet Frame) and sends it to the Local Router (This is the first hop of the journey to the remote web server)
The Local Router now has the PC’s request and so is responsible for sending it to the next hop of the journey. It is worthwhile noting that this next step of the data transfer could be using a totally different technology to the first (for instance it could be National Broadband Fibre (NBN)).
The hop to hop process continues until the request arrives at its destination.
Note – NBN is Australia’s fibre optic Internet infrastructure.
28
ITECH1102 Networking & Security
29
Tool Talk
Demonstration of Wireshark.
Wireshark is a Protocol Analyser.
We can use it to capture and inspect Network Traffic.
------- Demonstration -------
ITECH1102 Networking & Security
30
Next Week
The Network layer
IP networking
IP Routing
IPv4
IPv6
Tunnelling
30
Commonwealth of Australia Copyright Act 1968
Notice for paragraph 135ZXA (a) of the Copyright Act 1968
Warning
This material has been reproduced and communicated to you by or on behalf of Federation University Australia under Part VB of the Copyright Act 1968 (the Act).
The material in this communication may be subject to copyright under the Act. Any further reproduction or communication of this material by you may be the subject of copyright protection under the Act.
Do not remove this notice.
31
