datalink & nw layer

Chapter 3 1

3

Data Link and Network Layer TCP/IP Protocols

A Guide to TCP/IP

Chapter 3 2

3

Objectives

After reading this chapter and completing the exercises you will be able to:

• Understand the role that data link protocols, such as SLIP and PPP, play for TCP/IP

• Distinguish among various Ethernet and token ring frame types

• Understand how hardware addresses work in a TCP/IP environment, and the services that ARP and RARP provide for such networks

Chapter 3 3

3

Objectives

After reading this chapter and completing the exercises you will be able to:

• Appreciate the overwhelming importance of the Internet Protocol (IP), and how IP packets behave on TCP/IP networks

• Understand the structures and functions of an IP header

• Appreciate the function of the Maximum Transfer Unit (MTU) for any physical medium, and why fragmentation is sometimes required of the Network layer

Chapter 3 4

3

Data Link Protocols

• The Data Link layer performs several key jobs with the two most important being:

– Managing access to whatever networking medium is in use, called Media Access Control (usually abbreviated as MAC)

– Creating temporary point-to-point links between a pair of MAC layer addresses to enable data transfer, called Logical Link Control (usually abbreviated as LLC)

• A point-to-point data transfer involves shipping data from a specific MAC layer address that represents the point of transmission to another specific MAC layer address that represents the point of reception on a single network segment, or TCP/IP subnet

Chapter 3 5

3

Data Link Protocols

• This same point-to-point technique also works for data transfer across wide area network (WAN) links—such as analog telephone lines, digital connections, or X.25—which is why certain TCP/IP data link protocols may sometimes be called WAN protocols

• The data encapsulation techniques used to enclose packet payloads for transmission across WAN links differ from those used for LAN connections, and involve specialized protocols that operate at the Data Link layer

Chapter 3 6

3

Data Link Protocols

• The specific protocols are:

– Serial Line Internet Protocol (SLIP)

– Point-to-Point Protocol (PPP)

– Special handling for X.25, frame relay, and Asynchronous Transfer Mode (ATM) connections

• The key to understanding the material is to recognize that both SLIP and PPP support a straightforward point-to-point connection between two parties, or nodes, on a link

• These kinds of two-party connections include analog phone lines, Digital Subscriber Line (DSL) connections, and T-carriers, such as T1, T3, E1, or E3

Chapter 3 7

3

Data Link Protocols

• Special handling is necessary for X.25, frame relay, and Asynchronous Transfer Mode (ATM) WAN links, which use packet or circuit-switching technologies, and must explicitly address sender and receiver at the Data Link layer

• WAN encapsulation of frames at the Data Link layer involves one or more of the following services (they vary according to the requirements of the type of link used):

– Addressing – Bit-level integrity check

– Delimitation – Protocol identification (PID)

Chapter 3 8

3

The Serial Line Internet Protocol (SLIP)

• SLIP is the original point-to-point protocol for TCP/IP traffic, still used for connecting to some ISPs today

• SLIP uses a special END character (0xC0) that is placed at the beginning and end of each IP datagram to delimit the payload

• The SLIP ESC character is not the same as the American Standard Code for Information Interchange (ASCII) ESC character, the hex DB-DC sequence is usually denoted 0xDB-DC

Chapter 3 9

3

The Serial Line Internet Protocol (SLIP)

• If the SLIP ESC character occurs in a frame’s payload 0xDB-DD replaces it

• AS specified in RFC 1055, the maximum size of a SLIP data gram is 1066 bytes

• Most systems continue to set the upper bound for SLIP datagram at 1066 bytes, but Windows 2000 permits MTUs of 1500 bytes for SLIP datagrams to avoid fragmentation when a SLIP connection links two Ethernet segments

• RFC 1144 was developed to permit IP and TCP headers to be compressed when sent across a SLIP link

• This version of SLIP is called compressed SLIP (C-SLIP)

Chapter 3 10

3

Point-to-Point Protocol (PPP)

• PPP is a general-purpose, point-to-point protocol that overcomes SLIP’s deficiencies, and provides WAN data link encapsulation services similar to those available for LAN encapsulation

• RFC 1661 provides the detailed specifications for PPP, and includes the following characteristics:– Encapsulation methods that support simultaneous use of

multiple protocols across the same link

– A special Link Control Protocol (LCP) used to negotiate the characteristics of any point-to-point link established using PPP

Chapter 3 11

3


– A collection of negotiation protocols used to establish the Network layer properties of protocols carried over the point-to-point link, called Network Control Protocols (NCPs). RFCs 1332 and 1877 describe an NCP for IP, known as the Internet Protocol Control Protocol (IPCP), used to negotiate an IP address for the sending party, addresses for DNS servers, and (optional) use of the Van Jacobsen TCP compression protocol, where possible

• PPP encapsulation and framing techniques are based on the ISO High-level Data Link Control (HDLC) protocol, which is in turn based on IBM’s work on the Synchronous Data Link Control (SDLC) protocol used as part of its Systems Network Architecture (SNA) protocols

Chapter 3 12

3


• Although PPP framing supports addressing and link control information derived from HDLC, most PPP implementations use an abbreviated form that skips this unnecessary information

• The fields in the PPP header and trailer include the following values:

– Flag

– Protocol identifier

– Frame Check Sequence (FCS)

Chapter 3 13

3


• When PPP is used with synchronous technologies, such as T1, Integrated Services Digital Network (ISDN), DSL, or Synchronous Optical Network (SONET) links, a faster, more efficient technique of bit substitutions is used, rather than the wholesale character replacement used with asynchronous links

• PPP supports a default MTU of 1500 bytes, which makes it ideal for interconnecting Ethernet-based networks (or peers)

Chapter 3 14

3

Special Handling for PPP Links

• When any particular switched technologies, such as X.25, frame relay, or ATM, are used to link together PPP peers, additional control and addressing information must be included in PPP headers to manage the connection

• RFCs describe encapsulation of PPP datagrams for these technologies:

– X.25: RFC 1356

– Frame relay: RFC 2427

– ATM: RFCs 1557 and 1626

Chapter 3 15

3

Frame Types

• At the Data Link layer, protocol data units

are called frames; in TCP/IP terminology,

these PDUs may also be called IP

datagrams, which can be encapsulated in

a variety of frame types

Chapter 3 16

3

Ethernet Frame Types

• The Ethernet II frame type is the de facto standard frame type used for IP datagram transmissions over Ethernet networks

• The Ethernet II frame has a protocol identification field (the Type field) that contains the value 0x0800 to identify the encapsulated protocol as IP

• Before an IP datagram is transmitted onto the cable, the data link driver puts the leading frame onto the datagram

Chapter 3 17

3


• If a frame does not meet the minimum frame size of 64 bytes, the driver must pad the Data field

• The Ethernet NIC performs a Cyclical Redundancy Check (CRC) procedure on the contents of the frame, and places a value at the end of the frame in the Frame Check Sequence field

• Finally, the NIC sends the frame, led by a preamble, which is a leading bit pattern used by the receiver to correctly interpret the bits as ones and zeroes

Chapter 3 18

3


• There are three Ethernet frame types that

TCP/IP can use:

– Ethernet II

– Ethernet 802.2 Logical Link Control (LLC)

– Ethernet 802.2 Sub-Network Access Protocol

(SNAP)

Chapter 3 19

3

Ethernet II Frame Structure

• The Ethernet II frame type consists of the following values, fields, and structure:

– Preamble

– Destination Address field

– Source Address field

– Type field

– Data field

– Frame Check Sequence field

Chapter 3 20

3


Chapter 3 21

3


Preamble

• The preamble is eight bytes long and consists of alternating ones and zeroes

• This special string of bits precedes the actual Ethernet frame itself, and is not counted as part of the overall frame length

Destination Address Field

• The Destination Address field is six bytes long and indicates the data link address (also referred to as the hardware address or MAC address) of the destination IP host

• The destination address may be broadcast, multicast, or unicast

Chapter 3 22

3


Source Address Field

• The Source Address field is six bytes long and indicates the sender’s hardware address

• This field can only contain a unicast address—it cannot contain a broadcast or multicast address

Type Field

• The Type field is two bytes long and identifies the protocol that is using this frame type

Chapter 3 23

3

Assigned Protocol Types (by Number)

Chapter 3 24

3


Frame Check Sequence Field

• The Frame Check Sequence field is four bytes long and includes the result of the CRC calculation

• Upon receipt of an Ethernet II frame, an IP host checks the validity of the contents by performing a CRC check on its contents, and comparing the result to the value contained in the Frame Check Sequence field

• At the Data Link layer, the frame is examined to determine the actual destination address (broadcast, multicast, or unicast)

Chapter 3 25

3

Ethernet 802.2 LLC Frame Structure• Figure 3-2 depicts the format of an Ethernet 802.2 Logical Link

Control (LLC) frame

• The Ethernet 802.2 LLC frame type consists of the following fields:

– Preamble

– Start Frame Delimiter (SFD) field

– Destination Address field

– Source Address field

– Length field

– Destination Service Access Point (DSAP) field

– Source Service Access Point (SSAP) field

– Control field

– Data field

– Frame Check Sequence (FCS) field

Chapter 3 26

3

Ethernet 802.2 LLC Frame Structure

Preamble

• This preamble does not end in consecutive ones

Start Frame Delimiter (SFD) Field

• The 1-byte SFD field consists of the pattern 10101011 and indicates the start of the Destination Address field

Length Field

• The 2-byte Length field indicates the number of bytes in the data portion of the frame

• This frame does not use a Type field in this location—it uses a Service Access Point (SAP) field to indicate the upcoming protocol

Chapter 3 27

3


Destination Service Access Point (DSAP) Field

• This 1-byte field indicates the destination protocol

• Table 3-2 lists some of the assigned SAP numbers (defined by the IEEE)

Source Service Access Point (SSAP) Field

• This 1-byte field indicates the source protocol (typically the same as the destination protocol)

Chapter 3 28

3

Assigned SAP Numbers

Chapter 3 29

3


Control Field

• This 1-byte field indicates whether this frame is unnumbered format (connections) or informational/supervisory format (for connection-oriented and management purposes)

Ethernet SNAP Frame Structure

• RFC 1042, “A Standard for the Transmission of IP Datagrams over IEEE 802 Networks,” specifies how IP traffic should be encapsulated to 802.2 LLC frames that include the Sub-Network Access Protocol (SNAP) portion

Chapter 3 30

3



• Although Windows 2000 defaults to transmitting

IP and ARP communications over the Ethernet II

frame type, you can edit the Registry to support

transmission of IP and ARP over the Ethernet

802.2 SNAP frame structure by adding the

ArpUseEtherSNAP Registry setting, as listed in

Table 3-3.

Chapter 3 31

3

ArpUseEtherSNAP Registry Setting

Chapter 3 32

3



• The Registry entry ArpUseEtherSNAP must be set to 1 to enable use of the Ethernet 802.2 SNAP frame format for IP and ARP traffic over Ethernet

• Figure 3-3 depicts the format of an Ethernet SNAP frame

Chapter 3 33

3


Organization Code Field

• This 3-byte field identifies the organization that assigned the Ethernet type number used in the Ether Type field that follows

Ether Type Field

• The 2-byte Ether Type field indicates the network protocol that is using this Ethernet SNAP frame format

Chapter 3 34

3

Token Ring Frame Types

• The IEEE 802.5 standard defines token ring networking

• Token ring networks rely on a physical star design, although they use a logical ring transmission paths, as shown in Figure 3-4

• On a token ring network, each token ring workstation acts as a repeater—repeating each packet received back onto the network

• There are two variations of token ring frames: Token Ring 802.2 LLC frames and Token Ring SNAP frames

Chapter 3 35

3Token Ring Networks Are Physically Stars, But Logically Rings

Chapter 3 36

3

Token Ring 802.2 LLC Frame Format

• The standard Token Ring 802.2 LLC frames include the same LLC fields used by the Ethernet 802.2 LLC frame

Chapter 3 37

3


Start Delimiter Field

• The 1-byte Start Delimiter field is used to designate the beginning of a token ring frame

Access Control Field

• The 1-byte Access Control field indicates whether the upcoming fields constitute a token or a frame, the priority of the token or frame, and if the frame or token already circled the ring once

Chapter 3 38

3


Frame Control Field

• This 1-byte field indicates whether the frame contains token ring management information or data

Destination Address Field

• This 6-byte field indicates the destination hardware address

Chapter 3 39

3



• This 6-byte field indicates the source hardware address

• This field must contain a unicast address

Destination Service Access Point (DSAP) Field (LLC 802.2)

• This 1-byte field is the start of the LLC section, and indicates the destination protocol

Chapter 3 40

3


Source Service Access Point (SSAP) Field (LLC 802.2)

• This 1-byte field indicates the source protocol in use

Control Field (LLC 802.2)

• This 1-byte field indicates whether this frame is unnumbered (connectionless) or supervisory/informational (for connection-oriented and management purposes)

Chapter 3 41

3


Data Field

• This field can be between zero and 18,000 bytes long and contains the TCP/IP data

Frame Check Sequence Field

• The Frame Check Sequence field is four bytes long and includes the result of the CRC calculation used to error check the packet

End Delimiter Field

• This 1-byte field indicates the end of the token ring frame (except for the Frame Status field)

Chapter 3 42

3


End Delimiter Field

• This 1-byte field indicates the end of the token ring frame (except for the Frame Status field)

Frame Status Field

• This 1-byte field is used to indicate if the frame’s destination address was recognized, and if the frame was copied

Chapter 3 43

3

Token Ring SNAP Frame Format

• The Token Ring SNAP frame format expands the standard 802.2 LLC layer by adding an Organization Code field and an Ether Type field

Chapter 3 44

3

Token Ring SNAP Frame Format

Organization Code Field

• This 3-byte field identifies the organization that assigned the Ethernet type number used in the Ether Type field that follows

Ether Type Field

• The 2-byte Ether Type field indicates the network protocol that is using this Ethernet SNAP frame format

Chapter 3 45

3

Hardware Addresses in the IP Environment

• IP addresses are used to identify individual IP hosts on a TCP/IP internetwork

• TCP/IP networking uses ARP to determine the hardware address of the local target for the packet

• IP hosts maintain an ARP cache—a table of hardware addresses learned through the ARP process—in memory

• ARP is used only to find the hardware address of local IP hosts

Chapter 3 46

3ARP Broadcasts

Identify the Source and the Desired IP Address

Chapter 3 47

3

Hardware Addresses in the IP Environment

• If the IP destination is remote (on another network), the IP host must refer to its routing tables to determine the proper router for the packet

• This is referred to as the route resolution process

• ARP is not routable

• ARP can also be used to test for a duplicate IP address on the network

Chapter 3 48

3

ARP Frame Structure

Chapter 3 49

3

ARP Duplicate IP Address Test

Chapter 3 50

3

ARP Packet Fields and Functions

• By default, Windows 2000 uses the Ethernet II frame type for all ARP traffic

• There are two basic ARP packets—the ARP request packet and the ARP reply packet

• The most confusing part of ARP is the interpretation of the sender and target address information

• Figure 3-11 shows the ARP reply packet

Chapter 3 51

3

ARP Request for IP Host 10.1.0.99

Chapter 3 52

3

ARP Reply Packet Is a Unicast Packet

Chapter 3 53

3

Hardware Type Field

• This field defines the hardware or data link

type in use, is also used to determine the

hardware address length, which makes

the Length of Hardware Address field

redundant

Chapter 3 54

3

Protocol Type Field

• This field defines the protocol address type in use, and uses the standard protocol ID values that are also used in the Ethernet II frame structures

Chapter 3 55

3

Length of Hardware Address Field

• This field defines the length (in bytes) of

the hardware addresses used in this

packet

Chapter 3 56

3

Length of Protocol Address Field

• This field indicates the length (in bytes) of

the protocol (network) addresses used in

this packet

• This field is redundant because the

Protocol Type field also determines this

value

Chapter 3 57

3

Opcode Field

• This field defines whether this ARP packet is a

request or reply packet, and defines the type of

address resolution taking place

Chapter 3 58

3

Sender’s Hardware Address Field

• This field indicates the hardware address

of the IP host that sends this request or

reply

Chapter 3 59

3

Sender’s Protocol Address Field

• This field indicates the protocol, or

network, address of the IP host that sends

this request or reply

Chapter 3 60

3

Target Hardware Address Field

• This field indicates the desired target’s hardware address, if known

• In ARP replies, this field should contain one of the following:

– The hardware address of the desired IP host if the sender and destination share a common data link

– The hardware address of the next router in the path to the destination if they don’t share a common data link. This is known as the next-hop router to that IP host, in which that device will be the first of one or more routers that will convey the data from sender to receiver

Chapter 3 61

3

Target Protocol Address Field

• This field indicates the desired target’s

protocol, or network, address

Chapter 3 62

3

ARP Cache

• ARP information (hardware addresses and their associated IP addresses) is kept in an ARP cache in memory on most operating systems, including Linux, BSD, UNIX, Windows 95, Windows 98, Windows NT, and Windows 2000

Chapter 3 63

3

ARP Cache

• Windows-based systems also have a utility you can use to view your IP and hardware addresses

• You can use the Windows utility WINIPCFG on Windows 95 systems

• You can use the command-line utility IPCONFIG on Windows 98 and Windows 2000 systems

• The IPCONFIG utility also indicates that the default gateway is 10.2.0.99

• On a Windows 2000 system, ARP cache entries are kept in memory for 120 seconds

Chapter 3 64

3IPCONFIG Utility

Indicates the Device’s IP and Hardware Addresses

Chapter 3 65

3

ArpCacheLife Registry Setting

Chapter 3 66

3

Proxy ARP

• Proxy ARP is a method that allows an IP

host to use a simplified subnetting design

• Proxy ARP also enables a router to “ARP”

in response to an IP host’s ARP

broadcasts

Chapter 3 67

3

ARP Proxy Network Design

Chapter 3 68

3

Reverse ARP (RARP)

• Reverse ARP is, as its name implies, the

reverse of ARP

• RARP was initially defined to enable

diskless workstations to find their own IP

addresses

Chapter 3 69

3

Network Layer Protocols

• The primary function of Network layer protocols is to move datagrams through an internetwork connected by routers

• Network layer communications are end-to-end communications that define the originator as the source Network layer address, and the target as the destination Network layer address

• Internet Protocol is the Network layer protocol used in the TCP/IP suite

• IP version 4 (IPv4) is widely implemented

• Internet Protocol version 6 (IPv6) is undergoing some initial implementations

Chapter 3 70

3

About Internet Protocol (IP)

• We examine how an IP datagram is

formed, how an IP host learns whether the

destination is local or remote, how

packets are fragmented and reassembled,

as well as the details of IP packet

structures

Chapter 3 71

3

Sending IP Datagrams

• IP offers connectionless service with end-to-end Network layer addressing

• Building an IP datagram packet to send on the wire has certain requirements

• We must know the:– IP addresses of the source and destination

– Hardware address of the source and next-hop router

• Your system needs to resolve the name fred to an IP address

• This is called the name resolution process

Chapter 3 72

3Data Link Header Is

Stripped Off and Reapplied by the IP Router as the Packet Is Forwarded

Chapter 3 73

3

Route Resolution Process

• The route resolutions process enables an

IP host to determine if the desired

destination is local or remote

Chapter 3 74

3

Local or Remote Destination?

• Upon determination of the IP address of

the desired destination, the IP host

compares the network portion of the

destination address to its own local

network address

Chapter 3 75

3

If Remote, Which Router?

• Now that the local IP host knows that the destination is remote, the IP host must determine the hardware address of the appropriate router for the packet

• The IP host looks in its local routing tables to determine if it has a host entry or network router entry for the target

• If neither a host entry nor network entry is listed, the IP host checks for a default gateway entry

Chapter 3 76

3


• The default gateway offers a path of blind faith—because the IP host does not have a route to the destination, it sends the packet to the default gateway, and just hopes the default gateway can figure out what to do with the packet

• If IP hosts cannot communicate with each other, you can use a protocol analyzer to determine what went wrong

Chapter 3 77

3


• Perhaps one of the following faults occurred:

– The IP host can ARP only for IP hosts that are local—perhaps the actual destination is remote (check the source subnet mask and the destination’s IP address)

– Perhaps the destination is local, but not replying to the ARP because it is not completely functional (a duplicate IP address was detected, or the destination is simply down)

– Maybe the IP address the source received from a name resolution process, such as DNS, is incorrect

Chapter 3 78

3Sample of an

ARP Failure Due to a Discomfiture Network Mask

Chapter 3 79

3


• It is time to examine the following unique characteristics of IP communications:

– Lifetime of an IP datagram

– Fragmentation and reassembly

– Service delivery options

– IP header fields and functions

Chapter 3 80

3

Lifetime of an IP Datagram

• All IP packets have a predefined lifetime indicated in each packet’s Time to Live (TTL) field

• This ensures that packets cannot indefinitely circle a looped internetwork

• The recommended starting TTL value is 64

• The default TTL in Windows 2000 is 128

• If a packet with TTL=1 arrives at a router, the router must discard the packet because it cannot decrement the TTL to zero and forward the packet

Chapter 3 81

3

Lifetime of an IP Datagram

• If a packet with TTL=1 arrives at a host, what should the host do?

• Process the packet, of course

• The hosts do not need to decrement the TTL value upon receipt

• TRACEROUTE uses the TTL value and the timeout process to trace the end-to-end path through an internetwork

Chapter 3 82

3

Fragmentation and Reassembly

• IP fragmentation enables a larger packet to be automatically fragmented by a router into smaller packets to cross a link that supports a smaller MTU, such as Ethernet link

• Once fragmented, no reassembly occurs until those fragments arrive at the destination, where they will be reassembled at the Transport layer

• When the first fragment arrives at the destination, however, the destination host begins counting down from the TTL value of that packet

Chapter 3 83

3


• Figure 3-17 through 3-19 show the first, middle, and last fragments of a fragment set

Chapter 3 84

3Second Packet of a

Fragment Set (More to Come Bit Is Set to 1 and the Offset Is 185 [1480 bytes])

Chapter 3 85

3


• When the fragments arrive at the destination IP host, they are put back in order based on the Fragment Offset value contained in the IP header

• On a network that is low on available bandwidth, the fragment retransmission process causes more traffic on the wire

Chapter 3 86

3

Service Delivery Options

• IP supports a method for defining packet priority and route priority

• The Type of Service (TOS) field in the IP header section is separated into two distinct fields:

– Precedence

– Type of Service

Chapter 3 87

3

Precedence

• A router uses precedence to determine what packet to send when several packets are queued for transmission from a single-output interface

• One example of precedence use is Voice over IP (VoIP)

• The precedence for VoIP traffic may be set to five to support VoIP real-time functionality

Chapter 3 88

3

Type of Service (TOS)

• Routers use TOS to select a routing path

when there are multiple paths available

• OSPF and Border Gateway Protocol (BGP)

are two examples of routing protocols that

support multiple types of services

Chapter 3 89

3

Type of Service (TOS)

Chapter 3 90

3

Type of Serviced Functionality

Chapter 3 91

3

Type of Serviced Functionality

Chapter 3 92

3

IP Header Fields and Functions

• Figure 3-20 depicts the entire IP header structure

Chapter 3 93

3

Version Field

• The first field in the IP header is the

Version field

• We are currently at version 4

Chapter 3 94

3

Header Length Field

• This field is also referred to as the Internet Header Length (IHL) field

• This field denotes the length of the IP header only

• This field value is provided in multiples of four bytes

Chapter 3 95

3

Type of Service Field

• The TOS field actually has two components: precedence and Type of Service

• Precedence is defined in the first three bits, and may be used by routers to prioritize traffic that goes through router queues

Chapter 3 96

3

Type of Service Field

Chapter 3 97

3

Type of Service Bit Settings

Chapter 3 98

3

Total Length Field

• This field defines the length of the IP header and any valid data (does not include any data link padding)

• In the example shown in Figure 3-22, the total length is 213 bytes

Chapter 3 99

3

Identification Field

• Each individual packet is given a unique

ID value when it is sent

• If the packet must be fragmented to fit on

a network that supports a smaller packet

size, the same ID number is placed in each

fragment

Chapter 3 100

3

Flags Field

• The Flags field is actually three bits long; the bit value assignments are shown in Table 3-14

Chapter 3 101

3

Fragment Offset Field

• If the packet is a fragment, this field

shows where to place this packet’s data

when the fragments are reassembled into

a single packet (at the destination IP host)

Chapter 3 102

3

Time to Live (TTL) Field

• This field denotes the remaining lifetime

(defined as seconds, but implemented as

hops through routers) of the packet

• Typical starting TTL values are 32, 64, and

128

Chapter 3 103

3

Protocol Field

• Headers should have some field that defines what is coming up next

Chapter 3 104

3

Header Checksum Field

• The IP Header Checksum field provides error detection on the contents of the IP header only—it does not cover other contents of the packet, nor does it include the Checksum field itself in the calculation

• This is an error-detection mechanism in addition to the data link error-detection mechanism (such as the Ethernet CRC)

Chapter 3 105

3


• This is the IP address of the IP host that

sent the packet

Chapter 3 106

3

Destination Address

• This field can include a unicast, multicast,

or broadcast address

• This is the final destination of the packet

Chapter 3 107

3

Options Fields

• The IP header can be extended by several options (although these options are not often used)

• If the header is extended with options, those options must end on a 4-byte boundary because the Internet Header Length (IHL) field defines the header length in 4-byte boundaries

Chapter 3 108

3

Summary

• Because they manage access to the networking medium, data link protocols also manage the transfer of datagrams across the network

• When WAN protocols, such as SLIP or PPP, come into play, it’s possible to use analog phone lines, digital technologies that include ISDN, DSL, or T-carrier connections, or switched technologies, such as X.25, frame relay, or ATM, to establish links that can carry IP and other datagrams from a sender to a receiver

Chapter 3 109

3

Summary

• Ethernet II frames are the most common frame type on LANs, but a variety of other frame types exist that carry TCP/IP over Ethernet or token ring networks

• Understanding frame layouts is crucial for proper handling of their contents, regardless of the type of frame in use

• At the lower level of detail, it’s important to understand the difference in field layouts and meanings when comparing various frame types for any particular network medium

Chapter 3 110

3

Summary

• Because hardware or MAC layer addresses are so important when identifying individual hosts on any TCP/IP network segment, it’s imperative to understand how TCP/IP manages the translation between MAC layer addresses and numeric IP addresses

• Understanding ARP packet fields greatly helps to illuminate the address resolution process, particularly the use of the “all-zeroes” address in the Target Hardware Address field to indicate that a value is needed

Chapter 3 111

3

Summary

• A more advanced mechanism called proxy

ARP permits a router to interconnect multiple

network segments and make them behave

like a single network segment

• Network layer protocols make their way to the

Data Link layer through a process known as

data encapsulation

Chapter 3 112

3

Summary

• When a frame must travel from one network segment to another, a process to resolve its route must occur

• Other important characteristics of IP datagrams include: Time to Live (TTL) values, which prevent stale frames from persisting indefinitely on a network; fragmentation of incoming frames when the next link on a route uses a smaller MTU than the incoming link

datalink & nw layer

Documents