Title: Advanced Ethernet Features
1Local Area Networks
- Advanced Ethernet Features
2IEEE 802.3 Family of LAN Protocols Advanced
Features
- Introduction
- Along with order-of-magnitude increases in speed
and the application of switching to Ethernet,
there are a number of advanced features that have
been developed - Full-duplex operation
- Jumbo Frames
- Flow Control
- Link Aggregation
- Virtual LANs (VLANs)
- Priority Transport
- Port Authentication
- There are other networking technologies that can
take advantage of these features we are only
discussing these in the context of Ethernet
3Advanced Ethernet Features Full-Duplex Operation
- Introduction
- Traditional Ethernet is half-duplex a station
cannot send and receive data simultaneously - While upgrading from shared to switched LANs
increases network capacity, it does not
completely eliminate CSMA/CD from network
operation - The collision domain shrinks, but there are still
two stations competing for the medium - Full-duplex operation allows nodes to transmit
and receive simultaneously - Effectively no collision domain because there is
only one transmitter and one receiver on a
switched LAN leading to direct transmission
without CSMA/CD. - 100 link utilization with well-designed LAN
switches - 100BASE-TX, and 100BASE-FX support full duplex as
transmit and receive signal paths can be
simultaneously active.
4Advanced Ethernet Features Full-Duplex Operation
- Collision Domains
- Lets take a moment to explore the impact of
switching full-duplex operation on the
collision domains found in a network - Half-duplex shared
- Half-duplex switched
- Full-duplex switched
- A tangent switch backplane capacity
full-duplex operation
5Advanced Ethernet Features Full-Duplex Operation
- IEEE 802.3x
- The IEEE 802.x Working Group developed a standard
that enhanced switched mode operation by defining
full-duplex data transfer operation - IEEE 802.3x finalized in 1997
- Allow independent (and simultaneous) transmission
and reception of data by an Ethernet node - Though mistakenly associated with Fast Ethernet,
IEEE 802.3x is applicable to all flavors of
Ethernet - Also included specifications for flow control
across full-duplex links - Requires backwards compatibility (though manual
configuration of mixed half and full-duplex
equipment requires care!
6Advanced Ethernet Features Full-Duplex Operation
- Requirements
- Requires the use of a star topology with a
central wiring closet - The Ethernet PHY must have independent transmit
receive paths - Baseband coax -gt NO!
- Fiber and UTP -gt YES
- There must be only two nodes on a dedicated
point-to-point link - Both nodes must be configured for full-duplex
operation - Requires switches beware of full-duplex
Ethernet hubs!
7Advanced Ethernet Features Full-Duplex Operation
- Operational Considerations
- While full-duplex ports are CSMA/CD capable, the
MAC algorithm is disabled in full-duplex
operation - Frames are transmitted as soon as possible with
only the IFG (Inter-frame Gap) between frames - While CSMA/CD distance (delay) requirements no
longer apply, the noise attenuation
characteristics of the physical media still
impose distance limits - For UTP, half and full-duplex limits are the same
- For fiber, full-duplex links can span great
distances (up to 40km with single-mode fiber and
expensive optical components)
8Advanced Ethernet Features Full-Duplex Operation
- Flow Control across full-duplex links
- While great for efficiency, care is needed to
prevent full-duplex nodes from being overwhelmed
with traffic - The committee incorporated MAC-layer flow control
into 802.3x to help prevent buffer overflow at
nodes - Without CSMA/CD the methods used for flow control
in a half-duplex environment disappeared (e.g.-
backpressure) - The 802.3x MAC Control Protocol
- The standard defined new MAC control frames to
use between nodes in a full-duplex connection - These control frames are special Ethernet frames
of type 0x8808 hex that contain opcodes for
various functions
9Advanced Ethernet Features Full-Duplex Operation
- The PAUSE MAC Control Frame
- The only defined MAC Control Command assigned
opcode 0x0001 hex - Sent to the reserved destination multicast
address 01-80-c2-00-00-01 - Included in the frame is the Pause time
- Can be a value between 0 and 65,535
- This value is a multiplier receiver multiplies
value by 512 bit times to determine the Pause
time - During that interval Receiver (of the PAUSE
frame) should transmit no frames
10Advanced Ethernet Features Jumbo Frames
- Introduction
- The effect of frame size on efficiency
- Current maximum ethernet frame size is 1518 bytes
(1522 with VLAN tagging) - Compare this with other technologies like Token
Ring and FDDI - Not efficient for certain applications
- File transfers
- Compute clusters
- Storage Area Networks
- Jumbo frames nominally refer to any ethernet
equipment that can transport frames larger than
the standard frame size
11Advanced Ethernet Features Jumbo Frames
- Implementation
- While Jumbo frames are implemented by many
manufacturers, there is no current standard - This means you must be careful with network
design and interoperability - Even in a vendors product line there can be
differences! - A variety of sizes has been proposed a very
common size is around 9000 bytes - Large enough to allow a complete NFS message to
ride in a single Ethernet frame - Another common size is around 4470 bytes (to be
compatible with other protocols like FDDI) - See http//darkwing.uoregon.edu/joe/jumbo-clean-g
ear.html for a list of equipment frame sizes
12Example (TCP packet transfer)
- Due to overhead caused by TCP relaibility, the
TCP throughput lt 0.7 MSS / (rtt
sqrt(packet_loss)), where MSS is maximum segment
size (MTU minus TCP/IP headers), rtt is round
trip time, and packet_loss is probability of
frame loss. - Suppose rtt is about 40 msec, and let's say
packet_loss is 0.1. With an frame size of 1500
bytes (MSS of 1460). Evaluate the TCP throughput. - Answer TCP throughput 0.7x1460x8/(0.04x0.033)6.
5 Mbps based on TCP's ability to detect and
recover from congestion (loss). - Assume Jumbo Frame of 9000 byte. Evaluate the TCP
throughput. - AnswerTCP throughput 0.7x(9000-40)x8/(0.04x0.033
) 40 Mbps. - Evaluate the packet loss rate to achieve a
throughput of 500 Mbps with 1500 bytes and 9000
byte frames. - Answer packet_loss (0.7 x MSS/(rtt x
TCP_throughput))2. - We would need a packet loss rate of no more than
1x10-5 when frame size is 9KBytes. - However, with 1500 byte frames, the required
packet loss rate is down to 2.8x10-7! - While the jumbo frame is only 6 times larger, it
allows us the same throughput in the face of 36
times more packet loss.
13Example (Continue)
- A 9000 byte GE packet takes the same amount of
time to transmit as a 900 byte F-Ethernet packet
or a 90 byte 10 Mbps Ethernet packet. - Jumbo frames on GE at worse add less delay
variation than 1500 byte frames do on slower
Ethernets. - No one is suggesting that slower Ethernets use
9000 byte frames. - As for queueing delay concerns, that could happen
whether packets are large or small. If delivery
QoS is required, then the routers need to
implement some kind of priority or expedited
forwarding, regardless of the packet sizes. - Tiny frames (including 53 byte ATM cells) may be
helpful when multiplexing lower bit rate streams,
but they become increasingly inefficient on
gigabit and beyond links. - Conclusion leaving the local area network at
high speed, the dynamics of TCP will require to
use large frame sizes. Without them, the packet
loss rate over a high bandwidth-delay product
path would have to be extraordinarily low. Core
internet infrastructure, from campus backbones to
Network Access Points (NAPs), should be
particularly careful not to limit the permitted
MTU to 1500 bytes. In the long run there is no
reason to stop at 9000 byte frames, but given the
current ethernet CRC limitation it is a good
evolutionary step for gigabit data rates.
14Advanced Ethernet FeaturesLink Aggregation
- Introduction
- Allows an increase in network capacity
availability without changing the underlying
network technology - Another alternative to use when upgrading to a
higher speed is neither feasible or possible - Sometimes called inverse multiplexing
- Benefits
- Increased bandwidth capacity
- Granular capacity increase
- Higher link availability
- Uses existing hardware
15Advanced Ethernet FeaturesLink Aggregation
- Disadvantages
- Like any technology there is always disadvantages
-- these have kept link aggregation a niche
solution - More space network interfaces necessary
- More complexity
- More maintenance overhead
- Harder to troubleshoot aggregated links
- Performance improvements depend on traffic flow
16Advanced Ethernet FeaturesLink Aggregation
- Application Scenarios
- Switch-to-Switch
- Switch-to-Station (possibly a server or router)
- Station-to-Station (very rare)
17Advanced Ethernet FeaturesLink Aggregation
- Issues Considerations
- Addressing Interfaces
- Need to assign logical MAC across all aggregated
NICs - Traffic Distribution Algorithm
- How to allocate traffic among aggregated links
- Want efficiency, but have to worry about other
factors - Transparency to upper layers
- Non-duplication
- Ordering
- Performance
18Advanced Ethernet FeaturesLink Aggregation
- Other Considerations
- Mixing aggregate-able technologies
- Mixing speeds (versions) of aggregate-able
technologies - Using aggregation with shared LAN technologies
- Must worry about the operation of the MAC
algorithm - Really not recommended for use with shared LANs
19Advanced Ethernet FeaturesLink Aggregation
- The IEEE 802.3ad Link Aggregation Standard
- Work on the standard began in 1998 with final
approval in 2000 - Standard applies to Ethernet only
- All links in an aggregation must be the same
speed - Other restrictions
- Only full-duplex links
- Only one aggregation group per pair of devices
(there can be other individual links between
these devices) - Many technical details taken from Etherchannel
an earlier proprietary link aggregation protocol
developed by Cisco
20Advanced Ethernet FeaturesLink Aggregation
- The IEEE 802.3ad Goals
- Incremental bandwidth across logical channels
- Linearly incremental bandwidth
- Increased link availability
- Automatic configuration fault tolerance via
rapid link reconfiguration - Maintenance of link invariants
- Transparency to upper layers/applications
- Backwards compatibility with non-802.3ad
equipment - No change to Ethernet frame
- Network Management support
21Advanced Ethernet FeaturesLink Aggregation
Operation
22Advanced Ethernet FeaturesLink Aggregation
- The IEEE 802.3ad Control Protocols
- To maintain control of the aggregated links and
traffic between devices, two control protocols
are used - Marker Protocol
- Link Aggregation Control Protocol (LACP)
- Marker Protocol
- Used to move data flows from one aggregated
link to another - Uses fixed and link-constrained 128 byte Ethernet
frames - Uses request/response operational commands
23Advanced Ethernet FeaturesLink Aggregation
- Link Aggregation Control Protocol (LACP)
- Used to automatically configure maintain
aggregated links between cooperating systems - Protocol is generally passive, operating in the
following manner - Devices advertise their configuration capability
via LACP messages - There are no response messages devices are
supposed to read incoming messages and configure
themselves appropriately (usually the best common
configuration) - If device status or capability changes the
change is to be advertised via LACP - LACP messages can be overridden by manual
configuration
24Advanced Ethernet FeaturesLink Aggregation
- Link Aggregation Control Protocol (LACP)
- What is exchanged in LACP messages
- System ID used to ensure all aggregated links
belong to the same (far-end) device - Port Numbers Priority uniquely identifies
links optionally assigns an aggregation
priority to a link - Aggregation Link Characteristics not all links
between devices are aggregation candidates a key
(unique value) shared by all links that can be
aggregated - Operational Mode LACP can operate in either
Active (send LACP messages without prompt) or
Passive mode - LACP Message Transmission Frequency the
configurable time interval between generation of
LACP messages
25Advanced Ethernet FeaturesVirtual LANs (VLANs)
- Introduction
- With LANs as discussed so far, there is no
difference between the physical logical network
layout - With VLANs the physical topology can be different
than the logical topology - In other words, the set of stations that can
communicate as if they are part of the same LAN
(via direct MAC layer frames) can now be
physically separated - Requires the use of VLAN-aware switches
- VLAN applications
- Moves, Adds, Changes
- LAN Security (traffic isolation)
- User Mobility
- Bandwidth Efficiency
26Advanced Ethernet FeaturesVirtual LANs (VLANs)
27Advanced Ethernet FeaturesVirtual LANs (VLANs)
28Advanced Ethernet FeaturesVirtual LANs (VLANs)
- Requirements for VLAN Operation
- Frame tags
- VLAN awareness
- VLAN association rules
- Frame distribution
- How do switches know the logical (virtual)
groupings? - First, frames belong to VLANs
- Two methods of associating frames with VLANs
- Implicit tagging
- Each switch examines the frame and based on its
characteristics associates - Explicit tagging
- Fields in the frame carry VLAN information
29Advanced Ethernet FeaturesVirtual LANs (VLANs)
- Varieties of VLAN Associations
- Switch port-number based VLAN membership
- MAC-address (48 bit) based VLAN membership
- Protocol-based
- IP-based
- Application-based
30Advanced Ethernet FeaturesVirtual LANs (VLANs)
- The IEEE 802.1Q Standard
- Due to demand, development of 802.1Q began in
1995 - Final approval in December 1998
- Does not replace IEEE 802.1D (MAC-layer Bridges)
but compliments it - Extends it for VLAN-aware switches
- Maintains backward compatibility for non-VLAN
operation and use in mixed environments - Defined VLAN use with Ethernet, Token Ring, and
FDDI - What the standard covers
- Frame tagging
- Forwarding/Filtering Database
- Priority Operation
- Encapsulation of Token Ring/FDDI frames
- Automatic distribution of VLAN information
- Management of VLAN-aware switches
31Advanced Ethernet FeaturesVirtual LANs (VLANs)
- IEEE 802.1Q VLAN Tags Frame Format
- Required modification of the basic Ethernet frame
- Designed to fit in allow operation with
non-tagged frames - Required extensive testing to ensure expanded
frame (1522 bytes) caused no problems in existing
equipment - Maximum Frame size changed in IEEE 802.3ac (1998)
32Advanced Ethernet FeaturesVirtual LANs (VLANs)
- IEEE 802.1Q VLAN Tag Fields
- VLAN Protocol ID (16 bits) set to 0x8100 hex in
all tagged frames - Priority (3 bits) used for the Priority
function described later - Canonical Format Indicator (1 bit) only
important when using 802.1Q to bridge between
technologies - VLAN Identifier (12 bits) allows a maximum of
4094 VLANs in a network - The value 0xFFF hex is reserved
- The value 0x000 hex denotes a priority tag only
frame has no VLAN association - E-RIF optional field used with Token Ring
FDDI LANs employing native source routing
33Advanced Ethernet FeaturesVirtual LANs (VLANs)
- IEEE 802.1Q VLAN Switch Operation
- Normal switches examine the destination MAC
address in frames to determine what ports to
transmit it on - The filtering/forwarding database matches
destination MAC address to a port (unicast) - Unknown MAC addresses are flooded until learned
- Broadcast MAC addresses transmitted out all port
except the one it was received on - VLAN-aware switches add a second variable into
the filtering/forwarding database corresponding
decision - VLAN association for the frame
- The switch needs a way to determine which
physical ports to associate with a VLAN - Static (manual) mapping
- Dynamic mapping
34Advanced Ethernet FeaturesVirtual LANs (VLANs)
- Automatic VLAN configuration
- To allow easier administration of VLAN-based
networks, a control protocol was developed for
communicating VLAN information between switches - The protocol, call GVRP (GARP VLAN Registration
Protocol), is part of a family of switch-related
control protocols - GVRP allows the switch at one end of a link to
advertise the VLANs associations for the physical
port to the far-end device - Uses a reserved destination MAC address
01-80-c2-00-00-21 - Similar definitions and operation to LACP
35Advanced Ethernet FeaturesTraffic Classes
Quality of Service
- Introduction
- While priorities are included in several of the
802 protocols and the IEEE 802.1D specification
outlines how bridges should map priorities
between different protocols, the original
specifications do not define a true set of
traffic classes - Ethernet as defined has no traffic classes
- Bridges are not told how to prioritize frames for
transmission) - To provide better MAC layer support for
time-critical data an update to the 802.1D
specification defines and outlines the use of
traffic classes - This work is sometimes called 802.1p because it
was the committee that developed the priority
mechanisms
36Advanced Ethernet Features Traffic Classes
Quality of Service
- The Use of Traffic Classes in IEEE 802.1D
- The updated standard relies on three concepts
- User Priority the priority found in the
priority field of the MAC frame usually carried
end-to-end unless it needs to be modified to fit
the rules of a transit MAC protocol - Access Priority the priority with which a
bridge accesses the outbound LAN to transmit a
frame it must relay - Traffic Class if bridge has multiple queues for
outbound traffic, the traffic class is used to
determine the relative priority of the queues - The Traffic Class is assigned by the bridge on
the basis of incoming user priority - Traffic classes help reduce the queuing delay
seen by high priority frames, though there is
still an access delay for transmission (based on
the outbound MAC protocol)
37Advanced Ethernet Features Traffic Classes
Quality of Service
- The Use of Traffic Classes in 802.1D (continued)
- Eight traffic classes are defined usable for
each outbound port, corresponding to eight
distinct outbound queues - Within a queue a FIFO discipline is typically
used strict ordering in the traffic class - Output scheduling
- There are two basic choices for determining how
to pull data out of the queues for transmission - Obviously, strict round robin is not one of the
choices! - Strict Priority transmit any waiting frames out
of the highest priority queues exclusively - Weighted Fair Queuing (WFQ)
- Uses round robin but is modified by a weight
- Higher weights assigned to higher priority queues
38Advanced Ethernet Features Traffic Classes
Quality of Service
- The Use of Traffic Classes in 802.1D (continued)
- Bridge Queue Diagram
39Advanced Ethernet Features Traffic Classes
Quality of Service
40Advanced Ethernet Features Traffic Classes
Quality of Service
- Mapping of User Priority to Traffic Class
- The recommended 802.1D mapping of incoming user
priority to traffic class is shown in Table 12.4 - If the 802.1Q (virtual LAN) specification is in
use the priority field in the tag header can be
used to determine the traffic class if necessary - How this is done was already discussed
- Even protocols like 802.3 and 802.11 that support
only one access priority can support multiple
traffic classes (queues) but how the queues are
filled are determined by other parameters (e.g.
protocol type)
41Advanced Ethernet Features Traffic Classes
Quality of Service
- Internet Traffic Quality of Service
- Many higher layer protocols have QoS mechanisms
there should be some way to map higher level QoS
levels to 802.1D traffic classes - There are a couple of difficulties with this
- Internet traffic usually traverses a set of
diverse networks making mapping between layers
difficult - Lower layers typically cannot see the QoS
mechanisms used in higher layers - In IP and ATM networks this would allow higher
layer QoS (like the IP TOS bits or ATM service
class) to be used to set the priorities of frames
wherever possible - Though important for the construction of
internets with end-to-end QoS support, this is an
area of ongoing research that currently lacks
approved standards
42Advanced Ethernet Features Traffic Classes
Quality of Service
- The Final Word on Traffic Classes
- Remember there is a difference between Quality
of Service and Class(es) of Service - Quality of Service provides or tries to guarantee
the system/network will provide certain agreed
upon service levels - Minimum bandwidth
- Maximum Delay
- With Classes of Services there are not
guarantees per say
43Advanced Ethernet Features Port Authentication
- Introduction
- Once upon a time the Internet was a friendly
place - There was not much worry about security nowadays
that is obviously not the case - The IEEE saw the need to secure the edge of the
network as a key security weakness - Main targets
- Wireless networks (IEEE 802.11)
- Edge Ethernet ports
44Advanced Ethernet Features Port Authentication
- IEEE 802.1x
- A working group was established to address edge
security and develop a standard solution (Sum
2001) - Solution is not Ethernet-specific, but it has
been adopted mainly for securing 802.3 802.11
(WLANs) - General Operation
- IEEE 802.1x allows a network device (switch) to
query and authenticate a node before allowing
network access - Supported on Win XP and CE nodes third-party
add-ins for other operating systems - If the 802.1x-capable device does not hold
authentication information, it must have some
back-end access to an authentication server
(via another authentication protocol such as
RADIUS or TACACs)
45Advanced Ethernet Features Port Authentication
- IEEE 802.1x Operation
- Allows authentication via username/password or
some other user-based credentials - Uses EAPOL (Extensible Authentication Protocol
over LAN) for the node (802.1x Supplicant) to
exchange authentication data with the switch
(802.1x Authenticator) - EAPOL adapted from earlier authentication
protocols developed for PPP (Point-to-Point
Protocol) - Port remains locked until successful
authentication occurs - Some vendors support more advanced features based
on 802.1x (VLAN selection), but this is not part
of the standard
46Advanced Ethernet Features Port Authentication
47Advanced Ethernet Features Port Authentication
- IEEE 802.1x Operation (2)
48Advanced Ethernet Features Port Authentication
- IEEE 802.1x Operation (3)
49IEEE 802.3 Family of LAN ProtocolsHomework
Reading
- Homework 3 - Due at Class 6 in two weeks
- Chapter 7 7.2, 7.7
- Additional Question (5 points) download
Ethereal (www.ethereal.com) or an equivalent
sniffer program and install on a PC you have
access to and permission to use. Capture a web
session in a file (at least getting a couple of
different pages) and explain what traffic you
see. If any frames appear that are not part of
the web session explain why they are there. - Complete Lab1 in the OPNet Lab Manual, submit
your answers to the questions at the end of the
Lab - Reading
- This weeks material Stallings chapters 7 and
12.5 - Next week Chapter 8, 9, and 10