Refinements

Bridges and switches are considered synonymous in this course
In practice, bridges are simpler and mostly replaced by switches nowadays
Had 2 ports, just to connect network segments
Used software-based routing, which is slower

Switches can be layer-3 enabled, called IP-enabled switches
IP aware, but they do not route

Functionalities of Layer 2

Framing

Allows 2 directly connected hosts to exchange information through the physical layer
The unit of information through the data-link layer is a frame
When sending data, (IP) datagrams are encapsulated into frames
Can either be fixed-length or dynamic
To know when a frame starts and ends, frame flags are used, there are multiple ways to do this:
1. Physical layer coding violations
2. Character stuffing: use special (ASCII) chars
3. Bit stuffing: adding a special pattern of bits, does mean you need to make this unique, and escape it when it occurs in data

Reliability

Data-link protocols can be connection-oriented or connectionless
Some provide reliable delivery while some give no guarantees

• Unacknowledged connectionless
  • No attempt to recover lost layer-2 frames
  • Has the least overhead
  • Appropriate when error rate is low (e.g. LAN), recovery is left to higher layers, if desired
• Acknowledged connectionless
  • Sender knows if a frame has arrived successfully
  • Useful over unreliable systems (e.g. wireless)
• Acknowledged connection-oriented
  • High reliability, but high overhead
  • Usually used for WANs

Error Control / Correction

Frames may be corrupted or lost
Error control is achieved by detecting errors with Cyclic Redundancy Check (CRC)
Provides receiver with a way to detect errors
ACK when frame is correct
NACK when something is wrong: "Please send again"

Link Access

A Media Access Control (MAC) protocol specifies the rules by which a frame is transmitted onto the link. This depends on the topology:

Two or more simultaneous transmissions produce interference
When a node receives two or more signals at the same time, a collision occurs

Multiple Access Protocols

When can a node transmit?

Distributed algorithms determine how nodes share a medium
Communication about sharing must use the medium itself, no out-of-band coordination
Three types:

• Channel partitioning: e.g. TDM and (D)WDM
• Random Access Protocols: e.g. CSMA/CA and CSMA/CD
• Taking Turns Protocols: e.g. Token Passing

Channel Partitioning: TDM

Time Division Multiplexing

Time domain is split into several fixed-length recurrent time slots, all the incoming channels take turns

Channel Partitioning: WDM

Wavelength Division Multiplexing

Multiplex multiple channels onto a single optical channel by using multiple wavelengths of light

Random Access Protocols: CSMA

Carrier Sense Multiple Access
Listen to medium before transmitting
If idle, send entire frame
If busy, defer transmission
Collisions can still occur:
The propagation delay may mean 2 nodes cannot hear one another's transmission
Entire packet transmission time wasted

CSMA/CD: Collision Detection

Sensing and deferral as in CSMA
Collisions detected quickly
Colliding transmissions are aborted, reducing wastage

Collision detection:
Easy in wired LANs by measuring signal strengths
Difficult in wireless LANs, received signal strength gets overwhelmed by local transmission

Layer 1 & Layer 2 Devices

Layer 1 (physical): Repeaters, hubs
Single collision domain
Together they form a LAN (or link) segment
Not really used anymore
Layer 2 (data link): Bridges, switches
Single broadcast domain
Together they form a LAN (or link)

Link Layer Addresses

Data link layer is implemented in an adapter, known as a Network Interface Card (NIC)
Offloads work from the CPU

Media Access Control (MAC) address, referred to as a hardware of physical address
Unique, alphanumeric value
Used to identify NICs

Address Resolution Protocol (ARP)

Used to discover the MAC address associated with an IPv4 address
IPv6 uses Neighbour Discovery Protocol
Works by broadcasting request
"Yo, who has 192.168.178.123"
Device with that IP responds, thus learning the MAC

ARP Table

Nodes cache IP-to-MAC pairs in their ARP table
Saved until old (stale time), or can be marked as persistent
Soft state: information that times out goes away, unless refreshed
Plug-and-play: nodes will create this table without admin intervention

Security Issues with ARP

ARP spoofing: attacker responds to ARP requests meant for other nodes

Comes down to screaming: "I am the router, trust me bro"
ARP storm: a loop in the network creates a storm of ARP packets

Proxy and Gratuitous ARP

Proxy ARP: Another device (like a router) replies to ARP for a host on another subnet
Allows nodes without network mask to route, i.e. the router will pretend to be the remote host
Host 1 knows the destination is outside the subnet, and will use ARP to find the MAC of the router's IP and then send
Host 2 has a wrong subnet mask, thus, it considers the destination to be in the same subnet and will try to directly find the destination with ARP (without going through the router). However, this broadcast will not reach the destination node. W/o proxy ARP, no one will reply and the ARP request fails
With proxy ARP, the router sees that something is wrong, and will impersonate the remote node
This does hide the problem!

To support mobility, e.g. in mobile IPv4
Gratuitous ARP: An ARP response that was not prompted by an ARP request

Ethernet (802.3)

Connectionless: No handshake between senders and receivers
Unreliable: Receiving NIC does not ACK nor NACK
Recovery left to higher layers like TCP
Link access:: Original MAC: un-slotted CSMA/CD with binary backoff
Current ethernet does not have collisions (1-to-1 connections, with router/switch in between)

Frames

Preamble: Tell receiver you want to start sending
SFD: Start Frame Delimiter
Type Field: The encapsulated protocol
PAD: Padding up to 64 bytes if the data is short
CRC Checksum: For error detection
VLAN Tag: To support VLAN segmentation in a network

Bridges and Switches

Transparent Bridges

Transparent: no configuration, and hosts are not aware
Used to reduce the collision domain
Transmissions that remain on the segment of one port, wont propagate to other segments

Copies frames between its ports
Uses Store and Forward (instead of Cut-through)
Entire frame is received, then the entire frame is transmitted
Cut-through starts transmitting as soon as the destination is received

Remembers which nodes live on which ports, so it selectively forwards (thus reducing collisions)
Builds a filtering database
If unknown, broadcast everywhere, update database after seeing response

Switches

Have multiple ports
Often remember which port a node is connected to
May support protocol extensions:
Quality of Service
VLANs
Simple Network Management Protocol (SNMP)
Internet Group Management Protocol (IGMP) Snooping

When a frame is received:

1. Record incoming link and MAC of sending host
2. Index switch table using destination MAC
3. If entry found, then
   1. If destination on same segment, drop
   2. Else, forward to indicated entry
4. Else, forward to all interfaces except incoming
   1. Only the destination will do something, other hosts will discard

VLANs

Port-based VLAN

Switch ports grouped (by switch management software) so that 1 physical switch can act as multiple virtual switches

Traffic isolation: frames from VLAN X can only go to other ports that are on VLAN X
Dynamic membership: ports can dynamically be allocated
Forwarding between VLANs: done via routing, just as with multiple physical switches

VLANs spanning multiple switches

Trunk port: carries frames between VLANs defined over multiple physical switches
802.1q protocol adds additional header field for frames forwarded between trunk ports
VLANs can be encapsulated within one another, thus resulting in multiple VLAN tags