advanced ethernet features n.
Skip this Video
Loading SlideShow in 5 Seconds..
Advanced Ethernet Features PowerPoint Presentation
Download Presentation
Advanced Ethernet Features

Advanced Ethernet Features

200 Views Download Presentation
Download Presentation

Advanced Ethernet Features

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Local Area Networks Advanced Ethernet Features 635.412 Class #4

  2. IEEE 802.3 Family of LAN Protocols Advanced Features • Introduction • Along with order-of-magnitude increases in speed and the application of switching to Ethernet, there are a number of advanced features that have been developed • Full-duplex operation • Jumbo Frames • Flow Control • Link Aggregation • Virtual LANs (VLANs) • Priority Transport • Port Authentication • There are other networking technologies that can take advantage of these features; we are only discussing these in the context of Ethernet Class #4: Advanced Ethernet Features

  3. Advanced Ethernet Features Full-Duplex Operation • Introduction • Traditional Ethernet is half-duplex; a station cannot send and receive data simultaneously • While upgrading from shared to switched LANs increases network capacity, it does not completely eliminate CSMA/CD from network operation • The collision domain shrinks, but there are still two ‘stations’ competing for the medium • Full-duplex operation allows nodes to transmit and receive simultaneously • Effectively no collision domain because there is only one transmitter and one receiver on a switched LAN leading to direct transmission without CSMA/CD. • 100% link utilization with well-designed LAN switches • 100BASE-TX, and 100BASE-FX support full duplex as transmit and receive signal paths can be simultaneously active. Class #4: Advanced Ethernet Features

  4. Advanced Ethernet Features Full-Duplex Operation • Collision Domains • Let’s take a moment to explore the impact of switching & full-duplex operation on the collision domains found in a network • Half-duplex shared • Half-duplex switched • Full-duplex switched • A tangent: switch backplane capacity & full-duplex operation Class #4: Advanced Ethernet Features

  5. Advanced Ethernet Features Full-Duplex Operation • IEEE 802.3x • The IEEE 802.x Working Group developed a standard that enhanced switched mode operation by defining full-duplex data transfer operation • IEEE 802.3x finalized in 1997 • Allow independent (and simultaneous) transmission and reception of data by an Ethernet node • Though mistakenly associated with Fast Ethernet, IEEE 802.3x is applicable to all flavors of Ethernet • Also included specifications for flow control across full-duplex links • Requires backwards compatibility (though manual configuration of mixed half and full-duplex equipment requires care! Class #4: Advanced Ethernet Features

  6. Advanced Ethernet Features Full-Duplex Operation • Requirements • Requires the use of a star topology with a central wiring closet • The Ethernet PHY must have independent transmit & receive paths • Baseband coax -> NO! • Fiber and UTP -> YES • There must be only two nodes on a dedicated point-to-point link • Both nodes must be configured for full-duplex operation • Requires switches – beware of “full-duplex” Ethernet hubs! Class #4: Advanced Ethernet Features

  7. Advanced Ethernet Features Full-Duplex Operation • Operational Considerations • While full-duplex ports are CSMA/CD capable, the MAC algorithm is disabled in full-duplex operation • Frames are transmitted as soon as possible with only the IFG (Inter-frame Gap) between frames • While CSMA/CD distance (delay) requirements no longer apply, the noise & attenuation characteristics of the physical media still impose distance limits • For UTP, half and full-duplex limits are the same • For fiber, full-duplex links can span great distances (up to 40km+ with single-mode fiber and expensive optical components) Class #4: Advanced Ethernet Features

  8. Advanced Ethernet Features Full-Duplex Operation • Flow Control across full-duplex links • While great for efficiency, care is needed to prevent full-duplex nodes from being overwhelmed with traffic • The committee incorporated MAC-layer flow control into 802.3x to help prevent buffer overflow at nodes • Without CSMA/CD the methods used for flow control in a half-duplex environment disappeared (e.g.- backpressure) • The 802.3x MAC Control Protocol • The standard defined new MAC control frames to use between nodes in a full-duplex connection • These control frames are special Ethernet frames of type 0x8808 hex that contain opcodes for various functions Class #4: Advanced Ethernet Features

  9. Advanced Ethernet Features Full-Duplex Operation • The PAUSE MAC Control Frame • The only defined MAC Control Command – assigned opcode 0x0001 hex • Sent to the reserved destination multicast address 01-80-c2-00-00-01 • Included in the frame is the Pause time • Can be a value between 0 and 65,535 • This value is a multiplier: receiver multiplies value by 512 bit times to determine the Pause time • During that interval Receiver (of the PAUSE frame) should transmit no frames Class #4: Advanced Ethernet Features

  10. Advanced Ethernet Features Jumbo Frames • Introduction • The effect of frame size on efficiency • Current maximum ethernet frame size is 1518 bytes (1522 with VLAN tagging) • Compare this with other technologies like Token Ring and FDDI • Not efficient for certain applications • File transfers • Compute clusters • Storage Area Networks • “Jumbo” frames nominally refer to any ethernet equipment that can transport frames larger than the ‘standard’ frame size Class #4: Advanced Ethernet Features

  11. Advanced Ethernet Features Jumbo Frames • Implementation • While “Jumbo” frames are implemented by many manufacturers, there is no current standard • This means you must be careful with network design and interoperability • Even in a vendor’s product line there can be differences! • A variety of sizes has been proposed; a very common size is around 9000 bytes • Large enough to allow a complete NFS ‘message’ to ride in a single Ethernet frame • Another common size is around 4470 bytes (to be compatible with other protocols like FDDI) • See for a list of equipment & frame sizes Class #4: Advanced Ethernet Features

  12. Example (TCP packet transfer) • Due to overhead caused by TCP relaibility, the TCP throughput <= ~0.7 * MSS / (rtt * sqrt(packet_loss)), where MSS is maximum segment size (MTU minus TCP/IP headers), rtt is round trip time, and packet_loss is probability of frame loss. • Suppose rtt is about 40 msec, and let's say packet_loss is 0.1%. With an frame size of 1500 bytes (MSS of 1460). Evaluate the TCP throughput. • Answer: TCP throughput= 0.7x1460x8/(0.04x0.033)=6.5 Mbps based on TCP's ability to detect and recover from congestion (loss). • Assume Jumbo Frame of 9000 byte. Evaluate the TCP throughput. • Answer:TCP throughput= 0.7x(9000-40)x8/(0.04x0.033)= 40 Mbps. • Evaluate the packet loss rate to achieve a throughput of 500 Mbps with 1500 bytes and 9000 byte frames. • Answer: packet_loss= (0.7 x MSS/(rtt x TCP_throughput))^2. • We would need a packet loss rate of no more than 1x10^-5 when frame size is 9KBytes. • However, with 1500 byte frames, the required packet loss rate is down to 2.8x10^-7! • While the jumbo frame is only 6 times larger, it allows us the same throughput in the face of 36 times more packet loss. Class #4: Advanced Ethernet Features

  13. Example (Continue) • A 9000 byte GE packet takes the same amount of time to transmit as a 900 byte F-Ethernet packet or a 90 byte 10 Mbps Ethernet packet. • Jumbo frames on GE at worse add less delay variation than 1500 byte frames do on slower Ethernets. • No one is suggesting that slower Ethernets use 9000 byte frames. • As for queueing delay concerns, that could happen whether packets are large or small. If delivery QoS is required, then the routers need to implement some kind of priority or expedited forwarding, regardless of the packet sizes. • Tiny frames (including 53 byte ATM cells) may be helpful when multiplexing lower bit rate streams, but they become increasingly inefficient on gigabit and beyond links. • Conclusion: leaving the local area network at high speed, the dynamics of TCP will require to use large frame sizes. Without them, the packet loss rate over a high bandwidth-delay product path would have to be extraordinarily low. Core internet infrastructure, from campus backbones to Network Access Points (NAPs), should be particularly careful not to limit the permitted MTU to 1500 bytes. In the long run there is no reason to stop at 9000 byte frames, but given the current ethernet CRC limitation it is a good evolutionary step for gigabit data rates. Class #4: Advanced Ethernet Features

  14. Advanced Ethernet FeaturesLink Aggregation • Introduction • Allows an increase in network capacity & availability without changing the underlying network technology • Another alternative to use when upgrading to a higher speed is neither feasible or possible • Sometimes called ‘inverse’ multiplexing • Benefits • Increased bandwidth capacity • Granular capacity increase • Higher link availability • Uses existing hardware Class #4: Advanced Ethernet Features

  15. Advanced Ethernet FeaturesLink Aggregation • Disadvantages • Like any technology there is always disadvantages -- these have kept link aggregation a niche solution • More space & network interfaces necessary • More complexity • More maintenance overhead • Harder to troubleshoot aggregated links • Performance improvements depend on traffic flow Class #4: Advanced Ethernet Features

  16. Advanced Ethernet FeaturesLink Aggregation • Application Scenarios • Switch-to-Switch • Switch-to-Station (possibly a server or router) • Station-to-Station (very rare) Class #4: Advanced Ethernet Features

  17. Advanced Ethernet FeaturesLink Aggregation • Issues & Considerations • Addressing & Interfaces • Need to assign logical MAC across all aggregated NICs • Traffic Distribution Algorithm • How to allocate traffic among aggregated links • Want efficiency, but have to worry about other factors • Transparency to upper layers • Non-duplication • Ordering • Performance Class #4: Advanced Ethernet Features

  18. Advanced Ethernet FeaturesLink Aggregation • Other Considerations • Mixing aggregate-able technologies • Mixing speeds (versions) of aggregate-able technologies • Using aggregation with shared LAN technologies • Must worry about the operation of the MAC algorithm • Really not recommended for use with shared LANs Class #4: Advanced Ethernet Features

  19. Advanced Ethernet FeaturesLink Aggregation • The IEEE 802.3ad Link Aggregation Standard • Work on the standard began in 1998 with final approval in 2000 • Standard applies to Ethernet only • All links in an aggregation must be the same speed • Other restrictions • Only full-duplex links • Only one aggregation group per pair of devices (there can be other individual links between these devices) • Many technical details taken from Etherchannel; an earlier proprietary link aggregation protocol developed by Cisco Class #4: Advanced Ethernet Features

  20. Advanced Ethernet FeaturesLink Aggregation • The IEEE 802.3ad Goals • Incremental bandwidth across logical channels • Linearly incremental bandwidth • Increased link availability • Automatic configuration & fault tolerance via rapid link reconfiguration • Maintenance of link ‘invariants’ • Transparency to upper layers/applications • Backwards compatibility with non-802.3ad equipment • No change to Ethernet frame • Network Management support Class #4: Advanced Ethernet Features

  21. Advanced Ethernet FeaturesLink Aggregation Operation Class #4: Advanced Ethernet Features

  22. Advanced Ethernet FeaturesLink Aggregation • The IEEE 802.3ad Control Protocols • To maintain control of the aggregated links and traffic between devices, two control protocols are used • Marker Protocol • Link Aggregation Control Protocol (LACP) • Marker Protocol • Used to move ‘data flows’ from one aggregated link to another • Uses fixed and link-constrained 128 byte Ethernet frames • Uses request/response operational commands Class #4: Advanced Ethernet Features

  23. Advanced Ethernet FeaturesLink Aggregation • Link Aggregation Control Protocol (LACP) • Used to automatically configure & maintain aggregated links between cooperating systems • Protocol is generally passive, operating in the following manner: • Devices advertise their configuration capability via LACP messages • There are no response messages; devices are supposed to read incoming messages and configure themselves appropriately (usually the best common configuration) • If device status or capability changes; the change is to be advertised via LACP • LACP messages can be overridden by manual configuration Class #4: Advanced Ethernet Features

  24. Advanced Ethernet FeaturesLink Aggregation • Link Aggregation Control Protocol (LACP) • What is exchanged in LACP messages • System ID: used to ensure all aggregated links belong to the same (far-end) device • Port Numbers & Priority: uniquely identifies links & optionally assigns an aggregation priority to a link • Aggregation Link Characteristics: not all links between devices are aggregation candidates; a key (unique value) shared by all links that can be aggregated • Operational Mode: LACP can operate in either Active (send LACP messages without prompt) or Passive mode • LACP Message Transmission Frequency: the configurable time interval between generation of LACP messages Class #4: Advanced Ethernet Features

  25. Advanced Ethernet FeaturesVirtual LANs (VLANs) • Introduction • With LANs as discussed so far, there is no difference between the physical & logical network layout • With VLANs the physical topology can be different than the logical topology • In other words, the set of stations that can communicate as if they are part of the same LAN (via direct MAC layer frames) can now be physically ‘separated’ • Requires the use of VLAN-aware switches • VLAN applications • Moves, Adds, & Changes • LAN Security (traffic isolation) • User Mobility • Bandwidth Efficiency Class #4: Advanced Ethernet Features

  26. Advanced Ethernet FeaturesVirtual LANs (VLANs) • The ‘old’ way Class #4: Advanced Ethernet Features

  27. Advanced Ethernet FeaturesVirtual LANs (VLANs) • The ‘new’ way Class #4: Advanced Ethernet Features

  28. Advanced Ethernet FeaturesVirtual LANs (VLANs) • Requirements for VLAN Operation • Frame tags • VLAN awareness • VLAN association rules • Frame distribution • How do switches know the logical (virtual) groupings? • First, frames belong to VLANs • Two methods of associating frames with VLANs • Implicit ‘tagging’ • Each switch examines the frame and based on its characteristics associates • Explicit tagging • Fields in the frame carry VLAN information Class #4: Advanced Ethernet Features

  29. Advanced Ethernet FeaturesVirtual LANs (VLANs) • Varieties of VLAN Associations • Switch port-number based VLAN membership • MAC-address (48 bit) based VLAN membership • Protocol-based • IP-based • Application-based Class #4: Advanced Ethernet Features

  30. Advanced Ethernet FeaturesVirtual LANs (VLANs) • The IEEE 802.1Q Standard • Due to demand, development of 802.1Q began in 1995 • Final approval in December 1998 • Does not replace IEEE 802.1D (MAC-layer Bridges) but compliments it • Extends it for VLAN-aware switches • Maintains backward compatibility for non-VLAN operation and use in mixed environments • Defined VLAN use with Ethernet, Token Ring, and FDDI • What the standard covers: • Frame tagging • Forwarding/Filtering Database • Priority Operation • Encapsulation of Token Ring/FDDI frames • Automatic distribution of VLAN information • Management of VLAN-aware switches Class #4: Advanced Ethernet Features

  31. Advanced Ethernet FeaturesVirtual LANs (VLANs) • IEEE 802.1Q VLAN Tags & Frame Format • Required modification of the basic Ethernet frame • Designed to fit in & allow operation with non-tagged frames • Required extensive testing to ensure expanded frame (1522 bytes) caused no problems in existing equipment • Maximum Frame size changed in IEEE 802.3ac (1998) Class #4: Advanced Ethernet Features

  32. Advanced Ethernet FeaturesVirtual LANs (VLANs) • IEEE 802.1Q VLAN Tag Fields • VLAN Protocol ID (16 bits): set to 0x8100 hex in all tagged frames • Priority (3 bits): used for the Priority function described later • Canonical Format Indicator (1 bit): only important when using 802.1Q to bridge between technologies • VLAN Identifier (12 bits): allows a maximum of 4094 VLANs in a network • The value 0xFFF hex is reserved • The value 0x000 hex denotes a priority tag only – frame has no VLAN association • E-RIF: optional field used with Token Ring & FDDI LANs employing native source routing Class #4: Advanced Ethernet Features

  33. Advanced Ethernet FeaturesVirtual LANs (VLANs) • IEEE 802.1Q VLAN Switch Operation • ‘Normal’ switches examine the destination MAC address in frames to determine what ports to transmit it on • The filtering/forwarding database matches destination MAC address to a port (unicast) • Unknown MAC addresses are flooded until learned • Broadcast MAC addresses transmitted out all port except the one it was received on • VLAN-aware switches add a second variable into the filtering/forwarding database & corresponding decision • VLAN association for the frame • The switch needs a way to determine which physical ports to associate with a VLAN • Static (manual) mapping • Dynamic mapping Class #4: Advanced Ethernet Features

  34. Advanced Ethernet FeaturesVirtual LANs (VLANs) • Automatic VLAN configuration • To allow easier administration of VLAN-based networks, a control protocol was developed for communicating VLAN information between switches • The protocol, call GVRP (GARP VLAN Registration Protocol), is part of a family of switch-related control protocols • GVRP allows the switch at one end of a link to advertise the VLANs associations for the physical port to the far-end device • Uses a reserved destination MAC address 01-80-c2-00-00-21 • Similar definitions and operation to LACP Class #4: Advanced Ethernet Features

  35. Advanced Ethernet FeaturesTraffic Classes & Quality of Service • Introduction • While priorities are included in several of the 802 protocols and the IEEE 802.1D specification outlines how bridges should map priorities between different protocols, the original specifications do not define a true set of traffic classes • Ethernet as defined has no traffic classes • Bridges are not told how to prioritize frames for transmission) • To provide better MAC layer support for time-critical data an update to the 802.1D specification defines and outlines the use of traffic classes • This work is sometimes called 802.1p because it was the committee that developed the priority mechanisms Class #4: Advanced Ethernet Features

  36. Advanced Ethernet Features Traffic Classes & Quality of Service • The Use of Traffic Classes in IEEE 802.1D • The updated standard relies on three concepts: • User Priority: the priority found in the priority field of the MAC frame – usually carried end-to-end unless it needs to be modified to fit the rules of a transit MAC protocol • Access Priority: the priority with which a bridge accesses the outbound LAN to transmit a frame it must relay • Traffic Class: if bridge has multiple queues for outbound traffic, the traffic class is used to determine the relative priority of the queues • The Traffic Class is assigned by the bridge on the basis of incoming user priority • Traffic classes help reduce the queuing delay seen by high priority frames, though there is still an access delay for transmission (based on the outbound MAC protocol) Class #4: Advanced Ethernet Features

  37. Advanced Ethernet Features Traffic Classes & Quality of Service • The Use of Traffic Classes in 802.1D (continued) • Eight traffic classes are defined & usable for each outbound port, corresponding to eight distinct outbound queues • Within a queue a FIFO discipline is typically used; strict ordering in the traffic class • Output scheduling • There are two basic choices for determining how to pull data out of the queues for transmission • Obviously, strict round robin is not one of the choices! • Strict Priority – transmit any waiting frames out of the highest priority queues exclusively • Weighted Fair Queuing (WFQ) • Uses round robin but is modified by a weight • Higher weights assigned to higher priority queues Class #4: Advanced Ethernet Features

  38. Advanced Ethernet Features Traffic Classes & Quality of Service • The Use of Traffic Classes in 802.1D (continued) • Bridge Queue Diagram Class #4: Advanced Ethernet Features

  39. Advanced Ethernet Features Traffic Classes & Quality of Service • Weighted Fair Queuing Class #4: Advanced Ethernet Features

  40. Advanced Ethernet Features Traffic Classes & Quality of Service • Mapping of User Priority to Traffic Class • The recommended 802.1D mapping of incoming user priority to traffic class is shown in Table 12.4 • If the 802.1Q (virtual LAN) specification is in use the priority field in the tag header can be used to determine the traffic class if necessary • How this is done was already discussed • Even protocols like 802.3 and 802.11 that support only one access priority can support multiple traffic classes (queues) but how the queues are filled are determined by other parameters (e.g. – protocol type) Class #4: Advanced Ethernet Features

  41. Advanced Ethernet Features Traffic Classes & Quality of Service • Internet Traffic Quality of Service • Many higher layer protocols have QoS mechanisms; there should be some way to map higher level QoS levels to 802.1D traffic classes • There are a couple of difficulties with this: • Internet traffic usually traverses a set of diverse networks making mapping between layers difficult • Lower layers typically cannot ‘see’ the QoS mechanisms used in higher layers • In IP and ATM networks this would allow higher layer QoS (like the IP TOS bits or ATM service class) to be used to set the priorities of frames wherever possible • Though important for the construction of internets with end-to-end QoS support, this is an area of ongoing research that currently lacks approved standards Class #4: Advanced Ethernet Features

  42. Advanced Ethernet Features Traffic Classes & Quality of Service • The Final Word on Traffic Classes • Remember – there is a difference between Quality of Service and Class(es) of Service • Quality of Service provides or tries to guarantee the system/network will provide certain agreed upon service levels • Minimum bandwidth • Maximum Delay • With Classes of Services there are not ‘guarantees’ per say Class #4: Advanced Ethernet Features

  43. Advanced Ethernet Features Port Authentication • Introduction • Once upon a time the Internet was a friendly place… • There was not much worry about security; nowadays that is obviously not the case • The IEEE saw the need to secure the ‘edge’ of the network as a key security weakness • Main targets • Wireless networks (IEEE 802.11) • ‘Edge’ Ethernet ports Class #4: Advanced Ethernet Features

  44. Advanced Ethernet Features Port Authentication • IEEE 802.1x • A working group was established to address ‘edge’ security and develop a standard solution (Sum 2001) • Solution is not Ethernet-specific, but it has been adopted mainly for securing 802.3 & 802.11 (WLANs) • General Operation • IEEE 802.1x allows a network device (switch) to query and authenticate a node before allowing network access • Supported on Win XP and CE nodes; third-party add-ins for other operating systems • If the 802.1x-capable device does not hold authentication information, it must have some ‘back-end’ access to an authentication server (via another authentication protocol such as RADIUS or TACACs) Class #4: Advanced Ethernet Features

  45. Advanced Ethernet Features Port Authentication • IEEE 802.1x Operation • Allows authentication via username/password or some other user-based credentials • Uses EAPOL (Extensible Authentication Protocol over LAN) for the node (802.1x Supplicant) to exchange authentication data with the switch (802.1x Authenticator) • EAPOL adapted from earlier authentication protocols developed for PPP (Point-to-Point Protocol) • Port remains “locked” until successful authentication occurs • Some vendors support more advanced features based on 802.1x (VLAN selection), but this is not part of the standard Class #4: Advanced Ethernet Features

  46. Advanced Ethernet Features Port Authentication • IEEE 802.1x Operation Class #4: Advanced Ethernet Features

  47. Advanced Ethernet Features Port Authentication • IEEE 802.1x Operation (2) Class #4: Advanced Ethernet Features

  48. Advanced Ethernet Features Port Authentication • IEEE 802.1x Operation (3) Class #4: Advanced Ethernet Features

  49. IEEE 802.3 Family of LAN ProtocolsHomework & Reading • Homework #3 - Due at Class #6 in two weeks • Chapter 7: 7.2, 7.7 • Additional Question (5 points): download Ethereal ( or an equivalent sniffer program and install on a PC you have access to and permission to use. Capture a web session in a file (at least getting a couple of different pages) and explain what traffic you see. If any frames appear that are not part of the web session explain why they are there. • Complete Lab#1 in the OPNet Lab Manual, submit your answers to the questions at the end of the Lab • Reading • This week’s material: Stallings chapters 7 and 12.5 • Next week: Chapter 8, 9, and 10 Class #4: Advanced Ethernet Features