Please enable JavaScript.
Coggle requires JavaScript to display documents.
2.3 Describe Ethernet and ARP - Coggle Diagram
2.3 Describe Ethernet and ARP
2.3.1 The purpose of ARP.
(Mellissa)
Ethernet Protocol
Ethernet Encapsulation
Ethernet is the most widely used LAN technology today.
Defined in the IEEE 802.2 and 802.3 standards.
Supports data bandwidths of 10 Mb/s, 100 Mb/s, 1000 Mb/s (1 Gb/s), 10,000 Mb/s (10 Gb/s), 40,000 Mb/s (40 Gb/s, and 100, 000 Mb/s (100 Gb/s).
Ethernet operates in the data link layer and the physical layer.
Ethernet also relies on the two separate sublayers of the data link to operate, LLC and MAC sublayers.
The Ethernet LLC sublayer handles the communication between the upper layers and the lower layers.
It is implemented in the software, and its implementation is independent of its hardware.
The MAC sublayer constitutes the lower sublayer of the data link layer. MAC is implemented by the hardware, typically in the computer's NIC.
MAC sublayer
The MAC sublayer has
two
primary responsibilities:
Data encapsulation
Media access control
Data encapsulation provides
three
primary functions:
Frame delimiting
Addressing
Error detection
Ethernet Frame Fields
Frames less than 64 bytes are called a "collission fragment" or "runt frame" and are automatically discarded by receiving stations.
Frames greater than 1500 bytes of data are considered "jumbo" or "baby giant frames".
If the size of a transmitted frame is less than the minimum or greater than the maximum, the receiving device drops the frame.
Address Resolution Protocol
Introduction to ARP
When a device sends an Ethernet frame, it contains these
two
addresses:
Destination MAC address
Source MAC address
The device uses ARP to determine the destination of MAC address.
Two basic functions of ARP:
Resolving IPv4 addresses to MAC addresses and maintaining a table of mappings.
ARP Functions
Ethernet devices refer to an ARP table in its memory (e.g RAM) to find the MAC address that is mapped to the IPv4 address.
A device will search its ARP table for a destination IPv4 address and a corresponding MAC address.
Removing Entries from an ARP Table
Every device has an ARP cache timer that removes ARP entries that have not been used for a specified period of time.
The times differ depending on the device's operating system.
ARP Tables
On a Cisco router, the
show ip arp
command is used to display the ARP table.
On Windows 7 PC, the
arp-a
command is used to display the ARP table.
ARP Broadcasts
As a broadcast frame, an ARP request is received and processed by every device on the local network. ARP requests can flood the local segment if a large number of devices were to be powered up and all start accessing network services at the same time.
ARP Spoofing
Attackers can respond to requests and pretend to be providers of services.
One type of ARP spoofing attack used by the attackers is to reply to an ARP request for the default gateway.
2.3.3 Explain how network device use routing tables (Kumbau)
Host Forwarding Decision
-An important role of the network layer is to direct packet between hosts
Itself
-A host can ping itself for testing purposes using 127.0.0.1 which is referred to the loopback interface
Local host
-This is a host on the same local network as the sending host
Remote host
-This is a host on a remote network
Default Gateway
The default gateway is the network device that can route traffic out to other network. It is the router that routes traffic out of a local
This occurs when the destination host is not on the same local network as the sending host
Directly Connected Routing Table Entries
When a router interface is configured and activated, the following two routing table entries are created
C
-Identifies that the network is directly connected and the interface is configured with an IP address and activated
L
-Identifies that it is a local interface. This is the IPv4 address of the interface on the router
Using the Default Gateway
The host receives the IPv4 address for the default geteway from DHCP, or it is manually configured
Having a default geteway configured creates a default route in the routing table of a host-which is the route the computer will sent a packet to when it needs to contact a remote network
Host Routing Tables
Three sections will be displayed
Interface List
-List the Media Access Control(Mac) address and assigned interface number of network interfaces on the host
IPv4 Route Table-Lists all known IPv4 routes
IPv6 Route Table-Lists all known IPv6 route
Router Packer Forwarding Decision
When a route receives a packet destined for a remote network, the router has to look at its routing table to determine where to forward the packet .A router's routing table contains
Directly-connected route-These route come form the active router interface configured with IP address
Remote routes-These routes come form remote network connected to other route
Default route-This is where the packet is sent when a route does not exist in the routing table
Understanding Remote Route Entries
The D represents the Route Source which is how the network was learned by the router. D identifies the route as an EIGRP route or (Enhanced Interior Gateway Routing Protocol)
90 is the administrative distance for the corresponding network-or the trustworthiness or the route
2170112-repersents the metric or value assigned to reach the remote network
209.165.200.226-next-hop or IP address of the next router to forward the packet
00:00:05-Route Timestamp identifies when the router was last heard from
Serial/0/0/0- Outgoing Interface
Next Hop Address
When a packet arrives at a router destined for a remote network, it will send the packet to the next hop address corresponding to the destination network address in the routing table
For example, if the R1 router in the figure to the left receives a packet destined for a device on the 10.1.1.0/24 network it will sent it to the next hop address of 209.165.200.226
Notice in the routing table a default geteway address is not set-if the router receives a packet for a network that isn't in the routing table, it will be drop
IPv4 Router Routing Table
On a Cisco IOS router the
show ip route
command is used to display the router's IPv4 routing table. The routing table shows
Directly connected and remote routes
How each route was learned
Trustworthiness and rating of the route
When the route was last update
Which interface is used to reach the destination
A router examines an incoming packet' s header to determine the destination network
2.3.2 Explain why the IPv4 protocol requires other layer to provide reliability
(Ainor & Fadzri)
Network Layer Protocols
(Ainor)
use 4 processes in order to provide end-to-end transport
routing
addressing of end devices
encapsulation
de-encapsulation
the most commonly internet protocol are :
internet protocol version 4 (ipv4)
internet protocol version 6 (ipv6)
encapsulating IP
transport layer segment by adding an ip header for the purpose of delivery to the destination host.
The IP header stay the same from the source to the destination host
process of encapsulationg data layer by layer enables the services at different layers to scale without affecting others
characteristic IP
designed as protocol with low overhead-it provides only fucntion required to deliver a packet from the source to a destination
an ip packet is sent to the destination without prior establishment a connection
IP connectionless protocol
sender do not know whether or not the destination is present,reachable or function
no dedicated end-to-end connection before data is sent
similiar process as snail mail
IP best effort delivery
onsidered unreliable because its not guarantee that all packet that are sent will be received
unreliable means that ip does not have the capability to manage and recover from undelivered
IP media independent
rom the media that carry the data at lower layer of the protocal stack.doesnt care if the media copper cable,fiber optic or wireless
the OSI data link layer is responsible for taking the ip packet and preparing it for transmission
the network layer does have maximum size of the PDU that can be transported and its referred to as Maximum Transmission Unit (MTU)
IPv4 and IPv6 Packets
(Fadzri)
IPv4 packets
a prefix to an ip packet that contain information. It consists of the following fields. For IPv4,this field has a value of 4
Limitations of IPv4 :
a)Ip address depletion= has a limited number of unique public IPv4 addresses available
b)Internet routing table= routing table contains the routes to different netwrok in order to make the best path
c)Lack of end-to-end connectivity=network address translation (NAT) was created for devices to share a single IPv4
Example for IPv4 packet header :
IPv6 Packet
Introducing IPv6
In early 90s, IETP started looking at replacement for IPv4 and its led to IPv6 and its designed to address the depletion of IP addresses and change the way traffic is managed
Advantage for IPv6 :
Improved packet handling – fewer
fields with IPv6 than IPv4
Eliminates the need for NAT – no
need to share addresses with IPv6
Increase address space - based on 128-bit addressing vs 32-bit with IPv4
Example for IPv6 packet header :
Encapsulating IPv6
Advantage for IPv6 (cout.) using simplified
header :
Simplified header format for efficient packet handling between private and public addresses
Hierarchical network architecture for routing efficiency
Autoconfiguration for addresses
Elimination of need for network address translation (NAT)
IPv6 Packet Header
Version - a 4-bit binary value set to 0110 that identifies it as a IPv6 packet
Trafic class - 8-bit field equivalent to the IPv4 Differentiated Services (DS) field
Flow Label – 20-bit field suggests that all packets with the same flow label receive the same type of handling by routers
Payload Length – 16-bit field indicates the length of the data portion or payload of the packet
Next Header – 8-bit field is equivalent to the IPv4 Protocol field. It indicates the data payload type that the packet is carrying
IPv6 Packet Header (Cont.)
IPv6 packet header fields :
Hop Limit – 8-bit field replaces the IPv4 TTL field. This value is decremented by 1 as it passes through each router. When it reaches zero, the packet is discarded
Source IPv6 Address – 128-bit field that identifies the IPv6 address of the sending host
Destination IPv6 Address – 128-bit field that identifies the IPv6 address of the receiving host
