See Cisco's Internetworking Basics for a discussion of the OSI Reference Model and how it organizes the information flow from one host (computer) to another. Of the seven layers of the OSI Reference Model, this lecture focuses on the Ethernet implementation of layer 2 and the IP implementation of layer 3.
Peer layers on separate hosts communicate by the interchange of Protocol Data Units (PDU's). PDU's are sent and received by each layer making use of the services if its neighboring layers in the protocol stack. Service Data Units (SDU's) are passed to a neighboring layer where it is either encapsulated for delivery as a PDU for the next lower layer, or the encapsulation is removed and the payload PDU is returned to the next higher layer. Actual movement of data from host to host is accomplished on layer 1, the physical layer.
Layers 1 and 2 implement Local Area Networks (LAN's). LAN are small, geographically local, and consist of homogeneous networking technologies. Layer 3 uses layer 2 services to create Wide Area Networks (WAN's), which are larger, geographically dispersed, and consist of heterogeneous networking technologies.
Ethernet PDU's
Ethernet comes in two forms: DIX and 802.3/SNAP. DIX is the original ethernet specified by Digital, Intel and Xerox - hence the name DIX. Later, IEEE introduced a modified format which renamed one byte of the preamble with a Start Of Frame delimiter and replaced the DIX type with a Length field. Since ethernet packets must never be smaller than 64 bytes, small payloads must be padded. The padding must be removed and the length field guides this. DIX depended on the payload having it's own length field for this purpose. Having removed the type field, 802.3 went on to include a SNAP field just following the old ethernet header which serves this need.
Actually, there are three forms. The original 802.3 first came out with an 802.2 three byte code to follow the old ethernet header. This proved worthless and SNAP was substituted. SNAP and 802.2 are made consistent by assigning certain values to the 802.2 headers which indicate that the SNAP follows.
Ethernet addresses are 48 bits, and are customarily written as six groups of two digit hex delimited by colons or hyphens. Here is what happens when I dump my ARP table on Win2K:
C:\>arp -a Interface: 129.171.34.27 on Interface 0x1000003 Internet Address Physical Address Type 129.171.34.4 00-a0-c9-de-71-de dynamic 129.171.34.23 08-00-2b-2e-79-74 dynamic 129.171.34.221 00-60-97-6c-66-e7 dynamicThe Physical Addresses are ethernet address. An ethernet address is unique throughout the world. This is accomplished by assigning to manufactures the prefix of the address. Tables can therefore tell you, for instance, that 129.171.34.23 has a DEC card, and is therefore, probably, a DEC Ultrix machine. See RFC 1340 for a list of codes. Finally, the ethernet address ff-ff-ff-ff-ff-ff is reserved as the broadcast address. A PDU sent to address is to be received by all L2 layers on the LAN.
The exact anatomy of a ethernet PDU consists of a header followed by payload, either encapsulated upper layer PDU's or control information for this layer, followed by a trailer. The header has a source and destination address, as well as a type field by which the encapsulated PDU is interpreted.
Questions
IP PDU's
The layer 3 protocol is IP. Current deployment is version 4, with a new deployment, IPv6, underway. The An IP PDU has a header followed by the payload. The anatomy of an IP PDU is defined in RFC 791. There is a header followed by a payload - no trailer. The header includes:
While ethernet addresses are arbitrary, IP addresses are structured into a network portion and a host portion. Two IP addresses which agree on the network portion of their addresses can use layer 2 services for direct delivery of the PDU (or so the theory goes). Else the packet will hop through several layer 2 deliveries connected by layer 3 relays in order to effectuate delivery. These layer 3 relays are called routers or gateways.
IP addresses are 32 bits (in IPv6 they will be 128 bits). They are usually specified by converting each octet to decimal and writing them down delimited by periods, e.g. 129.171.34.23. The IP address of a network is denoted by replacing the host portion by zero. E.g. the net 129.171.34.0 on which is found host 129.171.34.23. As with layer 2 ethernet, IP also has need of a broadcast: a destination address signifying all hosts on the network. Replacing the host portion by all one's is the broadcast address for the network, e.g. 129.171.34.255 broadcasts on network 129.171.34.0.
Traditionally, division between the network and the host part of the the IP address could be inferred from the high bits of the address. Now it is more often necessary to specify explicitly the netmask, those bits which form the network part of the address. E.g. netmask 0xffffff00 for network 129.171.34.0, this is also written 129.171.34.0/24.
IP routing and ARP Questions
IP fragmenting
ICMP Among the payload types of IP is ICMP. The PDU for ICMP consists of a operation code, some sequence numbers and additional data. For instance, ICMP responses which signal errors will place the header and first 64 data bits of the offending IP packet into the data section of the ICMP response.
Questions
Networking stacks in Linux and FreeBSD
References