Computer network--Link layer

Data Link Layer: Overview The channels used primarily with the service link layer include:

• Broadcast channel: This channel uses a one-to-many broadcast communication mode, so the process is more complex. There are many hosts on the broadcast channel, and we must use a dedicated shared channel protocol to coordinate the data transmission of these hosts.
• Point-to-point channel: This channel uses a one-to-one point-to-point communication method

Services provided by the link layer

The link-layer protocol defines the grouping format of interactions between nodes on both sides of the link, as well as the actions taken by those nodes when sending and receiving groupings.
The services that the link layer protocol may provide include:

Service	Overview
Framing	When each datagram is transmitted, it is encapsulated with a link-layer frame. A frame consists of a header, a data field, and a trailer. The data field of the link layer is the datagram of the network layer.
Link Access	The Media Access Control Protocol (Medium access Control,mac) specifies the rules for frames to be transmitted over a link. When there is only one on the end, you can send it randomly, Mac does not limit. When multiple access issues occur, the MAC protocol coordinates multiple node transfers
Reliable delivery	Indicates that there can be no error passing frames between the two link layer nodes. Use a similar acknowledgment and retransmission with TCP. Generally used for links with large error rates (WIFI, etc.). The low-bit link (fiber optics, etc.) is generally not used.
Error detection and correction	Error detection is used to detect bit errors and is usually implemented by hardware. Error correction can correct the occurrence of bit errors

Adapter Communication

For a given link to a communication, the main part of the link layer protocol is implemented in the adapter. In the host, the body of the link layer is implemented in the network adapter (network interface card), or some functions are implemented by software, such as assembling the link layer addressing information and activating the controller hardware. At the core of the network card is the link layer controller, the controller realizes many link layer service (frame, link access, error detection) of the special chip, Therefore, many of the functions of the link layer are implemented with hardware.
The adapter is a semi-autonomous unit.

Error detection and error correction technology parity check

Parity for a single bit
The parity of a single bit means that the last parity bit is appended to the data to be sent. The odd check means that the number of 1 in the entire code is odd. Even if there is an even number of bits, the parity check is not detected.
Two-dimensional parity check
D bits in D are divided into I-row j columns. The parity value is not calculated for each line. The generated i + j + 1 parity bits constitute the error detection bit of the link layer frame.

When a single bit error occurs, the rows and columns that have errors occur. The receiver can not only detect errors, but also can correct it according to the row and column index
A two-dimensional parity check can also detect (but not correct) any combination of two bit errors.
If there are two bit errors on the same line, then the parity of that line is correct, but there will be two columns of parity failure. If you do not walk, there will be four columns error. Neither of these cases can be corrected, only detection. However, there are some even error cases where Evich parity is not detectable.
The ability of the receiver to detect and correct errors is referred to as forward error correction.

Inspection and methods

In the checksum method, the data is cut into a sequence of K-bits, all of which are added and then the inverse code is the checksum. After the receiver receives the data, it adds all the data (including checksums). Whether the results are all as a criterion for judging whether the data is wrong or not.
Compared to the CRC, the checksum provides a weaker protection.
Why does the transport layer use a checksum while the link layer uses the CRC?

• The transport layer is implemented using software, and a simple and fast solution is required (checksum)
• The CRC of the link layer is implemented by hardware, and the CRC operation can be performed quickly.

Cyclic redundancy detection (CRC)

Encoding and decoding steps
CRC encoding is also called a polynomial code, because the encoding can be sent to the bit string as a factor of 0 or 1 a bit string, the operation of the bit string is interpreted as the polynomial arithmetic. This is more about the polynomial theory.
The encoding steps are as follows:

1. The sender and receiver implementations Negotiate an R + 1 bit pattern (bit string) G, which is called generating a polynomial. The highest bit of G is required to be 1.
2. For a given data segment D, the sender chooses R additional bits R and attaches them to D.
3. The resulting D + R bit pattern can be evenly divisible by G by using modulo 2 arithmetic. (Modulo 2 arithmetic is XOR)

The decoding step of the receiver is simple, and G removes the received D + R bit. If the remainder is not 0, the receiver knows the error. Otherwise the data is considered to be properly received.
How to calculate R?
To make R for N there is: D * 2 r XOR r = NG.
Both sides of the same XOR or R: D * 2 r = NG XOR
So R = remainder {D * 2r/g}

Multi-Access Protocol channel Partitioning protocol

TDM (Time Division Multiplexing)
TDM divides the time into timeframes and further divides the timeframes into N time slots (slots). (Frame and link layer switched cell frames are not a meaning)
Each time slot is then assigned to one of the N nodes. Whenever a node is in a group that wants to be sent, it transmits packet bits within the timeslot assigned to it in the loop TDM frame. The time slot length should normally be a time slot to transmit a packet
Disadvantages of TDM

• The maximum rate can only reach r/n bps, even if only one person uses the channel
• The node always waits for its time slot, which can cause pressure on the cache, etc.

FDM (Frequency Division multiplexing)
FDM divides the RBPs channel into different bands (each band has r/n bandwidth) and divides each band into one of the N nodes. Therefore FDM creates n smaller r/n channels in n large channels.
FDM has the same drawbacks as TDM, limiting the use of only r/n bandwidth per node.
Code Division multiple address
Also known as CDMA, this is not described here. You only need to know the frequency of the TDM-like timeslot and FDM, which can be assigned to users of multiple access channels.

Random Access Protocol

time slot Aloha
The principle of time slot Aloha is

• When a node has a new frame to send, it waits until the next timeslot starts and transmits the entire frame in that timeslot.
• Transfer the frame successfully without a collision
• If a collision occurs, the node detects a collision before the end of the timeslot. The node re-passes the frame with probability p, knowing that the frame is out.

Advantages:

• When nodes are the only active node, the timeslot Aloha allows the nodes to transmit at full speed.
• The time slot Aloha is a simple protocol

Disadvantages:

• When a large number of nodes have frames that need to be transmitted, up to 37% of the time slots do work effectively. Therefore, the channel transmission efficiency is 0.37Rbps. (Derivation process reading)

ALOHA
The Aloha is a non-temporal, decentralized protocol. When a frame needs to be transmitted, the Aloha is transferred immediately. If a collision occurs, Aloha will retransmit the frame with an introduction p. Otherwise, the node waits for a frame to be transferred. Because of the Aloha dispersion, the maximum efficiency of the Aloha is only 1/(2e). Only half of the Aloha of the last slot.
Carrier-Listening multi-access (CSMA)
The meaning of carrier interception consists of two points:

• Listen before you speak: A node is sent before it needs to be heard, if there are other nodes in the send, waiting to be sent out.
• If other nodes are sent, stop sending immediately.

Why are all nodes in the carrier listening, or are they colliding?
Because the channel transmission will have a delay (although the speed is close to the light).
Carrier-listening multi-access with Collision detection (CSMA/CD)
In pure csma, even if a collision is detected, the node will still send its frame. In CSMA/CD, the node detects a collision and stops sending a useless frame, which helps improve protocol performance.
CSMA/CD the process of running

1. The adapter obtains datagrams from a network layer, encapsulates them into frames, and puts them into the frame adapter cache.
2. If the adapter hears that the channel is idle, it transmits. If the channel is busy, wait until it is busy.
3. Transmission without listening to other nodes of the signal energy, complete the transmission. If detected, the transmission is aborted.
4. After the abort, wait for a random amount of time (binary exponent back), and return to step 2.

If each node waits for the same time t, it may crash. In order to solve this problem, the binary exponential fallback algorithm is generally used.
Binary exponential fallback algorithm: When transmitting a frame, if it undergoes a series of n collisions, the probability of node random is selected from [0, 1, 2,3,..., 2n-1], and then waits for K * 512 bit time (for example, for 100Mbps, this time is 5.12 microseconds.) After re-transmission.
CSMA/CD protocol Efficiency: efficiency = 1/(1 + 5dprop/dtrans), where Dprop represents the maximum time required for signal energy to propagate in any two adapters, Dtrans represents the time to transmit a maximum length of Ethernet frame. From the formula can be seen if the Dprop near 0 , the efficiency is close to 1

Link Layer Addressing

1. Address Resolution Protocol (ARP), which provides a mechanism for a node to convert an IP address to a link-layer address.
2. Dynamic Host Configuration Protocol (DHCP).

MAC address

Not a node has a link-layer address, but a node's adapter has a link-layer address.
The purpose of a MAC address is to identify the interface from which the LAN is a frame to which other interfaces are physically connected. Therefore, hosts or routers that have multiple network interfaces will have multiple link-layer addresses associated with them, just as they also have multiple IP addresses. It is important to note that the link layer switch does not have a MAC address.
The MAC address is also known as the LAN address, the physical address.
The MAC address is 6 bytes long, with a total of 248 possible MAC addresses.
The MAC address space is managed centrally by the IEEE. When a company wants to produce an adapter, he pays a nominal amount to the IEEE and buys a 224 address space. The IEEE secures the top 24 bits, and the last 24 bits generate a unique identity by each company itself.
When the adapter receives a frame, it first checks that the MAC address of the frame is consistent with its own interface Mac and discards the frame if it does not match, if the match is passed up. This adaptation is implemented using hardware.
FF-FF-FF-FF-FF-FF is the only MAC address used for broadcasting.

Address Resolution Protocol (ARP)

what does ARP do?
The task of ARP is to convert the IP address of the network layer and the Mac of the link layer
The ARP module on the sending host will enter any IP address on the same LAN and return the corresponding MAC address
DNS and ARP are similar, but the difference between DNS and ARP is that DNS resolves host names for any host on the Internet, and ARP resolves IP addresses only for host and router interfaces on the same subnet.
How does ARP work?
Each host or router has an ARP table in its memory, which contains the mapping of the IP address to the MAC address. There is also a lifetime (TTL) value in the ARP table that indicates when each mapping is removed from the table, and the expiration time for a table entry is typically 20 minutes
This table does not have to contain one table entry for each host and router on the subnet, some may never have entered the table, some may have expired
When the host 222.222.222.220 to send a datagram, the datagram will be IP addressed to another host or router on the subnet. The sending host needs to get the MAC address and send it. If this item is available in the ARP table, it will be taken directly. If not, an ARP packet is sent.
An ARP packet has several fields, including sending and receiving IP addresses and MAC addresses. Both the ARP query grouping and the ARP response grouping have the same format.
222.222.222.220 sends an ARP query packet to the broadcast address FF-FF-FF-FF-FF-FF, each node in the subnet passes the packet up to the ARP module, and the ARP checks whether the IP address in the query packet is the same as its own. The matching one sends the query back (not broadcast) an ARP response, and then 222.222.222.220 updates its ARP table and sends the datagram

TIP:

• ARP query is broadcast, ARP response is standard transmission
• ARP is Plug and Play and does not require administrator configuration
• ARP is the protocol that crosses the link layer and the Network layer boundary
• When you send data to another subnet, each time you use ARP to find the next hop, and then one hop at a time. Cannot parse directly with ARP because it is not in a subnet at all

Dynamic Host Configuration Protocol (DHCP)

DHCP is a client/server protocol.
For a newly arrived host, the DHCP protocol is carried out in four phases:

1. DHCP server Discovery (Discovery): The first task of a new arrival host is to discover a DHCP server that interacts with it. Complete by using a DHCP discovery message.
2. DHCP server provides (DHCP server offer): When a DHCP server receives a DHCP discovery message, it responds to the client sending back a DHCP delivery message (contained in a UDP segment, the UDP segment is contained in an IP datagram, and the IP datagram is contained in a link-layer frame. The link layer frame is then sent to the newly arrived client).
3. DHCP Request: The newly arrived client selects one from one or more server providers and responds to the selected offer with a DHCP request message, responding to the relevant configuration parameters.
4. DHCP ack (DHCP ACK): The server responds to a DHCP request message with a DHCP ACK message confirming the required parameters.

Ethernet

Ethernet is a LAN technology.
The main structure of Ethernet is the star topology, which uses switches instead of hubs.
The switch is not only collision-free, but also a veritable storage-forwarding packet switch. The switch is running on the second tier.

Ethernet Frame Structure

|– Pre-Sync code –|– Destination address –|– Source address –|– type –|– data –|–crc–|

Field	Description
Data fields (46-1500 bytes)	This field hosts the IP datagram. The Maximum Transmission Unit (MTU) of the Ethernet is 1500 bytes. If it is more than the Shard. The minimum is 46 bytes, if not enough, it will be populated. The network layer uses the length of the IP datagram token to determine the bytes that are stripped of the padding.
Destination Address (6 bytes)	The MAC address of the network card. Only this interface address and broadcast address will be sent to the network layer by the receiving party.
Source Address (6 bytes)	Sender's MAC Address
Type field (2 bytes)	Not necessarily the data must be an IP datagram. It may be a variety of network protocols. such as Arp,appletalk. Used to mark Network layer protocol types for proper distribution to the network layer
CRC (4 bytes)	Used to correct
Pre-sync Code (8 bytes)	The first seven bytes are used to "wake up" the receive adapter, and the synchronization clock frequency (in order to support different Ethernet rates will always drift). The last two bits of the 8th byte (the first 1 consecutive occurrences) are used to warn the network card: "Data is coming soon"

Ethernet is non-connected and provides unreliable services to the network layer. When a frame error is detected using the CRC, it is simply discarded and does not confirm retransmission

CSMA/CD: Multi-access Protocol for Ethernet

Analyzed earlier, no longer analyzed here

Interconnect: Link Layer switch forwarding and filtering

Filtering is the switch function that determines whether a frame should be forwarded to an interface or should be discarded.
Forwarding is the function that determines which interface a frame should be directed to and directs the interface.
Forwarding and filtering through the switch table to complete
The switch table entries are:

• MAC address
• The interface number that leads to the MAC address
• Time that the table item is placed in the table

Switch forwarding packets are not the same as routers, and switch forwarding is grouped based on MAC address
When a destination address is sent, the switch does the processing:

• When the table item is not in the table, the switch broadcasts (except the source interface)
• Tabular source interface and destination interface, switch drop packet (already broadcast over LAN segment with destination)
• Tabular must have a table item match, and not a source interface, the switch forwards the packet in the past.

Self-learning

The switch is so self-learning

• The switch is initially empty
• Each incoming frame arrives, the switch stores 1. The frame source address 2. The frame arrives at the interface 3. Current time
• If the switch does not receive a frame of the same source address after the aging period, the switch deletes the table entry. (Prevents one PC on the interface from being replaced by another)

Switches are Plug and Play

The nature of the link layer switch

Several advantages of the switch:

• Eliminate collisions: The LAN using the switch does not have bandwidth wasted by collisions. The switch caches frames, and only one at a time. The maximum aggregation bandwidth is the sum of all interfaces
• Heterogeneous Links: Switches isolate links from each other
• Management: Easy network management for switches

TIP: Switch poisoning

• An attacker sends a large number of packets with different source MAC addresses to the switch, filling the switch table entries with forged table entries. The switch can only broadcast most of the frames, which can be captured by the sniffer to

Switch vs. Router comparison

Advantages and disadvantages of the switch
Advantages:

• Pnp
• With relatively high packet filtering forwarding rates

Disadvantages:

• Large switching networks require large ARP tables on the host and router, which generates considerable ARP traffic and throughput.
• The switch does not provide any protection against broadcast storms, and if the host fails to broadcast the frame continuously, the switch forwards all frames and causes the Ethernet to crash

Advantages and disadvantages of routers
Advantages:

• Routers do not have spanning tree limits, so routers allow the Internet to be built with a rich topology
• Routers provide firewall protection for second-level broadcast storms

Disadvantages:

• Not Plug and Play
• Long Processing group Time

Link virtualization: Network as a link layer

The goal of Multiprotocol label switching is to enhance functionality by selecting new identity datagrams and allowing routers to forward datagrams based on fixed-length labels (rather than destination IP addresses), without abandoning the infrastructure based on destination IP datagram forwarding, for technologies based on fixed-length tags and virtual circuits.
MPLS packets can only be sent between MPLS enabled routers because the first part of MPLS is between the link layer and the network layer header, which is not known by ordinary routers.
The MPLS enabled router advertises the other route to the destination a that it can reach, and advertises a label for MPLS to the destination a.
When an MPLS packet arrives, the router parses the label, looks up the MPLS table, and then replaces the label with the Out label in the table and sends it to the interface labeled in the table (like a virtual circuit).
MPLS can configure an precomputed, trouble-free path to deal with link failures.

Computer network--Link layer