Two-layer forwarding principle

12-Tier Forwarding basics

Here the two layer refers to the computer network seven layer model two layer, from the first layer to the 7th layer are the physical layer, Data link layer, network layer, transport layer, Session layer, presentation layer and application layer. Another is the 4-layer (or 5-layer) network model, which is the data link layer, the network layer, the transport layer and the application layer, and if you add the physical layer according to the 5-tier theory. The two layers here refer to the Data link layer.

1.1 Ethernet Fundamentals

Ethernet Collision Detection

CSMA/CD: Carrier interception and collision detection, when the host sends a packet, it detects if the line is occupied by another host, ensures that the line is idle when the packet is sent, finds that the conflict stops sending, delays a random time, and then continues sending.

MAC address

The MAC address is the physical address, the size is 48 bits, 6 bytes, the first 24 bits are the manufacturer code, the last 24 bits are the serial number, for example the H3C manufacturer code is 00-0f-e2.

• Unicast address: The first byte has a minimum bit of 0, such as 00-0f-e2-00-00-06
• Multicast address: The first byte has a minimum bit of 1, such as 01-0f-e2-00-00-06
• Broadcast address: 48 bits are all 1, such as Ff-ff-ff-ff-ff-ff

Ethernet frame Format

The first two fields are the destination address and the source address field, respectively. The 3rd field is a 2-byte type segment that identifies what protocol was on the previous layer (0X800:IP protocol, 0X0806:ARP protocol, etc.). The 4th field is a data field , and the length is between 46-1500 bytes. The last field is the CRC check field, which holds 4 bytes of frame detection sequence FCS. The validation range is the destination address, the source address, the type, and the data field.

The Mac frame length is a minimum of 64 bytes, the data field is 46 bytes minimum, and if not enough, the 0 padding is automatically added.

Mac frame format, its header does not have a frame length field, then how does the MAC layer know the received Ethernet frame to take out how much bytes of data to deliver the last layer of protocol? We know that the Ethernet frame uses the Manchester code , which is an important feature of this encoding: each code element in the Manchester code (regardless of the code element is 1 or 0) in the middle there is a voltage conversion (from high to low or low to high). When the sender sends an Ethernet frame, it will no longer send other code elements, once, the transmission network adapter interface voltage will no longer change, so that the receiver can easily find the end of the Ethernet location.

802.3 frame Format

How Ethernet frames and 802.3 frames differ

802.3 the valid length value defined is not the same as the valid type of Ethernet, so it can be distinguished.

Mac minimum length for what is 64 bytes

Ethernet uses Csma/da collision detection algorithm, a host sends a packet after a maximum of one acquisition time will know whether the packet received a collision, Ethernet 51.2us as the requisition time, for 10M Ethernet, in the time of acquisition can be sent 512 Bit data, which is 64 bytes. This 64 bytes out of the Ethernet frame header and the test and field length of 16 bytes, there are 46 bytes left, that is, the minimum length of the Ethernet frame data field.

Conflict domains and broadcast domains

• Conflict Network (conflict domain): A collection of all work sites connected to the same to a wire, which can be received by the rest of the messages sent by one node, resulting in a conflict.
• Broadcast network (broadcast domain): Limit the range of Ethernet broadcast messages, one site sends a broadcast message to the rest of the site can receive.

In general, a broadcast network defines a third-tier network, such as an IP subnet, and a VLAN is simply a broadcast domain.

Hub Device

Hub equipment is also what we often call the hub, the hub of all connected LAN production signal relay, that is, when the signal attenuation, and then re-correction signal re-send. All devices connected to the hub form a conflict domain and broadcast domain, so that a large number of hosts can lead to conflict flooding and broadcast serious problems.

22-Layer Forwarding principle

Two-tier forwarding process

1. Extract the source MAC address of the datagram, query for Mac Forwarding (aka L2fdb), and send it directly to the corresponding port if found.
2. For addresses not included in the table, send by broadcast, that is, to all ports.
3. Using Address auto-learning (based on source MAC address learning) and aging mechanism (timing mechanism) to maintain Mac forwarding information, two-tier forwarding generally does not change the packet contents.

Introducing VLANs

Although the switch solves the problem of the conflict domain, there is still a broadcast domain problem, which is applied to the VLAN, that is, the VLAN mechanism is introduced on the Layer two switch.

VLAN mechanism can make the host under the same VLAN any communication (two layer switching), different VLAN host communication is completely isolated, such as need to communicate through three layer exchange, block broadcast packet, reduce broadcast domain, provide network security. A VLAN is simply a broadcast domain that can form a VLAN across multiple physical devices, making network construction and maintenance more convenient.

VLAN partitioning method can be divided according to the switch port, according to the MAC address to divide, according to the network layer (IP address, IP subnet) to divide, according to IP multicast division.

VLAN protocol format

• TPID: Protocol flag, usually 0x8100
• Priority: Precedence
• CFI: Specification indication, total set to 0
• VLAN Id:vlan Number

VLAN Port

VLAN-based port partitioning can be categorized into a variety of port types: Access, trunk, Hybird.

• A port of type access can belong to only 1 VLANs and is typically used to connect to a computer's port
• Trunk type port can allow multiple VLANs through, can receive and send multiple VLAN of the message, generally used for the connection between the switch port
• Hybrid type of port can allow multiple VLANs through, can receive and send multiple VLANs of the message, can be used to connect between switches, can also be used to connect the user's computer

The hybrid port and trunk ports are handled the same way when they receive data, except when sending data: The hybrid port allows multiple VLANs to be sent without a label, while the trunk port allows only the default VLAN messages to be sent without tagging.

Switch interface Access data processing process under VLAN

1) acess Port Ticker: Receive a message to determine if there is VLAN information: If not, hit the upper port of the Pvid, and exchange forwarding, if there is a direct discard (default)

2) acess port text: The VLAN information of the message is stripped, sent directly out

3) Trunk Port Ticker: received a message to determine if there is VLAN information: if there is no port Pvid, and Exchange forwarding, if there is to determine whether the trunk port to allow the VLAN data entry: If can be forwarded, otherwise discarded

4) Trunk Port text: Compare the Port's pvid and the VLAN information that will send the message, if the two are equal then stripped VLAN information, and then sent, if not equal to send directly

5) Hybrid Port Ticker: received a message, determine if there is VLAN information, if not the upper port of the Pvid, and exchange forwarding, if there is a hybrid port to determine whether the VLAN data entry; Otherwise discarded (the UNTAG configuration on the port is not considered, the UNTAG configuration only acts when the message is sent)

6) Hybrid Port transmitter: 1. Determine the properties of the VLAN on this port (disp interface to see which VLANs are UNTAG and which are tags) 2. If it is UNTAG, the VLAN information is stripped, then sent, if the tag is sent directly

Two-tier forwarding process under 3 VLANs

VLAN-enabled switches, MAC address learning methods are divided into 2: standalone (IVL) and Shared (SVL), the corresponding L2FDB table entry content has a VLAN ID, MAC address and the port on which it resides.

• Search Mac forwarding post (L2FDB) for the destination address to process and forward
  • -Standalone: Find the forwarding table based on the VLAN ID, find out the range of forwarding entries for the same VLAN ID, and find out the port that matches the MAC address in these tables.
  • -Shared: Search and publish according to the destination address, find the corresponding interface, determine the VLAN ID of the interface and the VLAN ID in the message is consistent, if the match is transmitted through the port message, otherwise discarded.
• Forwarding by broadcast for addresses not included in the forwarding post
  • -Standalone: The destination Mac is not found, and all ports under that VLAN are broadcast
  • -Share: Find the destination Mac, then determine if the VLAN ID in the message matches the VLAN ID of the port, and if the match is broadcast in that VLAN, otherwise discarded.
• Source Address Learning for Mac forwarding
  • -Standalone: Creates table entries with the source MAC address and VLAN, so there are table entries with the same MAC address and different VLAN IDs.
  • -Shared: Creates a table entry with the source MAC address, overwriting the original table entry if there is a table entry with the same MAC address in the Mac forwarding publication.

Reference:

1. VLAN protocol and Port type

2, "TCP IP detailed Volume One"

Two-layer forwarding principle