Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Appendix A
Ethernet Frame

A.1 Introduction

The IEEE standards for Local Area Networks (LANs) describe specifications for the physical layer, medium access control (MAC) sublayer, and logical link control (LLC) sublayer. In OSI terminology, the MAC and LLC sublayers are considered to be sublayers of the OSI Data Link layer. Both the MAC and LLC sublayers contain fields for addressing. The term Ethernet refers to the family of LAN specifications covered by the IEEE 802.3 standard.

The processing that take place in Layer 2 (Ethernet) switches, switch/routers (multilayer switches), and routers involve processing all or parts of the Ethernet frame and IP header fields. To understand how switches, routers, and switch/routers operate, it is essential to understand the format of the Ethernet frame and IP header.

A.2 Ethernet Frame Format

The IEEE 802.3 standard defines the basic Ethernet frame format that is required for all Ethernet device implementations, in addition to other optional fields that are used to extend Ethernet's basic capabilities. The basic Ethernet frame contains the Preamble plus the six fields shown in Figure A.1.

Preamble: An Ethernet frame is preceded by a Preamble, which consists of 7 bytes ¹ or octets (56 bits). The Preamble is a pattern of alternating ones and zeros preceding an Ethernet frame that indicates to a receiving device that an Ethernet frame is arriving. It also provides a signal to the receiving device to enable the frame-reception mechanism of the receiver's physical layer synchronized to the incoming bit stream. The Preamble allows the receiver's physical layer to detect and reach steady-state synchronization with the incoming bit stream (i.e., the Preamble) before the actual Start-of-Frame Delimiter (SFD) of the Ethernet frame is received.
Start-of-Frame Delimiter: The SFD consists of 1 byte field that both marks the end of the Preamble and indicates the beginning of the Ethernet frame. The SFD is a pattern of alternating ones and zeros, ending with two consecutive 1 bits (“11”). It indicates the start of the actual Ethernet frame information and the next bit immediately after the SFD is the left-most bit in the left-most byte of the Ethernet destination MAC address. The SFD has the binary value of 10101011, which is transmitted with the least-significant bit first. Bytes (or octets) in a frame are transmitted least-significant bit first (see bit-ordering and byte-ordering discussion later in the chapter). The purpose of the SFD is to identify the beginning of the MAC frame and allow receiving devices to synchronize with and identify a frame's octet boundaries.
Destination Address (DA): The DA field consists of 6 bytes and it identifies which MAC device(s) the Ethernet frame is destined to. The leftmost bit in the DA field (see Figure A.2) indicates whether the address is an individual address (indicated by a 0) or a group address (indicated by a 1). The second bit from the left indicates whether the DA is globally administered (indicated by a 0) or locally administered (indicated by a 1). The remaining 46 bits of the DA field constitute a uniquely assigned value that identifies a single MAC device, a defined group of MAC devices, or all MAC devices on the network.
Individual MAC addresses are also known as unicast MAC addresses because they refer to a single MAC address and are assigned by the MAC device manufacturer from a block of addresses allocated by the IEEE. Group addresses (multicast MAC addresses) identify the end devices belonging to a particular group and are assigned by the network manager. Packets sent to a multicast MAC address are received by all MAC devices on a network that has been configured to receive packets sent to that MAC address.

A special group MAC address (the all 1s or broadcast address) indicates that an Ethernet frame is to be sent to (broadcasted to) all devices on that network. Packets sent to the broadcast address (carrying all ones) are received by all devices on a subnetwork or virtual LAN (VLAN). In hexadecimal format, the broadcast address is FF:FF:FF:FF:FF:FF. A broadcast frame is flooded in a VLAN and is forwarded to and accepted by all other nodes.
Source Address (SA): The SA field consists of 6 bytes and it identifies the MAC devices that send an Ethernet frame. The SA is always an individual MAC address and the left-most bit in the SA field is always 0.
Type/Length: This field consists of 2 bytes and it carries either the Ethernet frame type identifier (ID) (to indicate which protocol is encapsulated in the payload of the frame) or the number of MAC-client data bytes that are contained in the data field of the frame (if the Ethernet frame is created/assembled using an optional format) (Figure A.1). The Type is sometimes referred to as the EtherType.
- - If the Type/Length field value is less than or equal to 1500 (0x05DC), the data field contains LLC data and the number of LLC data bytes carried in the Ethernet frame's Data field is equal to the Type/Length field value.
- - If the Type/Length field value is greater than 1536 (0x0600), the Ethernet frame is a Type-frame and the value in the Type/Length field identifies the particular type of frame (upper layer protocol data) being sent or received.
- - Values between 1500 and 1536, exclusive, are undefined.
The Type value identifies the upper layer protocol that has encapsulated the data in the Ethernet frame. For example, a Type value of 0x0800 signals that the frame contains an IPv4 datagram. A Type of 0x0806 indicates an ARP frame, 0x8100 indicates an IEEE 802.1Q frame, and 0x86DD indicates an IPv6 frame.

Although both types of framing are formally approved by the IEEE 802.3 standard, the Type frame or encapsulation is the more commonly used one.
Data: The Data field carries a sequence of N bytes of any value, where N is less than or equal to 1500. If the length of data carried in the Data field is less than 46 bytes, the shortfall must be made up, extending the Data field with redundant data (by adding a pad or filler of 0s) to bring the Data field length to 46 bytes. Since the value of the Type/Length field specifies the number of actual/true LLC data octets carried in the Data field (but not the length of the field), the Length value is not changed when a pad is added to the Data field.
Frame Check Sequence (FCS): The FCS field consists of 4 bytes at the end of the Ethernet frame. This sequence contains a 32 bit cyclic redundancy check (CRC) value, which is generated/created by the sending MAC device. The generator polynomial is

The FCS is generated over the DA, SA, Type/Length, and Data + Pad fields before transmission. The FCS is recalculated by the receiving MAC device to check for damaged/corrupted frames. The transmitted FCS value in the received frame is compared to the new FCS value that is computed as the frame is being received. The FCS provides error detection over the DA, SA, Length/Type, Data + Pad, and the FCS fields. Note that error detection extends and covers the FCS field itself. The FCS field is transmitted such that the first bit is the coefficient of the term (MSB first) and the last bit is the coefficient of the term. Unlike the byte and bit order in other fields, the FCS is treated as a special 32 bit field rather than as four individual octets.

Figure depicts basic Ethernet frame format. — **Figure A.1** Basic Ethernet frame format.

Figure depicts MAC Address format (MAC-48 and EUI-48 formats). — **Figure A.2** MAC Address format (MAC-48 and EUI-48 formats).

The Inter-Packet gap (IPG) (not shown in Figure A.1) is the idle (inactive) time between packets. After a packet has been transmitted a sending MAC device, the sender is required to transmit a minimum of 96 bits (12 octets) of idle line state before transmitting the next packet. Between transmission of each Ethernet frame, a sender must wait for a period of 9.6 μs for 100 Mb/s Ethernet and 0.096 μs for Gigabit Ethernet. At 10 Mb/s, this corresponds to about the time it takes for 12 bytes to be transmitted.

The IPG is intended to allow the transmitted signal enough time to propagate through the receiver's electronics at the destination MAC device. While every sending MAC device must pause for the IPG time between transmitting frames, receivers do not necessarily see the IPG or idle/silent period. The time is practically too small to be really noticeable by end applications.

The following describes the frame transmission process for Length encapsulated Ethernet frames. Whenever a sending MAC device receives a transmit-frame request with the relevant destination MAC address and data from the LLC sublayer, the MAC begins the transmission sequence by transferring the LLC data into the MAC frame buffer.

The preamble data and start-of-frame delimiter data are inserted in the Preamble and SFD fields.
The destination and source MAC addresses are inserted into the MAC address fields.
The LLC data bytes are counted, and the number of bytes is inserted into the Length/Type field.
The LLC data bytes are inserted into the Data field. If the number of LLC data bytes is less than 46, a pad is added to bring the Data field length up to 46.
An FCS value is generated over the DA, SA, Length/Type, and Data fields (including any pad) and is appended to the end of the Data field as the FCS field.

After the Ethernet frame is completely assembled, the start of actual frame transmission on the transmission medium will depend on whether the MAC is operating in full-duplex or half-duplex mode. Today's Ethernet MAC devices operate in full-duplex mode only.

Ethernet frame reception at the receiving MAC device is the reverse of frame transmission process. The destination MAC address of the received Ethernet frame is parsed and matched against the receiving device's MAC address list (its individual MAC address, its group MAC addresses, and the broadcast MAC address) to determine whether the frame is destined to it.

If a MAC address is matched, the frame length is checked and the receiver's computed FCS is compared to the value in the FCS field (that was generated during frame transmission). If the frame length is correct and the transmitted and computed FCS values match, the receiver determines the frame type from the contents of the Length/Type field. The Ethernet frame's Data field values are then extracted and forwarded to the appropriate upper layer protocol.

A.2.1 MAC Address

Ethernet MAC addresses identify MAC layer entities (physical or logical/virtual interfaces or ports) in networks that implement the IEEE MAC sublayer functions of the data link layer (OSI or TCP/IP reference model). As with most data link addresses, MAC addresses are unique for each MAC port or interface. Ethernet MAC addresses are formatted according to rules set by the IEEE and can be done using one of the following three numbering name spaces (managed by the IEEE): MAC-48, EUI-48 [IEEESAEUI48], and EUI-64 [IEEESAEUI64], where EUI stands for Extended Unique Identifier.

Most Layer 2 networks use one of these three primary numbering spaces – MAC-48, EUI-48, and EUI-64. EUI-48 and EUI-64 identifiers are commonly used to create globally unique interface addresses (also called universally unique MAC addresses). These globally unique addresses are specified in a number of standards that discuss Layer 2 and 3 addressing. Ethernet and ATM interfaces use the MAC-48 address space. IPv6 interface identifiers use the EUI-64 address space.

All three numbering systems use the same format and differ only in the length of the identifier (Figure A.2). The first three bytes in the figure, known as the Organizationally Unique Identifier (OUI), identify the issuer (i.e., organization) of the MAC-48, EUI-48, or EUI-64 identifier [IEEESAOUICID]. These first three byes (which are administered by the IEEE), shown in the figure in transmission order, identify the issuer (assignee or owner), who can be a manufacturer, vendor, or any other organization globally or worldwide.

OUIs are purchased from the IEEE Registration Authority by the issuer/assignee. The IEEE Registration Authority administers the assignment of these (OUI) identifiers and ensures that they are globally unique to each organization that receives an identifier. The OUIs are used as the first 3 bytes (24 bits) of identifiers in any one the three numbering name spaces (e.g., MAC-48, EUI-48, and EUI-64) to uniquely identify a particular physical or logical interface in a network. When creating an Ethernet MAC address, the OUI is combined with a 3 byte (24 bit) number (assigned by the owner of the OUI) to form the complete Ethernet MAC address. As shown in Figure A.2, the first three bytes of the MAC address are the OUI.

The next 3 bytes in the NIC specific field (for the MAC-48 and EUI-48 formats in Figure A.2) or 5 bytes (for the EUI-64 format) are assigned by the OUI owner (organization) based on their own allocation rules, as long as the addresses are unique. The last 3 (or 5) bytes are typically created using the serial number of the interface, or any other value administered by the OUI owner. MAC-48 and EUI-48 spaces each result in 48 bit addresses, while EUI-64 spaces result in 64 bit addresses, but all three use the same OUI format.

The MAC addresses (with the NIC specific part assigned by the manufacturer of a MAC device) are generally stored in a device's hardware, such as the device's network interface read-only memory (ROM) or some other software or firmware component. The ROM encodes the MAC address (OUI plus NIC-specific number) and is sometimes referred to as the burned-in address (BIA). BIA means the MAC address is stored permanently in the ROM and is copied into an associated random-access memory (RAM) when the interface powers up and initializes. The BIA is also referred to in the network industry by terms such as physical address, hardware address, or Ethernet hardware address (EHA).

In the first byte of the OUI (Figure A.2), the two least-significant-bits of the second set of 4 bits (second nibble) are used as flag bits for some protocol functions. These flag bits can be used to indicate whether the MAC address is an individual (unicast) address or group (multicast) address, or whether a MAC address is universally or locally administered, and so on. As already noted, MAC addresses can either be universally administered or locally administered [IEEESAGMAC].

Universally administered and locally administered addresses are distinguished by appropriately setting the second least significant bit of the most significant byte of the MAC address (indicated by the “Bit 2” bit in Figure A.2). This bit is also referred to as the U/L bit, short for Universal/Local, which identifies how the address is administered.

Universally Administered Addresses: If the “Bit 2” (U/L) bit is 0, the address is universally administered by the IEEE (through the assignment/designation of a unique owner/company ID (the OUI)). A universally administered address is unique but the NIC-specific part is assigned to a device by its manufacturer.
Locally Administered Addresses: If the “Bit 2” (U/L) bit is 1, the address is locally administered. A locally administered address is assigned to a device by a network administrator, overriding any burned-in address. Locally administered addresses do not contain OUIs.

The least significant bit of the most significant byte of an address (“Bit 0” bit in Figure A.2) indicates whether an address is an individual (unicast) address or group (multicast) address [IEEESAGMAC]. This bit is also referred to as the I/G bit, short for Individual/Group, which identifies how the address is used.

Individual (Unicast) Address: The “Bit 0” (I/G) bit is set to 0 in individual addresses; meaning if the least significant bit of the most significant octet of an address is set to 0 (zero), the frame is destined to only one receiving interface (unicast transmission).
Group (Multicast) Address: The “Bit 0” (I/G) bit is set to 1 in group addresses. If the least significant bit of the most significant address octet is set to 1, the frame is destined to more than one receiver (group of receivers). The sender transmits the frame only once, and a receiver accepts the frame based on a configurable list of multicast MAC addresses it maintains. Group addresses include broadcast and multicast addresses, and not unicast or individual addresses. Group addresses, like individual addresses, can be universally or locally administered.

A.2.1.1 MAC-48 and EUI-48

The EUI-48 is a 48 bit identifier defined by the IEEE as a concatenation of a 24 bit OUI value administered by the IEEE Registration Authority, and a 24 bit extension identifier assigned by the organization who owns that OUI (the organization that purchased the OUI). MAC-48 addresses (obsoleted by the term EUI-48) are the most commonly used MAC addresses in most networks. These addresses are generally expressed in the format of 12-digit hexadecimal numbers (48 bits in length) and can be written using one of the following formats:

MM:MM:MM:SS:SS:SS
MM-MM-MM-SS-SS-SS

The first three octets (MM:MM:MM or MM-MM-MM) are the OUI, which is the ID of the OUI owner, for example, a hardware manufacturer. As already stated, the OUI values (manufacturer ID numbers) are assigned by the IEEE. The last three octets (SS:SS:SS or SS-SS-SS) constitute an ID assigned by the OUI owner, for example, the serial number for a device, which is assigned by the manufacturer. For example, an Ethernet interface card might have a MAC address that is of form 00:14:22:01:23:45 (where 00:14:22 is the OUI and 01:23:45 is OUI owner assigned).

Another method for creating addresses is to use Individual Address Block (IAB) identifiers. An IAB-based identifier is created by combining a 24 bit OUI (owned and managed by the IEEE Registration Authority), a 12 bit extension identifier (also assigned by the IEEE to identify an assignee/owner), and a 12 bit value provided by the owner to identify individual devices. This method results in unique 48 bit identifiers (addresses) that also identify the assignee/owner of the IAB. The method provides only 4096 unique EUI-48 identifiers (addresses) for use by the IAB owner.

For example, if the IAB base value assigned by the IEEE is XX-XX-XX-XX-X0-00 and the 12 bit extension identifier provided by the IAB owner is ccc (in hexadecimal), then the EUI-48 identifier created by concatenating these two numbers is XX-XX-XX-XX-Xc-cc. When an organization requires no more than 4097 unique 48 bit EUI-48 identifiers, then an IAB is ideal for that organization.

There is no real distinction between EUI-48 and MAC-48 identifiers, the only difference lies in the way the two terms are used in the communication industry. MAC-48 was used to refer to addresses assigned to network hardware interfaces. EUI-48 (which is the preferred term, and is used more broadly) refers to identifiers/addresses that identify a hardware device instance, hardware interface/port, virtual/logical interface, software interface, model number for a product, form/function of vendor-specific content, or any other object that requires unique identification.

An EUI-48 can be used as an identifier for a wide range of hardware and software entities and does not necessarily have to be a network address. An EUI-48 identifier encompasses more, and is not in fact a “MAC address,” although both have formats that are indistinguishable from each other and are assigned from the same numbering space.

The label MAC-48 is now considered to be obsolete by the IEEE and the term EUI-48 is used instead. MAC-48 was used to refer to specific type of EUI-48 identifiers used for addressing hardware interfaces in IEEE 802-based technologies such as IEEE 802.3 (Ethernet), IEEE 802.4 (Token Bus), IEEE 802.5 (Token Ring), and IEEE 802.6 (FDDI). This 48 bit address space also contains potentially 2⁴⁸ or 281,474,976,710,656 possible addresses.

A.2.1.2 EUI-64

The EUI-64 identifier, defined by the IEEE, represents a newer standard for creating identifiers similar to the EUI-48. An EUI-64 is a 64 bit identifier created by concatenating the 24 bit OUI value (administered by the IEEE Registration Authority), and a 40 bit extension identifier assigned by the OUI owner. The OUI (carrying the organization ID) is still 24 bits (as in the EUI-48), but the OUI owner assigned extension ID is 40 bits, resulting in a much larger address space for the organization. The EUI-64 identifier uses the U/L and I/G bits in the same way as described above and in Figure A.2.

The IEEE guidelines for creating EUI-64 identifiers [IEEESAEUI64] does not allow the first four nibbles (or 2 bytes) of the extension identifier (i.e., first four nibbles of the organizationally assigned identifier portion of an EUI-64) to be FFFE₁₆ or FFFF₁₆. This means EUI-64 identifiers of the form ccccccFFFEeeeeee and ccccccFFFFeeeeee should not be used. This restriction is to allow the encapsulation of EUI-48 values into EUI-64 identifiers.

Similar to EUI-48 identifiers, EUI-64 identifiers can be used to identify various hardware and software instances of a device or any other object that requires unique identification, regardless of application (e.g., network interfaces, software interfaces, virtual/logical interfaces, wireless devices, IEEE 1588 clocks, sensors, etc.). EUI-64 identifiers are used in IEEE 1394 (FireWire), wireless personal-area networks (based on 6LoWPAN (RFC 4944), IEEE 802.15.4, or ZigBee), and IPv6 (using the Modified EUI-64 format as the least-significant 64 bits of a unicast network address or link-local address when stateless autoconfiguration is used).

MAC-48 or EUI-48 identifiers can be embedded in EUI-64 identifiers by a simple mapping mechanism. With this mapping, a MAC-48 or EUI-48 identifier can be encapsulated within the larger EUI-64 identifier. The EUI-64 identifier is created by combining the smaller EUI-48 or MAC-48 identifier with specified values written in specified bit locations within the EUI-64 identifier [IEEESAEUI64]. The mapping requires the insertion of the hexadecimal value FF-FF for MAC-48 to EUI-64 mapping, and the value FF-FE for EUI-48 to EUI-64 mapping.

This mapping allows for a smooth transition from MAC-48 and EUI-48 to EUI-64 and to avoid duplicate or conflicting values from occurring during the conversion of MAC-48 and EUI-48 identifiers to EUI-64.

MAC-48 to EUI-64: To convert a MAC-48 identifier into an EUI-64, copy the 24 bit OUI from the MAC-48 identifier, then attach the identifying sequence FF-FF, and then followed by the 24 bit extension identifier specified by the OUI owner.
EUI-48 to EUI-64: To convert an EUI-48 identifier into an EUI-64, the same process is followed, but instead the special identifying sequence FF-FE is inserted.

In both mapping mechanisms, reversing the process, when necessary, is simple and straightforward. Organizations that issue EUI-64 identifiers have to take the necessary measures to guard against issuing identifiers that could be confused with these two mapping forms. The IEEE policy favors the use of the EUI-64 numbering name space when possible over new uses of MAC-48 and EUI-48 identifiers.

IPv6 uses a Modified EUI-64 in the lower half of some IPv6 addresses. A Modified EUI-64 is an EUI-64 identifier with the U/L bit inverted [RFC7042]. To create the Modified EUI-64, IPv6 uses EUI-48 instead (not MAC-48) and also toggles the U/L bit. To create an EUI-64 identifier from an EUI-48 identifier, the 16 bit sequence FF-FE (11111111 11111110) is inserted into the EUI-48 identifier between the 24 bit OUI and the 24 bit extension identifier.

Then to obtain the 64 bit interface identifier for an IPv6 unicast address, the U/L bit in the EUI-64 identifier just created is complemented, that is inverted (if it is set to 1, it is changed to 0, and if it is set to 0, it is changed to 1). This allows MAC addresses (such as EUI-48 formatted IEEE 802 MAC addresses) to be extended to Modified EUI-64 using only the special identifying sequence FF-FE (and never FF-FF) and with the U/L bit inverted.

A.2.1.3 Written Address Conventions

The following are standard formats for writing MAC-48 and EUI-48 addresses so that they are easily readable (all in transmission order):

Six Groups of Two Hexadecimal Symbols, Separated by Hyphens (−): Example, 01-23-45-67-89-ab
Six Groups of Two Hexadecimal Symbols, Separated by Colons (:): Example, 01:23:45:67:89:ab
Three Groups of Four Hexadecimal Symbols Separated by Dots (.): Example, 0123.4567.89ab

The first two forms are also commonly used for EUI-64 identifiers.

A.2.2 IEEE 802.1Q Tagging Option – VLAN Tagging Option

The Ethernet frame header contains destination and source MAC addresses (each 6 bytes in length), the Type/Length field, and, optionally, an IEEE 802.1Q tag (Figure A.3). The optional 4-octet IEEE 802.1Q tag is a field that is used to carry information about the Virtual LAN (VLAN) membership and IEEE 802.1p priority of a frame. The minimum payload of the Ethernet frame is 42 bytes when it carries an IEEE 802.1Q tag and 46 bytes when the tag is absent (untagged frame). The maximum Ethernet frame payload, as discussed above, is 1500 bytes. Nonstandard jumbo frames are larger size frames, carrying payloads much larger than 1500 bytes, and allow for larger maximum payload size to be transported.

Figure depicts ethernet frame format with Optional 802.1Q tag field. — **Figure A.3** Ethernet frame format with Optional 802.1Q tag field.

VLAN tagging (using IEEE 802.1Q tags) is a MAC frame formatting option that provides three important capabilities not previously available to Ethernet network users and network managers using untagged frames:

VLAN tagging provides a means to tag frames with priority settings according to traffic type and quality of service (QoS) requirement so that they can be given differentiated service in a network.
VLAN tagging allows frames from end stations to be tagged and assigned to Layer 2 broadcast domains or logical groups (VLANs) in a network. Users, even if not collocated within a logical group, can communicate with each other across the network as if they were on a single LAN. Layer 2 switches will examine destination MAC addresses and VLAN tags and forward frames only to ports that serve the VLAN to which the traffic belongs.
VLAN tagging simplifies network management and makes adding, moving, and changing end-stations and network equipment in the network much easy to carry out.

As shown in Figure A.3, a VLAN-tagged frame is simply a basic MAC frame that has a 4 byte VLAN tag/header (IEEE 802.1Q tag) inserted/placed between the source MAC address and Type/Length fields.

The 32 bit IEEE 802.1Q tag field is placed between the source MAC address and the Type/Length fields of the basic frame (Figures A.4–A.6). The IEEE 802.1Q tag consists of the following parts:

Tag Protocol Identifier (TPID): The 2 byte TPID field is set to a value of 0x8100 (in hexadecimal) to identify an Ethernet frame as carrying an IEEE 802.1Q-tagged. As illustrated in Figure A.4 Figure A.5 Figure A.6, the TPID field is at the same position as the Type/Length field in untagged Ethernet frames. This allows IEEE 802.1Q tagged frames to be quickly distinguished from untagged frames.
Tag Control Information (TCI): The 2 byte TCI field consists of a 3 bit Priority Code Point (PCP) (or User Priority), 1 bit Drop Eligible Indicator (DEI) (formerly the Canonical Format Indicator (CFI)) and 12 bit VLAN Identifier (VLAN ID) as shown in Figure A.5.
- - Priority Code Point (PCP): The 3 bit PCP (or User Priority) field refers to the IEEE 802.1p priority class of service and indicates the Ethernet frame's priority level. These PCP values can be used to prioritize different classes of traffic (voice, video, data, etc.).
- - Drop Eligible Indicator (DEI): The 1 bit DEI field (formerly designated as the CFI) can be used separately or in conjunction with PCP to indicate an Ethernet frame as eligible to be dropped when the need arises in the network.
- - VLAN Identifier (VLAN ID): The 12 bit VLAN ID field carries a value that specifies the VLAN to which the Ethernet frame belongs.

In the range of values covered by the 12 bit VLAN ID field (Figure A.4 and A.5), the values 0x000 and 0xFFF (in hexadecimal) are reserved. The remaining (2¹²−1) values are available to be used as VLAN identifiers, meaning up to 494 VLANs can be created.

The Null VID (0x000): The reserved value 0x000, when carried in a tagged Ethernet frame, indicates that the frame does not belong to any VLAN (no valid VLAN identifier is carried in the frame). It indicates that the IEEE 802.1Q tag header (i.e., the TCI) contains only frame priority information (in PCP and DEI fields). The 0x000 VLAN ID value is not to be used as a Port VLAN ID, member of a VLAN ID set, configured in any Ethernet address filtering database entry, or used in any management operation.
The Default VID (x001): In Layer 2 networks, the 0x001 VLAN ID or VLAN 1 (normally designated the default VLAN ID) is often reserved for identifying Ethernet frames belonging to a management VLAN, but its use is also vendor-specific.
Reserved for Implementation Use (0xFFF): The 0xFFF VLAN ID value is reserved and is not to be used as a Port VLAN ID, member of a VLAN ID set, or carried in an IEEE 802.1Q tag of an Ethernet frame. This VLAN ID value is sometimes used to indicate a wildcard match in the VLAN ID field in Ethernet address filtering database entries or in searches involving the VLAN ID in management operations.

Figure depicts VLAN tagged Ethernet frame format. — **Figure A.4** VLAN tagged Ethernet frame format.

Figure depicts VLAN tag TCI (TAG Control Information Field) format. — **Figure A.5** VLAN tag TCI (TAG Control Information Field) format.

Figure depicts VLAN Protocol Identifier (VPID) on Ethernet. — **Figure A.6** VLAN Protocol Identifier (VPID) on Ethernet.

As illustrated in Figure A.7, IEEE 802.1Q tagged frame has a 4 byte field added between the source MAC address and the Type/Length fields of the basic standard Ethernet frame. With tagging, the minimum frame size remains unchanged at 64 bytes (octets) but the maximum frame size extends from 1518 to 1522 bytes.

Figure depicts mapping between untagged and tagged Ethernet frame formats. — **Figure A.7** Mapping between untagged and tagged Ethernet frame formats.

With IEEE 802.1Q tagging, the minimum payload in the frame is 42 bytes while without tagging the frame carries the basic standard minimum payload of 46 bytes. During tagging, a device adds 2 bytes for the TPID and 2 bytes for the TCI. The device also has to fill in the TCI fields (PCP, DEI, and VID) with the appropriate information. By inserting the IEEE 802.1Q tag, the frame size and contents change, thereby requiring the device to recalculate and update the FCS field in the Ethernet trailer.

The Maximum Transmission Unit (MTU) is the size (in bytes) of the largest protocol data unit (PDU) that a particular protocol layer can forward to the next entity. The Ethernet frame size specifies the size of the complete Ethernet frame, including the header and the trailer, but the MTU size in Ethernet refers only to the Ethernet payload. The standard Ethernet frame (not Jumbo frames) has an MTU of 1500 bytes (Figure A.7). The MTU does not include the Ethernet header plus the Cyclic Redundancy Check (CRC) trailer (which is carried in the Frame Check Sequence (FCS) field) in the untagged frame. The header plus the trailer in the untagged frame are 18 bytes in length, resulting in total Ethernet frame size of 1518 bytes.

“Baby giant” frames is a term that refers to Ethernet frames with MTU sizes greater than the standard maximum MTU size up to 1600 bytes. “Jumbo” frames is used to refer to Ethernet frames with MTU sizes up to 9000 bytes [CISCBABY, ETHERALL09]. By extending the maximum Ethernet frame size from 1518 to 1522 bytes due to IEEE 802.1Q tagging (to accommodate the 4 byte tag), some network devices that cannot process tagged frames simply discard such frames. Some network devices that do not support processing for these larger tagged frame size will process and forward the tagged frame successfully, but may flag them as malformed “baby giant” packets [CISCBABY].

A network can be configured to have segments that are VLAN-aware (i.e., IEEE 802.1Q enabled), where frames carry VLAN tags, and segments that are VLAN-unaware (i.e., IEEE 802.1D enabled), where frames do not include VLAN tags. A VLAN tag is added to a frame when it enters the VLAN-aware segment of the network, (see Figure A.7) to specify/indicate the VLAN membership of the frame. Each frame must be recognizable and distinguishable as belonging to precisely only one VLAN. A frame in the VLAN-aware segment of the network that does not carry a VLAN tag is assumed to belong to the native (or default) VLAN.

The 12 bit VLAN ID field in the IEEE 802.1Q tag allows a theoretical maximum of 4096 VLANs to be supported (4094 in practice, taking away the 0x000 and 0x001 VLAN IDs). While this maximum number may be adequate for most smaller networks, there are many networking scenarios where double-tagging (IEEE 802.1ad, also known as provider bridging, Stacked VLANs, or simply QinQ or Q-in-Q) need to be supported. Double-tagging can be useful for large networks and Internet service providers, allowing them to support a larger number of VLANs, in addition to other important benefits. Double-tagging can support a theoretical maximum of 4096 × 4096 = 16,777,216 VLANs.

A.2.3 Ethernet Byte and Bit Ordering

The endianness of a network protocol defines the order in which the protocol sends and receives bits and bytes of an integer field of protocol data. In a big endian system, the most significant byte (or bit) is transmitted first. By contrast, in a little endian system, the least significant byte (or bit) is transmitted first. The little endian and big endian bit ordering are illustrated in Figure A.8.

Lower layer protocols, such as Ethernet, Token Ring, FDDI, and ATM, define the order in which bit/byte transmission/reception should occur, and in some of these lower layer protocols the order is the reverse of that of the supported upper-layer protocol. In Ethernet transmission, the byte order is big-endian, that is, leftmost or most significant byte is sent first.

However, the bit order of Ethernet is little endian, that is, the bit corresponding to the 2⁰ numerical position or LSB (least significant bit) of the byte is sent first, and the bit corresponding to the 2⁷ numerical position or MSB (most significant bit) is sent last. Figure A.9 shows the byte ordering and bit ordering in the Ethernet frame. The bytes in each field are transmitted in big endian, meaning “left byte first,” but the bits within each byte are transmitted in the reverse order “LSB first.”

**Figure A.9** Ethernet frame format and transmission order – little endian bit ordering.

IEEE 802.3 (Ethernet) (and IEEE 802.4 (Token Bus)) transmit the bytes (octets) over the transmission medium, left-to-right, with least significant bit in each byte first (Figure A.9). Also by convention, when writing binary fields, the LSB is shown as the leftmost bit and the MSB as the rightmost. This is also the standard notation (also called canonical format) for MAC addresses, that is, addresses are written in transmission bit order with the LSB transmitted first.

For example, an address in canonical form 12-34-56-78-9A-BC would be transmitted over the transmission medium as bits 01001000 00101100 01101010 00011110 01011001 00111101 in the standard transmission order (LSB first). IEEE 802.5 (Token Ring) and IEEE 802.6, on the other hand, send the bytes over the transmission medium with the MSB first.

There is an important exception in Ethernet data transmission as noted in Figure A.9. Except for the FCS (which has the same byte ordering but a different bit ordering), data on other Ethernet frame fields is transmitted with most significant octet (byte) first, and within each octet, the least significant bit is transmitted first. The byte and bit orders are typical for all fields except the FCS, which is treated as a special 32 bit field rather than as four individual bytes. In the FCS, the high-order bit (MSB) of the sequence is transmitted first.

As discussed above, the 48 bit MAC address (universal or local) is normally represented as a string of 6 octets. The octets are written from left to right, in the order that they are transmitted on the transmission medium, separated by hyphens (−) or colons (:). Each octet of the address is expressed as two hexadecimal symbols. The bits within the octets are transmitted on the transmission medium from left to right.

In the binary representation, the first bit transmitted of each octet on the transmission medium is the LSB of that octet. The I/G address bit is the least significant bit. The leftmost bit of the binary representation (I/G address bit) of a MAC address distinguishes individual from group addresses. The U/L administered address bit is the next bit following the I/G address bit. The U/L bit indicates whether the MAC address has been universally or locally assigned.

A.2.4 Legal Ethernet Frames: Untagged Frames

The minimum and maximum Ethernet frame sizes (in bytes) are determined as follows:

Full minimum frame size = header (14) + CRC (4) + DataMin (46) = 64
Full maximum frame size = header (14) + CRC (4) + DataMax (1500) = 1518

When calculating the frame sizes, the IPG (Inter-Packet Gap), 7 byte Preamble, and 1 byte SFD (Start-of-Frame Delimiter) are not included in the frame size calculations as they are not considered part of the Ethernet frame. The header consists of three parts: 6 byte Destination Address, 6 byte Source Address, and 2 byte Type/Length field

A.2.4.1 Illegal and Ethernet Frames

All frames deemed illegal by a receiving Ethernet device are dropped. It is then the responsibility of the higher layer protocols, such as TCP/IP, to notify the sending device that a frame was dropped. The following are illegal Ethernet frames:

Runt Frame
The minimum Ethernet frame size is 64 bytes, which is equal to 18 bytes Header/CRC plus 46 bytes data. An Ethernet frame that is less than 64 bytes, received by an Ethernet device is deemed illegal and is dropped. This type of illegal frame is referred to as a “runt.” The most common causes of runt frames are collisions (in half-duplex networks), buffer underruns, malfunctioning network interface card, or software bugs in a device. In half-duplex networks, such frames are a result of collisions. A receiving Ethernet device is required to discard all runt frames.

Padding (a smaller Ethernet frame with redundant data) can be used to prevent runts from occurring. If the upper-layer protocol has data to send that is less than 46 bytes, the MAC sublayer adds a sufficient number of zero bytes, 0x00, also known as null padding characters, to the data to meet the minimum Ethernet frame size requirement.
Giant Frame
The maximum untagged Ethernet frame size is 1518 bytes. An Ethernet frame that is greater than the maximum frame size, received at an Ethernet device is called a “giant.” Certain malfunctioning in the physical layer of an Ethernet device may give rise to oversized Ethernet frames. Like runt frames, a receiving Ethernet device is required to discard all giant frames.
Misaligned Frame
An Ethernet frame must contain an integer number of octets (bytes) (64–1518 for untagged frames). An Ethernet frame that does not contain an integer number of bytes, when received by an Ethernet device is also illegal. An Ethernet device has no way of knowing which bits received are legal. It can only compute the CRC of the frame and also determine if an integer number of bytes are received. A receiving Ethernet device is therefore required to discard such frames.

Some implementations of Gigabit Ethernet (and higher speed Ethernets) support larger frames, known as jumbo frames. This type of (nonstandard) frame is not covered in this chapter.

Note

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.