No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Ethernet Switching Overview

Ethernet Switching Overview

This section describes the basic concept of Ethernet and Ethernet switching.

Introduction to Ethernet Switching


The earliest Ethernet standard was the DEC-Intel-Xerox (DIX) standard jointly developed by the Digital Equipment Corporation (DEC), Intel, and Xerox in 1982. After years of development, Ethernet has become the most widely used local area network (LAN) type, and many Ethernet standards have been put into use, including standard Ethernet (10 Mbit/s), fast Ethernet (100 Mbit/s), gigabit Ethernet (1000 Mbit/s), and 10G Ethernet (10 Gbit/s). IEEE 802.3 was defined based on Ethernet and is compatible with Ethernet standards.

In the TCP/IP suite, the IP packet encapsulation format on an Ethernet network is defined in RFC 894, and the IP packet encapsulation format on an IEEE 802.3 network is defined in RFC 1042. Currently, the format defined in RFC 894 is most commonly used. This format is called Ethernet_II or Ethernet DIX.


To distinguish Ethernet frames of the two types, Ethernet frames defined in RFC 894 are called Ethernet_II frames and Ethernet frames defined in RFC 1042 IEEE 802.3 are called frames in this document.


In 1972, when Robert Metcalfe (father of Ethernet) was hired by Xerox, his first job was to connect computers in Xerox's Palo Alto Research Center (PARC) to the Advanced Research Projects Agency Network (ARPANET), progenitor of the Internet. In 1972 also, Robert Metcalfe designed a network to connect computers in the PARC. That network was based on the Aloha system (a radio network system) and connected many computers in the PARC, so Metcalfe originally named the network Alto Aloha network. The Alto Aloha network started operating in May 1973, and Metcalfe then gave it an official name Ethernet, which is the prototype of Ethernet. The network operated at a rate of 2.94 Mbit/s and used thick coaxial cable as transmission medium. In June 1976, Metcalfe and his assistant David Boggs published a paper Ethernet Distributed Packet Switching for Local Computer Networks. At the end of 1977, Metcalfe and his three co-workers were gained a patent on "Multipoint data communication system with collision detection." Since then, Ethernet was known to the public.

As Ethernet technology develops rapidly, Ethernet has become the most widely used LAN technology and replaced most of other LAN standards, such as token ring, fiber distributed data interface (FDDI), and attached resource computer network (ARCNET). After rapid development of 100M Ethernet in the 20th century, gigabit Ethernet and even 10G Ethernet are now expanding their applications as promoted by international standardization organizations and industry-leading enterprises.


Ethernet is a universal communication protocol standard used for local area networks (LANs). This standard defines the cable type and signal processing method used for LANs.

Ethernet networks are broadcast networks established based on the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) mechanism. Collisions restrict Ethernet performance. Early Ethernet devices such as hubs work at the physical layer, and cannot confine collisions to a particular scope. This restricts network performance improvement. Working at the data link layer, switches are able to confine collisions to a particular scope. Switches help improve Ethernet performance and have replaced hubs as mainstream Ethernet devices. However, switches do not restrict broadcast traffic on the Ethernet. This affects Ethernet performance. Dividing a LAN into virtual local area networks (VLANs) on switches or using Layer 3 switches can solve this problem.

As a simple, cost-effective, and easy-to-implement LAN technology, Ethernet has become the mainstream in the industry. Gigabit Ethernet and even 10G Ethernet make Ethernet the most promising network technology.

Basic Concepts of Ethernet

This section describes the basic concept of Ethernet.

Ethernet Network Layers

Ethernet uses passive medium and transmits data in broadcast mode. It defines protocols used on the physical layer and data link layer, interfaces between the two layers, and interfaces between the data link layer and upper layers.

Physical Layer

The physical layer determines basic physical attributes of Ethernet, including data coding, time scale, and electrical frequency.

The physical layer is the lowest layer in the Open Systems Interconnection (OSI) reference model and is closest to the physical medium (communication channel) that transmits data. Data is transmitted on the physical layer in binary bits (0 or 1). Transmission of bits depends on transmission devices and physical media, but the physical layer does not refer to a specific physical device or a physical media. Actually, the physical layer is located above a physical medium and provides the data link layer with physical connections to transmit original bit streams.

Data Link Layer

The data link layer is the second layer in the OSI reference model, located between the physical layer and network layer. The data link layer obtains service from the physical layer and provides service for the network layer. The basic service that the data link layer provides is to reliably transmit data from the network layer of a source device to the network layer of an adjacent destination device.

The physical layer and data link layer depend on each other. Therefore, different working modes of the physical layer must be supported by corresponding data link layer modes. This hinders Ethernet design and application.

Some organizations and vendors propose to divide the data link layer into two sub-layers: the Media Access Control (MAC) sub-layer and the Logical Link Control (LLC) sub-layer. Then different physical layers correspond to different MAC sub-layers, and the LLC sub-layer becomes totally independent, as shown in Figure 7-1.

Figure 7-1  Hierarchy of Ethernet data link layer

The following sections describe concepts involved in the physical layer and data link layer.

Introduction to Ethernet Cable Standards

Introduction to Ethernet Cable Standards

Currently, mature Ethernet physical layer standards are:

  • 10BASE-2

  • 10BASE-5

  • 10BASE-T

  • 10BASE-F

  • 100BASE-T4

  • 100BASE-TX

  • 100BASE-FX

  • 1000BASE-SX

  • 1000BASE-LX

  • 1000BASE-TX

  • 10GBASE-LR

  • 10GBASE-SR

In the preceding standards, 10, 100, 1000 and 10G stand for transmission rates, and BASE represents baseband.

  • 10M Ethernet cable standards

    Table 7-2 lists the 10M Ethernet cable standards defined in IEEE 802.3.

    Table 7-2  10M Ethernet cable standards



    Maximum Transmission Distance


    Thick coaxial cable

    500 m


    Thin coaxial cable

    200 m


    Twisted pair cable

    100 m



    2000 m


    Coaxial cables have a fatal defect: Devices are connected in series and therefore a single-point failure can cause the breakdown of the entire network. As the physical standards of coaxial cables, 10BASE-2 and 10BASE-5 have fallen into disuse.

  • 100M Ethernet cable standards

    100M Ethernet is also called Fast Ethernet (FE). Compared with 10M Ethernet, 100M Ethernet has a faster transmission rate at the physical layer, but they have no difference at the data link layer.

    Table 7-3 lists the 100M Ethernet cable standards.

    Table 7-3  100M Ethernet cable standards



    Maximum Transmission Distance


    Four pairs of Category 3 twisted pair cables

    100 m


    Two pairs of Category 5 twisted pair cables

    100 m


    Single-mode fiber or multi-mode fiber

    2000 m

    Both 10Base-T and 100Base-TX apply to Category 5 twisted pair cables. They have different transmission rates. The 10Base-T transmits data at 10 Mbit/s, whereas the 100Base-TX transmits data at 100 Mbit/s.

    The 100Base-T4 is rarely used now.

  • Gigabit Ethernet cable standards

    Gigabit Ethernet is developed on the basis of the Ethernet standard defined in IEEE 802.3. Based on the Ethernet protocol, Gigabit Ethernet increases the transmission rate to 10 times the FE transmission rate, reaching 1 Gbit/s. Table 7-4 lists the Gigabit Ethernet cable standards.

    Table 7-4  Gigabit Ethernet cable standards

    Interface Name


    Maximum Transmission Distance


    Single-mode fiber or multi-mode fiber

    316 m


    Multi-mode fiber

    316 m


    Super category 5 twisted pair cable or category 6 twisted pair cable

    100 m

    Gigabit Ethernet technology can upgrade the existing Fast Ethernet from 100 Mbit/s to 1000 Mbit/s.

    The physical layer of Gigabit Ethernet uses 8B10B coding. In traditional Ethernet technology, the data link layer delivers 8-bit data sets to its physical layer. After processing the data sets, the physical layer sends them to the data link layer. The data sets are still 8 bits after processing.

    The situation is different on the Gigabit Ethernet of optical fibers. The physical layer maps the 8-bit data sets transmitted from the data link layer to 10-bit data sets and then sends them out.

  • 10G Ethernet cable standards

    10G Ethernet is currently defined in supplementary standard IEEE 802.3ae, which will be combined with IEEE 802.3 later. Table 7-5 lists the 10G Ethernet cable standards.

    Table 7-5  10G Ethernet cable standards



    Maximum Transmission Distance


    CAT-6A or CAT-7

    100 m


    Single-mode optical fiber

    10 km


    Multi-mode optical fiber

    Several hundred meters


  • Definition of CSMA/CD

    Ethernet was originally designed to connect computers and other digital devices on a shared physical line. The computers and digital devices can access the shared line only in half-duplex mode. Therefore, a mechanism of collision detection and avoidance is required to prevent multiple devices from contending for the line. This mechanism is called the carrier Sense Multiple Access with Collision Detection (CSMA/CD).

    The concept of CSMA/CD is described as follows:

    • CS: carrier sense

      Before transmitting data, a station checks whether the line is idle to reduce chances of collision.

    • MA: multiple access

      Data sent by a station can be received by multiple stations.

    • CD: collision detection

      If two stations transmit electrical signals at the same time, the voltage amplitude doubles the normal amplitude as signals of the two stations accumulate. The situation results in collision.

      The stations stop transmission after detecting the collision, and resume the transmission after a random delay.

  • CSMA/CD working process

    CSMA/CD works as follows:

    1. A station continuously detects whether the shared line is idle.

      • If the line is idle, the station sends data.

      • If the line is in use, the station waits until the line becomes idle.

    2. If two stations send data at the same time, a collision occurs on the line, and signals on the line become unstable.

    3. After detecting the instability, the station immediately stops sending data.

    4. The station sends a series of disturbing pulses. After a period of time, the station resumes the data transmission.

      The station sends disturbing pulses to inform other stations, especially the station that sends data at the same time, that a collision occurred on the line.

      After detecting a collision, the station waits for a random period of time, and then resumes the data transmission.

Minimum Frame Length

Due to the limitation of the CSMA/CD algorithm, an Ethernet frame must be longer than or equal to a specified length. On the Ethernet, the minimum frame length is 64 bytes, which is determined jointly by the maximum transmission distance and the collision detection mechanism.

The use of minimum frame length can prevent the following situation: station A finishes sending the last bit, but the first bit does not arrive at station B, which is far from station A. Station B considers that the line is idle and begins to send data, leading to a collision.

Figure 7-2  Ethernet_II frame format

The upper layer protocol must ensure that the Data field of a packet contains at least 46 bytes, so that the total length of the Data field, the 14-byte Ethernet frame header, and the 4-byte check code at the frame tail can reach the minimum frame length, as shown in Figure 7-2. If the Data field is less than 46 bytes, the upper layer must pad the field to 46 bytes.

Duplex Modes of Ethernet

The physical layer of Ethernet can work in either half-duplex or full-duplex mode.

  • Half-duplex mode

    The behalf-duplex mode has the following features:

    • Data only be sent or received at any time.

    • The CSMA/CD mechanism is used.

    • The maximum transmission distance is limited.

    Hubs work in half-duplex mode.

  • Full-duplex mode

    After Layer 2 switches replace hubs, the shared Ethernet changes to the switched Ethernet, and the half-duplex mode is replaced by the full-duplex mode. As a result, the transmission rate increases greatly, and the maximum throughput doubles the transmission rate.

    The full-duplex mode solves the problem of collisions and eliminates the need for the CSMA/CD mechanism.

    The full-duplex mode has the following features:

    • Data can be sent and received at the same time.

    • The maximum throughput doubles the transmission rate.

    • This mode does not have the limitation on the transmission distance.

    All network cards, Layer 2 devices (except hubs), and Layer 3 devices produced support the full-duplex mode.

    The following hardware components are required to realize the full-duplex mode:

    • Full-duplex network cards and chips

    • Physical media with separate data transmission and receiving channels

    • Point-to-point connection

Auto-Negotiation of Ethernet

  • Purpose of auto-negotiation

    The earlier Ethernet adopts the 10 Mbit/s half-duplex mode; therefore, mechanisms such as CSMA/CD are required to guarantee system stability. With development of technologies, the full-duplex mode and 100M Ethernet emerge, which greatly improve the Ethernet performance. How to achieve the compatibility between the earlier and new Ethernet networks becomes a new problem.

    The auto-negotiation technology is introduced to solve this problem. In auto-negotiation, the devices on two ends of a link can choose the same operation parameters by exchanging information. The main parameters to be negotiated are mode (half-duplex or full-duplex), speed, and flow control. After the negotiation succeeds, the devices on two ends operate in the negotiated mode and rate.

    The auto-negotiation of duplex mode and speed is defined in the following standards:

    • 100M Ethernet standard: IEEE 802.3u

      In IEEE 802.3u, auto-negotiation is defined as an optional function.

    • Gigabit Ethernet standard: IEEE 802.3z

      In IEEE 802.3z, auto-negotiation is defined as a mandatory and default function.

  • Principle of auto-negotiation

    Auto-negotiation is an Ethernet procedure by which two connected devices choose common transmission parameters. It allows a network device to transmit the supported operating mode to the peer and receives the operating mode from the peer. In this process, the connected devices first share their capabilities regarding these parameters and then choose the highest performance transmission mode they both support.

    When no data is transmitted over a twisted pair on an Ethernet network, pulses of high frequency are transmitted at an interval of 16 ms to maintain the connections at the link layer. These pulses form a Normal Link Pulse (NLP) code stream. Some pulses of higher frequency can be inserted in the NLP to transmit more information. These pulses form a Fast Link Pulse (FLP) code stream, as shown in Figure 7-3. The basic mechanism of auto-negotiation is to encapsulate the negotiation information into FLP.

    Figure 7-3  Pulse insertion

    Similar to an Ethernet network that uses twisted pair cables, an Ethernet network that uses optical modules and optical fibers also implements auto-negotiation by sending code streams. These code streams are called Configuration (C) code streams. Different from electrical interfaces, optical interfaces do not negotiate traffic transmission rates and they work in duplex mode. Optical interfaces only negotiate flow control parameters.

    If auto-negotiation succeeds, the Ethernet card activates the link. Then, data can be transmitted on the link. If auto-negotiation fails, the link is unavailable.

    If one end does not support auto-negotiation, the other end that supports auto-negotiation adopts the default operating mode, which is generally 10 Mbit/s half-duplex.

    Auto-negotiation is implemented based on the chip design at the physical layer. As defined in IEEE 802.3, auto-negotiation is implemented in any of the following cases:
    • A faulty link recovers.
    • A device is power recycled.
    • Either of two connected devices resets.
    • A renegotiation request packet is received.

    In other cases, two connected devices do not always send auto-negotiation code streams. Auto-negotiation does not use special packets or bring additional protocol costs.

  • Auto-negotiation rules for interfaces

    Two connected interfaces can communicate with each other only when they are working in the same working mode.
    • If both interfaces work in the same non-auto-negotiation mode, the interfaces can communicate.
    • If both interfaces work in auto-negotiation mode, the interfaces can communicate through negotiation. The negotiated working mode depends on the interface with lower capability (specifically, if one interface works in full-duplex mode and the other interface works in half-duplex mode, the negotiated working mode is half-duplex). The auto-negotiation function also allows the interfaces to negotiate about the flow control function.
    • If a local interface works in auto-negotiation mode and the remote interface works in a non-auto-negotiation mode, the negotiated working mode of the local interface depends on the working mode of the remote interface.

Collision Domain and Broadcast Domain
Collision Domain

On a legacy Ethernet network using thick coaxial cables as a transmission medium, multiple nodes on a shared medium share the bandwidth on the link and compete for the right to use the link. A network collision occurs when more than one node attempts to send a packet on this link at the same time. The carrier sense multiple access with collision detection (CSMA/CD) mechanism is used to solve the problem of collisions. Once a collision occurs on a link, the CSMA/CD mechanism prevents data transmission on this link within a specified time. Collisions are inevitable on an Ethernet network, and the probability that collision occurs increases when more nodes are deployed on a shared medium. All nodes on a shared medium constitute a collision domain. All the nodes in a collision domain compete for bandwidth. Packets sent from a node, including unicast, multicast, and broadcast packets, can reach all the other nodes in the collision domain.

Broadcast Domain

Packets are broadcast in a collision domain, which results in a low bandwidth efficiency and degrades packet processing performance of network devices. Therefore, broadcasting of packets must be restricted. For example, the ARP protocol sends broadcast packets to obtain MAC addresses mapping specified IP addresses. The all 1s MAC address FFFF-FFFF-FFFF is the broadcast MAC address. All nodes must process data frames with this MAC address as the destination MAC address. A broadcast domain is a group of nodes, among which broadcast packet from one node can reach all the other nodes. A network bridge forwards unicast packets according to its MAC address table and forwards broadcast packets to all its ports. Therefore, nodes connected to all ports of a bridge belong to a broadcast domain, but each port belongs to a different collision domain.

MAC Sub-layer
Functions of the MAC Sub-layer

The MAC sub-layer has the following functions:

  • Provides access to physical links.

    The MAC sub-layer is associated with the physical layer. That is, different MAC sub-layers provide access to different physical layers.

    Ethernet has two types of MAC sub-layers:

    • Half-duplex MAC: provides access to the physical layer in half-duplex mode.

    • Full-duplex MAC: provides access to the physical layer in full-duplex mode.

    The two types of MAC sub-layers are integrated in a network interface card. After the network interface card is initialized, auto-negotiation is performed to choose an operation mode, and then a MAC sub-layer is chosen according to the operation mode.

  • Identifies stations at the data link layer.

    The MAC sub-layer reserves a unique MAC address for each station.

    The MAC sub-layer uses a MAC address to uniquely identify a station.

    MAC addresses are managed by Institute of Electrical and Electronics Engineers (IEEE) and allocated in blocks. An organization, generally a device manufacturer, obtains a unique address block from IEEE. The address block is called an Organizationally Unique Identifier (OUI). Using the OUI, the organization can allocate MAC addresses to 16777216 devices.

    A MAC address has 48 bits, which are generally expressed in 12-digit dotted hexadecimal notation. For example, the 48-bit MAC address 000000001110000011111100001110011000000000110100 is represented by 00e0.fc39.8034.

    The first 6 digits in dotted hexadecimal notation stand for the OUI, and the last 6 digits are allocated by the vendor. For example, in 00e0.fc39.8034, 00e0.fc is the OUI allocated by IEEE to Huawei, and 39.8034 is the address number allocated by Huawei.

    The second bit of a MAC address indicates whether the address is globally unique or locally unique. Ethernet uses globally unique MAC addresses.

    MAC addresses are divided into the following types:

    • Physical MAC address

      A physical MAC address is burned into hardware (such as a network interface card) and uniquely identifies a terminal on the Ethernet.

    • Broadcast MAC address

      A broadcast MAC address indicates all the terminals on a network.

      The 48 bits of a broadcast MAC address are all 1s, such as ffff.ffff.ffff.

    • Multicast MAC address

      A multicast MAC address indicates a group of terminals on a network.

      The eighth bit of a multicast MAC address is 1, such as 000000011011101100111010101110101011111010101000.

  • Transmits data over the data link layer. After receiving data from the LLC sub-layer, the MAC sub-layer adds the MAC address and control information to the data, and then transmits the data to the physical link. In the process, the MAC sub-layer provides other functions such as the check function.

    Data is transmitted at the data link layer as follows:

    1. The upper layer delivers data to the MAC sub-layer.

    2. The MAC sub-layer stores the data in the buffer.

    3. The MAC sub-layer adds the destination MAC address and source MAC address to the data, calculates the length of the data frame, and forms an Ethernet frame.

    4. The Ethernet frame is sent to the peer according to the destination MAC address.

    5. The peer compares the destination MAC address with entries in the MAC address table.

      • If a matching entry is found, the frame is accepted.

      • If no matching entry is found, the frame is discarded.

    The preceding describes frame transmission in unicast mode. After an upper-layer application is added to a multicast group, the data link layer generates a multicast MAC address according to the application, and then adds the multicast MAC address to the MAC address table. The MAC sub-layer receives frames with the multicast MAC address and transmits the frames to the upper layer.

Ethernet Frame Structure
  • Format of an Ethernet_II frame

    Figure 7-4  Format of an Ethernet_II frame

    The fields of a Ethernet_II frame are described as follows:

    • DMAC

      It indicates the destination MAC address. DMAC specifies the receiver of the frame.

    • SMAC

      It indicates the source MAC address. SMAC specifies the station that sends the frame.

    • Type

      The 2-byte Type field identifies the upper layer protocol of the Data field. The receiver can know the meaning of the Data field according to the Type field.

      Ethernet allows multiple protocols to coexist on a LAN. The hexadecimal values in the Type field of an Ethernet_II frame stand for different protocols.

      • Frames with the Type field value 0800 are IP frames.

      • Frames with the Type field value 0806 are Address Resolution Protocol (ARP) frames.

      • Frame with the Type field value 8035 are Reverse Address Resolution Protocol (RARP) frames.

      • Frames with the Type field value 8137 are Internetwork Packet Exchange (IPx) and Sequenced Packet Exchange (SPx) frames.

    • Data

      The minimum length of the Data field is 46 bytes, which ensures that the frame is at least 64 bytes in length. The 46-byte Data field is required even if only 1-byte information needs to be transmitted.

      If the payload of the Data field is less than 46 bytes, the Data field must be padded to 46 bytes.

      The maximum length of the Data field is 1500 bytes.

    • CRC

      The Cyclic Redundancy Check (CRC) field provides an error detection mechanism.

      Each sending device calculates a CRC code containing the DMAC, SMAC, Type, and Data fields. Then the CRC code is filled into the 4-byte CRC field.

  • Format of an IEEE 802.3 frame

    Figure 7-5  Format of an IEEE 802.3 frame

    As shown in Figure 7-5, the format of an IEEE 802.3 frame is similar to that of an Ethernet_II frame except that the Type field is changed to the Length field in an IEEE 802.3 frame, and the LLC field and the Sub-Network Access Protocol (SNAP) field occupy 8 bytes of the Data field.

    • Length

      The Length field specifies the number of bytes in the Data field.

    • LLC

      The LLC field consists of three sub-fields: Destination Service Access Point (DSAP), Source Service Access Point (SSAP), and Control.

    • SNAP

      The SNAP field consists of the Org Code field and the Type field. Three bytes in the Org Code field are all 0s. The Type field functions the same as the Type field in Ethernet_II frames.

    For description about other fields, see the description of Ethernet_II frames.

    Based on the values of DSAP and SSAP, IEEE 802.3 frames can be divided into the following types:

    • If DSAP and SSAP are both 0xff, the IEEE 802.3 frame changes to a Netware-Ethernet frame that carries NetWare data.

    • If DSAP and SSAP are both 0xaa, the IEEE 802.3 frame changes to an Ethernet_SNAP frame.

      Ethernet_SNAP frames can be encapsulated with data of multiple protocols. The SNAP can be considered as an extension of the Ethernet protocol. SNAP allows vendors to define their own Ethernet transmission protocols.

      The Ethernet_SNAP standard is defined by IEEE 802.1 to guarantee interoperability between IEEE 802.3 LANs and Ethernet networks.

    • Other values of DSAP and SSAP indicate IEEE 802.3 frames.

LLC Sub-layer

The MAC sub-layer supports two types of frame: IEEE 802.3 frames and Ethernet_II frames. In an Ethernet_II frame, the Type field identifies the upper layer protocol. Therefore, only the MAC sub-layer is required on a device, and the LLC sub-layer does not need to be realized.

In an IEEE 802.3 frame, the LLC sub-layer defines useful features in addition to traditional services of the data link layer. All these features are provided by the sub-fields of DSAP, SSAP, and Control.

The following lists three types of point-to-point services:

  • Connectionless service

    Currently, the Ethernet implements this service.

  • Connection-oriented service

    A connection is set up before data is transmitted. The reliability of data is guaranteed during the transmission.

  • Connectionless data transmission with acknowledgement

    A connection is not required before data transmission. The acknowledgement mechanism is used to improve the reliability.

The following is an example that describes the applications of SSAP and DSAP. Assume that terminals A and B use connection-oriented services. Data is transmitted in the following process:

  1. A sends a frame to B to require the establishment of a connection with B.

  2. If B has enough resources, it returns an acknowledgement message that contains a Service Access Point (SAP). The SAP identifies the connection required by A.

  3. After receiving the acknowledgement message, A knows that B has set up a local connection with A. After creating a SAP, A sends a message containing the SAP to B. The connection is set up.

  4. The LLC sub-layer of A encapsulates the data into a frame. The DSAP field is filled in with the SAP sent by B; the SSAP field is filled in with the SAP created by A. Then the LLC sub-layer sends the frame to the MAC sub-layer of A.

  5. The MAC sub-layer of A adds the MAC address and the Length field into the frame, and then sends the frame to the data link layer.

  6. After the frame is received at the MAC sub-layer of B, the frame is transmitted to the LLC sub-layer. The LLC sub-layer figures out the connection to which the frame belongs according to the DSAP field.

  7. After checking and acknowledging the frame based on the connection type, the LLC sub-layer of B transmits the frame to the upper layer.

  8. After the frame reaches its destination, A instructs B to release the connection by sending a frame. At this time, the communications end.

Switching on Ethernet

This section describes Ethernet switching.

Layer 2 Switching

A Layer 2 device works at the second layer of the OSI model and forwards data packets based on media access control (MAC) addresses. Ports on a Layer 2 device send and receive data independently and belong to different collision domains. Collision domains are isolated at the physical layer so that collisions will not occur between hosts (or networks) connected through this Layer 2 device due to uneven traffic rates on these hosts (or networks).

A Layer 2 device parses and learns source MAC addresses of Ethernet frames and maintains a mapping table of MAC addresses and ports. This table is called a MAC address table. When receiving an Ethernet frame, the device searches for the destination MAC address of the frame in the MAC table to determine through which port to forward this frame.

  1. When the Layer 2 device receives an Ethernet frame, it records the source MAC address and the inbound port of the frame in the MAC address table to guide Layer 2 forwarding. If the same MAC address entry exists in the MAC address table, the device resets the aging time of the entry. An aging mechanism is used to maintain entries in the MAC address table. Entries that are not updated within the aging time are deleted from the MAC address table.
  2. The device looks up the MAC address table based on the destination MAC address of the Ethernet frame. If no matching entry is found, the device forwards the frame to all its ports except the port from which the frame is received. If the destination MAC address of the frame is a broadcast address, the device forwards the frame to all its ports except the port from which the frame is received. If a matching entry is found in the MAC address table, the device forwards the frame to the port specified in the entry.

According to the preceding forwarding process, a Layer 2 device maintains a MAC address table and forwards Ethernet frames based on destination MAC addresses. This forwarding mechanism fully uses network bandwidth and improves network performance. Figure 7-6 shows an example of Layer 2 switching

Figure 7-6  Layer 2 switching example

Although Layer 2 devices can isolate collision domains, they cannot isolate broadcast domains. As described in the Layer 2 forwarding process, broadcast packets and packets that do not match nay entry in the MAC address table are forwarded to all ports (except the port from which the frame is received). Packet broadcasting consumes much bandwidth on network links and brings security issues. Routers can isolate broadcast domains, but high costs and low forwarding performance of routers limit the application of routers in Layer 2 forwarding. The virtual local area network (VLAN) technology is introduced to solve this problem in Layer 2 switching.

Layer 3 Switching
Background of Layer 3 Switches

In early stage of network deployment, most local area networks (LANs) were established using Layer 2 switches, and routers completed communication between LANs. At that time, intra-LAN traffic accounted for most of network traffic and little traffic was transmitted between LANs. A few routers were enough to handle traffic transmission between LANs.

As data communication networks expand and more services emerge on the networks, increasing traffic needs to be transmitted between networks. Routers cannot adapt to this development trend because of their high costs, low forwarding performance, and small port quantities. New devices capable of high-speed Layer 3 forwarding are required. Layer 3 switches are such devices.

Routers use CPUs to complete Layer 3 forwarding, whereas Layer 3 switches use hardware to complete Layer 3 forwarding. Hardware forwarding has a much higher performance than software forwarding (CPU based forwarding). Switches cannot replace routers in all scenarios because routers provide rich interface types, good service class control, and powerful routing capabilities that Layer 3 switches cannot provide.

Layer 3 Forwarding Mechanism
Layer 3 switches divide a Layer 2 network into multiple VLANs. They implement Layer 2 switching within the VLANs and Layer 3 IP connectivity between VLANs. Two hosts on different networks communicate with each other through the following process:
  1. Before the source host starts communicating with the destination host, it compares its own IP address with the IP address of the destination host. If IP addresses of the two hosts have the same network ID (calculated by an AND operation between the IP addresses and masks), the hosts are located on the same network segment. In this case, the source host sends an Address Resolution Protocol (ARP) request to the destination host. After receiving an ARP reply from the destination host, the source host obtains the MAC address of the destination host and sends packets to this destination MAC address.
  2. If the source and destination hosts are located on different network segments, the source host sends an ARP request to obtain the MAC address mapping the gateway IP address. After receiving an ARP reply from the gateway, the source host sends packets to the MAC address of the gateway. In these packets, the source IP address is the IP address of the source host, and destination IP address is still the IP address of the destination host.

The following is the detailed Layer 3 switching process.

As shown in Figure 7-7, the source and destination hosts connect to the same Layer 3 switch but belong to different VLANs (network segments). Both the two hosts are located on the directly connected network segments of the Layer 3 switch, so the routes to the IP addresses of the hosts are direct routes.

Figure 7-7  Layer 3 forwarding
Figure 7-7 shows the MAC addresses, IP addresses, and gateway addresses of the hosts, MAC address of the Layer 3 switch, and IP addresses of Layer 3 interfaces configured in VLANs on the Layer 3 switch. The process of a ping from PC A to PC B is as follows (the Layer 3 switch has not created any MAC address entry):
  1. PC A finds that the destination IP address (PC B) is on a different network segment than its own IP address. Therefore, PC A sends an ARP request to request for the MAC address mapping the gateway address
  2. L3 Switch receives the ARP request from PC A and finds that is the IP address of its own Layer 3 interface. L3 switch then sends an ARP reply to PC A. The ARP reply carries the MAC address of its Layer 3 interface (MAC Switch). In addition, L3 switch adds the mapping between the IP address and MAC address of PC A ( and MAC A) to its ARP table. The IP address and MAC address of PC A are carried in the ARP request sent from PC A.
  3. After PC A receives the ARP reply from the gateway (L3 Switch), it sends an ICMP request packet. In the ICMP request packet, the destination MAC address (DMAC) is MAC Switch; the source MAC address (SMAC) is MAC A; the source IP address (SIP) is; the destination IP address (DIP) is
  4. When L3 Switch receives the ICMP request packet, it updates the matching MAC address entry according to the source MAC address and VLAN ID of the packet. Then L3 Switch looks up the MAC address table according to the destination MAC address and VLAN ID of the packet and finds the entry with the MAC address of its Layer 3 interface, the packet needs to be forwarded at Layer 3. Then L3 Switch looks up Layer 3 forwarding entries of the switching chip to guide Layer 3 forwarding.
  5. The switching chip loops up Layer 3 forwarding entries according to the destination IP address of the packet. The entry lookup fails because no entry has been created. The switching chip then sends the packet to the CPU for software processing.
  6. The CPU looks up the software routing table according to the destination IP address of the packet and finds a directly connected network segment, network segment of PC B. Then the CPU looks up its ARP table, and the lookup still fails. Therefore, L3 Switch sends an ARP request to all ports in VLAN 3 (network segment of PC B), to request the MAC address mapping IP address
  7. After PC B receives the ARP request from L3 Switch, it checks the ARP request and finds that is its own IP address. PC B then sends an ARP reply carrying its MAC address (MAC B). Meanwhile, PC B records the mapping between the IP address and MAC address of L3 Switch ( and MAC Switch) in its ARP table.
  8. When L3 Switch receives the ARP reply from PC B, it records the mapping between the IP address and MAC address of PC B ( and MAC B) in its ARP table. L3 Switch changes the destination MAC address in the ICMP request packet sent from PC A to MAC B and changes the source MAC address to its own MAC address (MAC Switch), and then sends the ICMP request to PC B. The Layer 3 forwarding entry containing the IP address and MAC address of PC B, outbound VLAN ID, and outbound port is also added to the Layer 3 forwarding of the switching chip. Subsequent packets sent from PC A to PC B are directly forwarded according to this hardware entry.
  9. When PC B receives the ICMP request packet from L3 Switch, it sends an ICMP reply packet to PC A. The forwarding process for the ICMP reply packet is similar to that for the ICMP request packet except that the ICMP reply packet is directly forwarded to PC A by the switching chip according to the hardware entry. The reason is that L3 Switch has obtained the mapping between the IP address and MAC address of PC A and added matching Layer 3 forwarding entry to the L3 forwarding table of the switching chip.
  10. Subsequent packets exchanged between PC A and PC B are forwarded following the same process: MAC address table lookup, Layer 3 forwarding table lookup, and hardware forwarding by the switching chip.
In a summary, a Layer 3 switch provides high-speed Layer 3 switching through one routing process (forwarding the first packet to the CPU and creating a hardware Layer 3 forwarding entry) and multiple switching processes (hardware forwarding of subsequent packets).
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116485

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next