Link Layer

Computer
Networking: A Top
Down Approach
6th edition
Jim Kurose, Keith Ross
Addison-Wesley
March 2012
Link layer
our goals:
 understand principles behind link layer
services:
 error detection, correction
 sharing a broadcast channel: multiple access
 link layer addressing
 local area networks: Ethernet
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
Link layer: introduction
terminology:
 hosts and routers: nodes
 communication channels that global ISP

connect adjacent nodes along

communication path: links
 wired links
 wireless links
 layer-2 packet: frame,
encapsulates datagram

data-link layer has responsibility of

transferring datagram from one node
to physically adjacent node over a link
Link layer services
 framing, link access:
 encapsulate datagram into frame, adding header, trailer
 channel access if shared medium
 “MAC” addresses used in frame headers to identify
source, dest
• different from IP address!
 reliable delivery between adjacent nodes
 we learned how to do this already (Transport layer)!
 seldom used on low bit-error link (fiber, some twisted
pair)
 wireless links: high error rates
Link layer services (more)
 flow control:
 pacing between adjacent sending and receiving nodes
 error detection:
 errors caused by signal attenuation, noise.
 receiver detects presence of errors
 error correction:
 receiver identifies and corrects bit error(s) without resorting to
retransmission
 half-duplex and full-duplex
 with half duplex, nodes at both ends of link can transmit, but not
at same time
Where is the link layer implemented?
 in each and every host
 link layer implemented in
“adaptor” (aka network
interface card NIC) or on a
chip application
 Ethernet card, 802.11 transport
network cpu memory
card; Ethernet chipset link

 implements link, physical host

layer controller
bus
(e.g., PCI)
attaches into host’s system
link
 physical
buses
physical
transmission

 combination of hardware,
software, firmware network adapter
card
Adaptors communicating

datagram datagram

controller controller

sending host receiving host

datagram

frame

 sending side:  receiving side

 encapsulates datagram in  looks for errors, rdt,
frame flow control, etc
 adds error checking bits,  extracts datagram, passes
rdt, flow control, etc. to upper layer at
receiving side
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
Error detection
EDC= Error Detection and Correction bits (redundancy)
D = Data protected by error checking, may include header fields

• Error detection not 100% reliable!

• protocol may miss some errors, but rarely
• larger EDC field yields better detection and correction

otherwise
Redundancy

11
Vertical Redundancy Check
 The most common and least expensive
mechanism for error detection is the vertical
redundancy check (VRC), often called a parity
check.
 In this technique, a redundant bit called a parity
bit, is appended to every data unit so that the
total number of 1’s in the unit (including the
parity bit) becomes even.

12
Vertical Redundancy Check
 Suppose we want to transmit the binary data unit
1100001. Adding together the number of 1’s gives us
three, an odd number. Before transmitting, we pass the
data unit through a parity generator.
 The parity generator counts the 1’s and appends the
parity bit to the end. The total number of 1’s is now four,
an even number.
 The system now transmits the entire expanded unit
across the network link. When it reaches its destination,
the receiver puts all eight bits through an even-parity
checking function.

13
Vertical Redundancy Check
 If the receiver sees 11100001, it counts four 1’s,
an even number and the data unit passes. But if
the data unit has been damaged in transit, what if,
instead of 11100001, the receiver sees 11100101?
 Then the parity checker counts the 1’s, it gets 5’s,
an odd number. The receiver knows that an error
has been introduced into the data somewhere
and therefore rejects the whole unit.

14
Vertical Redundancy Check
 Example: Imagine the sender wants to send the
word “ world ”. In ASCII , the five characters are
coded as;
 W = 1110111
 O = 1101111
 R = 1110010
 L = 1101100
 D = 1100100

15
Vertical Redundancy Check
 Each of the first four characters has an even
number of 1’s, so the parity bit is a 0.
 The last character (‘ d ’) has three 1’s (an odd
number), so that the parity bit is a 1 to make the
total number of 1’s even.
 The following shows the actual bits sent
 w = 11101110, o = 11011110, r = 11100100, l =
11011000, d = 11001001

16
VRC

17
Vertical Redundancy Check
 Performance:
 VRC can detect all single-bit errors.
 It can also detect burst errors as long as the total
number of bits changed is odd (1, 3, 5, etc.).
 Suppose, however, that two bits of the data unit are
changed, in this case the number of 1’s in the data unit
is still even. The VRC checker will add them and
return an even number although the data unit contains
two errors.
 VRC cannot detect errors where the total number of
bits changed, is even.

18
Cyclic Redundancy Check
 The most powerful technique for redundancy checking is
CRC.
 Unlike, VRC, which is based on addition, CRC is based on
binary division.
 In CRC, instead of adding bits together to achieve a
desired parity, a sequence of redundant bits, called the
CRC or the CRC remainder, is appended to the end of a
data unit so that the resulting data unit becomes exactly
divisible by a second predetermined binary number.
 At its destination, the incoming data unit is divided by the
same number. If at this step, there is no remainder, means
no errors and if there is a remainder, means errors.

19
Cyclic Redundancy Check
 The redundancy bits used by CRC are derived by
dividing the data unit by a predetermined divisor;
the remainder is the CRC. To be valid, a CRC
must have two qualities:
 It must have exactly one less bit than the divisor, and
appending it to the end of the data string must make
the resulting bit sequence exactly divisible by the
divisor.

20
Cyclic Redundancy Check
 CRC provides an outline of the three basic steps:-
 First, a string of n 0’s is appended to the data unit. The
number n is one less than the number of bits in the
predetermined divisor, which is n + 1 bits.
 Second, the newly elongated data unit is divided by the
divisor using a process called binary division. The
remainder resulting from this division is the CRC.
 Third, the CRC of n bits derived in step 2 replaces the
appended 0’s at the end of the data unit.

21
Cyclic Redundancy Check
 The data unit arrives at the receiver data first,
followed by the CRC. The receiver treats the
whole string as a unit and divides it by the same
divisor that was used to find the CRC remainder.
 If the string arrives without error, the CRC
checker yields a remainder of zero and the data
unit passes. If the string has been changed in
transit, the division yields a non-zero remainder
and the data unit does not pass.

22
Cyclic Redundancy Check
 CRC Generator: A CRC generator uses
modulo-2 division. (as shown in figure)
 CRC Checker:A CRC checker functions exactly
like the generator. After receiving the data
appended with the CRC, it does the same
modulo-2 division. If the remainder is all 0’s, the
CRC is dropped and the data accepted;
otherwise, the received stream of bits is
discarded and data are resent.

23
CRC

24
Binary Division

25
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
CSMA (carrier sense multiple access)

CSMA: listen before transmit:

if channel sensed idle: transmit entire frame
 if channel sensed busy, defer transmission

 human analogy: don’t interrupt others!

CSMA collisions spatial layout of nodes

 collisions can still occur:

propagation delay means
two nodes may not hear
each other’s
transmission
 collision: entire packet
transmission time
wasted
 distance & propagation
delay play role in
determining collision
probability
CSMA/CD (collision detection)
CSMA/CD: carrier sensing, deferral as in CSMA
 collisions detected within short time
 colliding transmissions aborted, reducing channel wastage
 collision detection:
 easy in wired LANs: measure signal strengths, compare
transmitted, received signals
 difficult in wireless LANs: received signal strength
overwhelmed by local transmission strength
Ethernet CSMA/CD algorithm
1. NIC receives datagram 4. If NIC detects another
from network layer, transmission while
creates frame transmitting, aborts and
2. If NIC senses channel sends jam signal
idle, starts frame 5. After aborting, NIC
transmission. If NIC enters binary (exponential)
senses channel busy, backoff:
waits until channel idle,  after mth collision, NIC
then transmits. chooses K at random
3. If NIC transmits entire from {0,1,2, …, 2m-1}.
frame without detecting NIC waits K·512 bit
another transmission, times, returns to Step 2
NIC is done with frame !  longer backoff interval
with more collisions
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
MAC addresses

 32-bit IP address:
 network-layer address for interface
 used for layer 3 (network layer) forwarding
 MAC (or LAN or physical or Ethernet) address:
 function: used ‘locally” to get frame from one interface to
another physically-connected interface (same network, in IP-
addressing sense)
 48 bit MAC address burned in NIC ROM
 e.g.: 1A-2F-BB-76-09-AD

hexadecimal (base 16) notation

(each “number” represents 4 bits)
 LAN addresses
each adapter on LAN has unique LAN address

1A-2F-BB-76-09-AD

LAN
(wired or adapter
wireless)
71-65-F7-2B-08-53
58-23-D7-FA-20-B0

0C-C4-11-6F-E3-98
LAN addresses (more)
 MAC address allocation administered by IEEE
 manufacturer buys portion of MAC address space
(to assure uniqueness)
 analogy:
 MAC address: like Identity Card Number
 IP address: like postal address
 MAC flat address ➜ portability
 can move LAN card from one LAN to another
 IP hierarchical address not portable
 address depends on IP subnet to which node is
attached
 ARP: address resolution protocol
Question: how to determine
interface’s MAC address,
knowing its IP address? ARP table: each IP node (host,
router) on LAN has table
137.196.7.78
 IP/MAC address
mappings for some LAN
1A-2F-BB-76-09-AD
nodes:
137.196.7.23
137.196.7.14 < IP address; MAC address; TTL>
 TTL (Time To Live):
LAN time after which address
71-65-F7-2B-08-53 mapping will be
forgotten (typically 20
58-23-D7-FA-20-B0

min)
0C-C4-11-6F-E3-98
137.196.7.88
ARP protocol
 A wants to send datagram
to B
 B’s MAC address not in  A caches (saves) IP-to-
A’s ARP table. MAC address pair in its
 A broadcasts ARP query ARP table until
packet, containing B's IP information becomes old
address (times out)
 dest MAC address = FF-FF-  soft state: information that
FF-FF-FF-FF times out (goes away)
 all nodes on LAN receive unless refreshed
ARP query  ARP is “plug-and-play”:
 B receives ARP packet,  nodes create their ARP
replies to A with its (B's) tables without intervention
from net administrator
MAC address
 frame sent to A’s MAC
address (unicast)
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
Ethernet
“dominant” wired LAN technology:
 cheap $20 for NIC
 first widely used LAN technology
 simpler, cheaper than token LANs and ATM
 kept up with speed race: 10 Mbps – 10 Gbps

Metcalfe’s Ethernet sketch

Ethernet: physical topology
 bus: popular through mid 90s
 all nodes in same collision domain (can collide with each
other)
 star: prevails today
 active switch in center
 each “spoke” runs a (separate) Ethernet protocol (nodes
do not collide with each other)

switch
star
bus: coaxial cable
Ethernet frame structure
sending adapter encapsulates IP datagram (or other
network layer protocol packet) in Ethernet frame
type
dest. source data
preamble address address (payload) CRC

preamble:
 7 bytes with pattern 10101010 followed by one
byte with pattern 10101011
 used to synchronize receiver, sender clock rates
Ethernet frame structure (more)
 addresses: 6 byte source, destination MAC addresses
 if adapter receives frame with matching destination
address, or with broadcast address (e.g. ARP packet), it
passes data in frame to network layer protocol
 otherwise, adapter discards frame
 type: indicates higher layer protocol (mostly IP but
others possible, e.g., Novell IPX, AppleTalk)
 CRC: cyclic redundancy check at receiver
 error detected: frame is dropped
type
dest. source data
preamble address address (payload) CRC
Ethernet: unreliable, connectionless
 connectionless: no handshaking between sending and
receiving NICs
 unreliable: receiving NIC doesnt send acks or nacks
to sending NIC
 data in dropped frames recovered only if initial
sender uses higher layer rdt (e.g., TCP), otherwise
dropped data lost
802.3 Ethernet standards: link & physical layers

 many different Ethernet standards

 common MAC protocol and frame format
 different speeds: 2 Mbps, 10 Mbps, 100 Mbps, 1Gbps,
10G bps
 different physical layer media: fiber, cable

MAC protocol
application and frame format
transport
network 100BASE-TX 100BASE-T2 100BASE-FX
link 100BASE-T4 100BASE-SX 100BASE-BX
physical

copper (twister fiber physical layer

pair) physical layer
Local Area Network
Ethernet (10Base5)
 10base5 (thicknet) has a bus topology LAN that
uses baseband signaling and has a maximum
segment length of 500 meters.
 The physical connectors and cables utilized by
10base5 include coaxial cable, NIC, transceivers and
attachment unit interface (AUI) cables
 RG-8 Cable
 Each station is linked to its corresponding transceiver
by an AUI, also called transceiver cable.
Ethernet Segments
Link layer, LANs: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
Ethernet switch
 link-layer device: takes an active role
 store, forward Ethernet frames
 examine incoming frame’s MAC address,
selectively forward frame to one-or-more
outgoing links when frame is to be forwarded on
segment, uses CSMA/CD to access segment
 transparent
 hosts are unaware of presence of switches
 plug-and-play, self-learning
 switches do not need to be configured
Switch: multiple simultaneous transmissions

 hosts have dedicated, direct A

connection to switch
B
 switches buffer packets C’

 Ethernet protocol used on each 6 1 2

incoming link, but no collisions;
full duplex 5 4 3
 each link is its own collision
C
domain B’

 switching: A-to-A’ and B-to-B’

can transmit simultaneously, A’
without collisions switch with six interfaces
(1,2,3,4,5,6)
Switch forwarding table

Q: how does switch know A’ A

reachable via interface 4, B’ B
reachable via interface 5? C’

 A: each switch has a switch 6 1 2

table, each entry:
5 4 3
 (MAC address of host, interface to
reach host, time stamp) B’ C

 looks like a routing table!

A’
Q: how are entries created, switch with six interfaces
maintained in switch table? (1,2,3,4,5,6)
 something like a routing protocol?
Switch: self-learning Source: A
Dest: A’

A A A’
 switch learns which hosts
can be reached through B
which interfaces C’

 when frame received, 6 1 2

switch “learns”
location of sender: 5 4 3
incoming LAN segment
 records sender/location B’ C
pair in switch table
A’

MAC addr interface TTL

A 1 60 Switch table
(initially empty)
Self-learning, forwarding: example Source: A
Dest: A’

A A A’
 frame destination, A’,
locaton unknown: flood C’ B

 destination A location 6 1 2

known: selectively send A A’

5 4 3
on just one link B’ C
A’ A

A’

MAC addr interface TTL

A 1 60 switch table
A’ 4 60 (initially empty)
Interconnecting switches
 switches can be connected together
S4

S1
S3
A S2
F
D I
B C
G H
E

Q: sending from A to G - how does S1 know to

forward frame destined to G via S4 and S3?
 A: self learning! (works exactly the same as in
single-switch case!)
Self-learning multi-switch example
Suppose C sends frame to I, I responds to C

S4

S1
S3
A S2
F
D I
B C
G H
E

 Q: show switch tables and packet forwarding in S1, S2, S3, S4

Switches vs. routers
application
transport
both are store-and-forward:
datagram network
 routers: network-layer frame link
devices (examine network- physical link frame
layer headers) physical
 switches: link-layer devices
(examine link-layer switch
headers)
network datagram
both have forwarding tables: link frame
physical
 routers: compute tables
using routing algorithms, IP application
addresses transport
 switches: learn forwarding network
table using flooding, link
learning, MAC addresses physical
Link layer: outline
 introduction, services  a day in the life of a
 error detection, web request
correction
 LANs
 addressing, ARP
 Ethernet
 switches
Synthesis: a day in the life of a web request
 journey down protocol stack complete!
 application, transport, network, link
 putting-it-all-together: synthesis!
 goal: identify, review, understand protocols (at all
layers) involved in seemingly simple scenario:
requesting www page
 scenario: student attaches laptop to campus network,
requests/receives www.google.com
 A day in the life: scenario

browser DNS server

Comcast network
68.80.0.0/13

school network
68.80.2.0/24

web page

web server Google’s network

64.233.169.105 64.233.160.0/19
A day in the life… connecting to the Internet
DHCP DHCP  connecting laptop needs to
DHCP UDP
IP
get its own IP address, addr
of first-hop router, addr of
DHCP

DHCP Eth
Phy DNS server: use DHCP
DHCP

 DHCP request encapsulated

in UDP, encapsulated in IP,
DHCP
DHCP
DHCP UDP
encapsulated in 802.3
DHCP IP Ethernet
DHCP Eth router
Phy (runs DHCP)  Ethernet frame broadcast
(dest: FFFFFFFFFFFF) on LAN,
received at router running
DHCP server
 Ethernet demuxed to IP
demuxed, UDP demuxed to
DHCP
A day in the life… connecting to the Internet
DHCP DHCP  DHCP server formulates
DHCP UDP DHCP ACK containing
DHCP IP client’s IP address, IP
DHCP Eth address of first-hop router
Phy for client, name & IP
address of DNS server
 encapsulation at DHCP
DHCP DHCP server, frame forwarded
DHCP UDP (switch learning) through
DHCP IP LAN, demultiplexing at
DHCP Eth router client
(runs DHCP)
DHCP
Phy  DHCP client receives
DHCP ACK reply

Client now has IP address, knows name & addr of DNS

server, IP address of its first-hop router
A day in the life… ARP (before DNS, before HTTP)
DNS DNS  before sending HTTP request, need
DNS UDP IP address of www.google.com:
DNS
ARP
IP DNS
ARP query Eth
Phy  DNS query created, encapsulated in
UDP, encapsulated in IP,
encapsulated in Eth. To send frame
ARP to router, need MAC address of
ARP reply Eth router interface: ARP
Phy

router  ARP query broadcast, received by

(runs DHCP) router, which replies with ARP
reply giving MAC address of
router interface

 client now knows MAC address

of first hop router, so can now
send frame containing DNS
query
A day in the life… using DNS DNS
DNS UDP DNS server
DNS IP
DNS DNS DNS Eth
DNS UDP DNS Phy
DNS IP
DNS Eth
Phy
DNS
Comcast network
68.80.0.0/13

 IP datagram forwarded from

router campus network into comcast
(runs DHCP) network, routed (tables created
 IP datagram containing DNS by RIP, OSPF, IS-IS and/or BGP
query forwarded via LAN routing protocols) to DNS server
switch from client to 1st hop
router  demux’ed to DNS server
 DNS server replies to client
with IP address of
www.google.com
A day in the life…TCP connection carrying HTTP
HTTP
HTTP
SYNACK
SYN TCP
SYNACK
SYN IP
SYNACK
SYN Eth
Phy

 to send HTTP request,

client first opens TCP socket
to web server
router  TCP SYN segment (step 1 in 3-
(runs DHCP)
SYNACK
SYN TCP way handshake) inter-domain
SYNACK
SYN IP routed to web server
SYNACK
SYN Eth
Phy  web server responds with TCP
SYNACK (step 2 in 3-way
web server handshake)
64.233.169.105  TCP connection established!
A day in the life… HTTP request/reply
HTTP
HTTP HTTP  web page finally (!!!) displayed
HTTP
HTTP TCP
HTTP
HTTP IP
HTTP
HTTP Eth
Phy

 HTTP request sent into TCP

socket
router  IP datagram containing HTTP
HTTP
HTTP
HTTP TCP
(runs DHCP) request routed to
HTTP IP www.google.com
HTTP Eth  web server responds with
Phy HTTP reply (containing web
page)
web server
64.233.169.105
 IP datagram containing HTTP
reply routed back to client
Summary
 principles behind data link layer services:
 error detection, correction
 sharing a broadcast channel
 link layer addressing
 implementation of various link layer technologies
 Ethernet
 switched LANS etc.
 synthesis: a day in the life of a web request