The data link layer is concerned with how a local area network is transmitted from one point to another. For the study of this layer, the physical layer is transparent.
The difference between a data link and a link is that in addition to physical lines, there are protocols.
encapsulation into framing
Encapsulation into a frame: Just like when we speak, a sentence has a beginning and an end, so when we transmit a piece of data, we also need to add a start flag and an end flag to it.
As shown in the figure above, there are a frame header and a frame trailer. The frame header is marked with a specific mark, and the frame tail is also marked with a special mark. The length of the data part has a maximum MTU of 1500.
When the data is a text file consisting of printable ASCII codes, the frame delimiter can use a special frame delimiter symbol. This special frame delimiter is an ASCII code that cannot be typed by the keyboard.
The header of the frame is represented by SOH, which is 01 in hexadecimal, and the tail of the frame is represented by EOT, which is 04 in hexadecimal.
Transparent transmission
When the data is not ASCII, the same as the frame delimiter may appear in the data. For example, if the same data as EOT appears in the data part, then the EOT in the data will be set. End mark. Then the part after EOT will be lost.
Byte stuffing method Those who have
learned programming languages should know that we use double quotation marks to quote a sentence, then what should we do if there are other double quotation marks in the double quotation marks? What we do is add a \ in front of the double quotes to indicate that this is not a delimiter. "\"helloword\"". Represents "helloword".
Then add the escape mark in front of the identifier of the data part. We identify it with ESC, which is 1B in hexadecimal, and we call this method byte stuffing.
error detection
In the process of data transmission, there may be errors, 1 becomes 0, 0 becomes 1, and we call the ratio of error bits to total bits as bit error rate. It has a lot to do with the signal-to-noise ratio.
In order to reduce and avoid errors during transmission, we use a method called cyclic redundancy check (CRC).
As shown in the figure below, the data to be transmitted here is 101001, we will do the modulo 2 operation on 1101, and the remainder obtained is the FCS. We put this FCS after the data to be transmitted 101001, then it becomes 101001001 , and pass it together. After the other party receives the data, it also performs a modulo 2 operation with 1101. If the remainder is 0, it proves that there is no problem with the passed data.
Modulo 2 operation. The same is 0, and the difference is 1. For example, 1010 and 1101, do modulo 2 operation, and add 0111.
Careful readers may find that when we do the modulo 2 operation, we add 3 0s at the back. The rule given is that if the divisor is n bits, then n-1 0s should be added at the end.
We use the CRC check method to obtain the remainder of FCS. In fact, there are many ways to generate FCS. Here we mainly introduce the CRC check method.
CRC does not correct errors, and the data with errors will be lost. As for the problem of packet loss caused by the lost data, the data link layer does not care. This is solved by the upper-layer protocol, and in the process of data transmission. , the order of the transmitted data may be out of order, or the transmission may be repeated, the data link layer does not care, it only ensures that there is no bit transmission error.
It is worth noting here that the CRC check does not guarantee 100% error-free bit transmission. For example, if several bits are in error, at this time, the remainder is exactly 0. It's just that the probability is very small.
In general, we express the remainder as a polynomial, for example, P(X)=X^3+X^2+1, which means 1101.
PPP protocol
We often see PPP protocols, such as the kind of ADSL broadband Internet access at home, which is a point-to-point PPP protocol.
The above is our commonly used PPPOE connection. To dial up, connect directly from one point to another, and you can account for it.
PPP frames
PPP frames are byte-oriented, and all PPP frames are integer multiples of bytes.
The above figure introduces the format of the PPP frame, F represents the start of the frame, AC represents the address, and there are several types of protocols. For example, we use 0X0021 to represent IP datagrams, and 0X8021 to represent control data. In fact, A and C here are in It's not really useful because the PPP protocol is a point-to-point protocol. You don't need to know the address of the other party at all to pass it to the other party.
If the PPP protocol is subdivided, it can be divided into three protocols.
NCP—specially used to assign IP addresses
LCP—used to verify identity
HDLC—is what we mentioned earlier, encapsulation into frames, transparent transmission, and error detection.
Byte-filled
PPP protocol also needs to have frame header and frame tail. Of course, frame delimiter may also appear in the data part, so at this time, we do not use escape characters, but write all 0X7E in the data part as 0X7D, 0X5E, 0X7D are written as 0X7D, 0X5D, and 0X7D is added before the control character of ASCII code.
When the data is received by the other party, it can be reversely parsed at this time.
0 bit padding
When there are 5 consecutive 1s in the data part of the data PPP frame, add a 0 at the back, such as 0011111111001100, then change it to 00111110111001100. When the receiver receives this data, if it encounters 5 Consecutive 1s, then remove the trailing 0s. Because if it is 5 consecutive 1s, it may be mistaken for F, resulting in frame delimitation errors.
LAN data link layer
Local area network has the following advantages.
With the broadcast function, the entire network can be easily accessed from one site. Hosts on a local area network can share various hardware and software connected to the local area network. On the other hand, it improves the reliability and availability of the system.
Media sharing technology
Frequency division multiplexing, time division multiplexing, wavelength division multiplexing, code division multiplexing, this was mentioned in the previous physical layer.
Dynamic Media Access Control.
Random access, controlled access.
We further divide the data link layer under the LAN, then it can be divided into LLC and MAC layer.
Ethernet does its best to deliver data and adopts a connectionless method.
CSMA/CD Protocol
Multipoint Access – Indicates that many hosts can be connected to a single bus
Carrier Sense – A station will listen to see if someone is sending data before sending it, and if so will not send it.
Collision Detection – While sending, monitor whether other hosts are also sending data, if other hosts are also sending data, a collision may occur. So how do you detect if a collision has occurred? In fact, it is based on whether the voltage exceeds a certain threshold to determine whether a collision has occurred. Once a collision occurs, both parties should stop sending data and wait for a period of time before sending data.
Let's analyze what happens if the Ethernet collides during transmission? Please see the picture below
So when is the latest time for A to detect a collision with B?
The earliest detected collision is just about to send data, that is, the collision occurred at point A itself, then the latest detected collision is at point B, and then the collision data is returned to point A to detect whether a collision has occurred. , at this time, the time is 2τ, that is to
say, after the collision, the backoff time is 2t as the calculation unit.
The CSMA/CD protocol can only perform half-duplex communication, which makes the average traffic of Ethernet much smaller than the maximum traffic.
Contention Period for CSMA/CD Protocol
As mentioned above, the latest 2τ detects the occurrence of Peng collision, 2τ is 51.2us, we call this time the contention period, for 10Mb/s Ethernet, 512 bits can be sent, which means that if A is sending In the process of sending data by B, if 512 bits have been sent without collision, it also proves that the data that occurs in the future will not collide. 512bit is 64 bytes.
Therefore, the CSMA/CD protocol stipulates that the minimum sent byte is 64 bytes, and frames smaller than 64 bytes are regarded as invalid frames. What if it's short? Then just add 0 after it.
backoff algorithm
The contention period is mentioned above, that is, the time when a collision is detected at the latest. If a collision occurs, how long should data be sent again?
We know that the latest collision detection time is 2τ, then if A sends data to B again, it can send it immediately and let B wait for 2τ, or A can wait for 2τ and let B send it immediately. Since A and B are equal, we cannot specify who should send first and who should send later, then a random algorithm is generated, which we call backoff algorithm.
This is what the backoff algorithm does. The backoff time is q*2τ, and the focus is on the value of q, q=random[0,1,…,(2^k-1)], where k should be MIN[ The number of retransmissions, 10], the number of retransmissions refers to the number of collisions that occur. If the collision occurs for the first time, then q takes an integer value from 0-1, and then waits for 0*2τ or 1*2τ time, If a collision occurs again, the value of k is increased.
hub
The hub is a device used in the early days of Ethernet, and it is relatively rare now. Looking at this picture, we should be able to understand the principle of the hub.
The Ethernet using the hub is still a bus network logically, and the workstations still use the CSMA/CD protocol and share the logical bus.
The hub is to a multi-interface repeater, it has no identification function, it is only responsible for forwarding. That is to say, the hub works at the physical layer.
Ethernet Channel Utilization
A frame is sent from the beginning to the successful transmission. The time obtained after several collisions in the past is n*2t. Assuming that the successful transmission time is T0 (data length/transmission rate), when the transmission of the last bit is completed, it is necessary to The receiving point can only be reached after t.
If the channel utilization rate is larger, the ratio of t to T should be smaller, a=t/T. When a tends to 0, it proves that the channel utilization rate of Ethernet is higher. We can try to imagine what it has. It means that when T is fixed, the smaller t is, the smaller is a, which means that T can be sent to the destination as soon as it goes out. This means that we should try to make T larger and t smaller, while T depends on the size of the frame, and t depends on the distance between the two sites. Small distance between two stations.
At this time, we can get the limit channel utilization of Ethernet, Smax = T0/(T0+t)=1/(a+1), that is to say, in this case, no collision occurs.
MAC address
What exactly is such a familiar MAC address? It is actually a physical address, which can also be called a hardware address. In a local area network, one of our hosts sends a piece of data to all the hosts in the local area network, and the data is embedded with the destination mac address. , at this time, the computer that receives the data compares it with its own MAC address. If the destination address in the data is the same as its own address, it will choose to receive it, otherwise it will be discarded.
This MAC address is usually stored on the network card. When the network card is produced, it has a unique MAC address in the world. The first 24 bits of this address represent the manufacturer, and the last 24 bits are specified by the manufacturer. , of course, this address cannot be repeated.
Although our computer generally uses the MAC address on the network card when communicating, but if we want to not apply this MAC address without changing the network card, there is a way. We can check the MAC address of our host. This method is in Only one command is needed under DOS, that is, ipconfig /all can see its own MAC address, and the physical address is displayed on DOS.
Of course, you can also change the computer to use other MAC addresses when communicating according to your needs. Of course, if there are two identical MAC addresses in the same local area network, conflicts will occur, resulting in failure to surf the Internet normally. We can right-click on the local connection in the network adapter, properties, then configure, then click on advanced, then click on the network address, and modify it according to the format. This format can refer to the format found in ipconfig /all under dos.
MAC frame
We learned about the PPP frame earlier, so what does the MAC frame look like?
Careful students should find that in addition to the MAC frame itself, in the process of transmission, 8 bytes are added in front, so what are these 8 bytes used for? In fact, when a station just receives the MAC frame, because it cannot achieve synchronization with the bit stream, the first few bits of the MAC frame cannot be received, resulting in the MAC frame becoming an invalid frame. In order to avoid this situation , we add a 7-byte synchronization code in front of the MAC frame, plus the start delimiter of a frame, the first 6 bits of this symbol are the same as the synchronization code, which is 010101, and when 11 appears , which expresses the start of the frame.
The destination address and the source address are the destination MAC address and the source MAC address, so what is the type? This type represents what the data part is, that is, the data part can be other control protocols or IP datagrams, and the FCS can be obtained by CRC cyclic check.
We know that the minimum bit length in the local area network cannot be less than 512bit, which is 64 bytes, then from the MAC frame, the destination MAC address source MAC address type FCS occupies 18 bytes, and the data part needs at least 46 bytes. , of course, the maximum size cannot exceed 1500 bytes.
Careful students should have found that the MAC frame does not have an end mark. So, since there is no end mark, how does our adapter know that the frame is over? Due to the Manchester encoding used in Ethernet, 1 jumps up and 0 jumps down, that is to say, there is a jump only when the frame is received. If there is no jump, it proves that the reception is complete. That is, the frame is over. In addition, some people will ask what if two frames happen to be sent together? Because the minimum transmission interval between two frames is 0.96 microseconds, there is no problem of two frames being consecutive and the end of which cannot be recognized.
Extended Ethernet
Early Extended Ethernet
In the early Ethernet, if you want to talk about two separate Ethernet vectors, they are connected through a backbone hub. Since the hub does not have any filtering function, it is only responsible for forwarding, so this mechanism will be a small one by one. The collision domain becomes a larger collision domain, resulting in less efficient network propagation.
bridge
In order to solve the above problem that the collision domain becomes larger, a device called a bridge appears. It has a filtering function and can send data to a specified interface.
For example, if A wants B to send data, the data will be sent to the bridge. The bridge knows that B is on interface 1, so it will not forward it to interface 2. This is the biggest difference from the hub.
A bridge for self-learning
Just said, if A wants to send data to B, it will not be sent to interface 2, so how is this implemented?
When the bridge is just installed, the bridge does not know that there are three computers ABC on interface 1, and of course it does not know that there are three computers DEF on interface 2. When A sends data to B or other hosts, at this time , this data will be transmitted to interface 1, then at this time, the bridge will record the data that interface 1 can receive from A, that is to say, if anyone wants to send data to A in the future, it will be forwarded like interface 1, Of course, if it is sent from interface 1, it will not be forwarded.
In this way, A is recorded on interface 1 for the first time, then as long as B sends data out, B is also recorded on interface 1. At this time, the bridge knows that B is also on interface 1, so it will not send it to interface 2. Of course, for the first time, it will also send data to interface 2 without knowing that B is on the interface. Once it is confirmed that B is on interface 1, it will not be forwarded to other interfaces.
Similarly, if A wants to send data to a host in D, E, F, A's data will be sent to the bridge, then if interfaces D, E, F have sent data to the bridge, then directly It is forwarded to interface 2, and then the data can reach the DEF without being transmitted to interface 3 or interface 4 (not shown here).
It seems that using a bridge can improve the utilization of network resources and reduce collisions. At the same time, the security performance and reliability of the data are also improved. Why improve security? In the early Ethernet, data will be forwarded to all hosts. At this time, if other hosts are equipped with packet capture tools, the data will be stolen. Here, if no one has installed packet capture tools on the BC, Then after self-learning, the data will not be sent to other interfaces indiscriminately. (more on how to capture packets later)Disadvantages of bridges
The bridge also has some shortcomings. On the
one hand , the bridge needs to find the forwarding table before forwarding, which takes a certain amount of time. Moreover, before forwarding, the CSMA/CD algorithm needs to be executed, that is, if a collision occurs, it needs to be avoided. On the
other hand , as shown in the figure above, if A is sending data to D, and B is also sending data to D, at this time, A has to wait for A to finish sending it first, and B can be placed in the cache of the bridge, waiting for A The data of B is sent first, and then the data of B is sent. When there are too many users, the cache will become larger and larger, and it may not be enough. Latency is also greater.
switch
When there are many bridge interfaces, at this time, the computer will not be aggregated into one line and then connected, but directly connected to the bridge. We do not call it a bridge at this time, but a switch. At this time, if A wants to send data to D, it is more secure, because the data will not be sent to other interfaces, because the host is connected above, and the data is sent directly to the destination host.
transparent bridge
What is a transparent bridge? According to the above picture, we can imagine that when A sends data to D, D does not know that there is a bridge in the middle. For AD, it is equivalent to a direct connection, and the bridge is transparent.
Here, let's look at the connection of multiple bridges and how they establish a forwarding table through self-learning.
Suppose A wants to send data to E. Suppose E has not sent data before. At this time, the data of A reaches bridge 1, bridge A is on interface 1, and bridge 1 does not know which interface E is on. At this time, he sends the data Forward to all other interfaces. As long as interface 2 is used here, the data will be transmitted to interface 1 of bridge 2. At this time, bridge 2 will know that the data I want to send to A in the future should be transmitted to interface 1. Because E did not send any data before, at this time, bridge 2 will also forward the data to all other interfaces except interface 1, namely interface 2.
Assuming that A initially sends not to E, but to B, will bridge 1 and bridge 2 add A's interface to the forwarding table? In fact, the same interface is established. When A sends data to B, bridge 1 does not know which interface the data is to be transmitted to, so it will be transmitted to other interfaces. At this time, the data will arrive at interface 2, interface 2 is transmitted to interface 1 of bridge 2. At this time, bridge 2 does not know to whom the data is transmitted. At this time, the data will be transmitted through the interface of bridge 2.
Forwarded Spanning Tree Algorithm
In order to prevent the data from being directly looped in the Ethernet, the bridge also uses a spanning tree algorithm
First choose a root switch, how to choose a root switch? When disseminating data, there is a priority according to the distance, and the one with the shortest distance has the priority. When the priority is the same, the one with the smallest mac address is called the root switch.
At this time, when forwarding data to the root, take a closer route, which forms a topology map, so that it will not go around in circles.
LANs and VLANs
The so-called LAN is a physical local area network, and VLAN is a virtual local area network, which can also be called a logical local area network.
As shown in the figure above, the three computers on the first floor form a physical local area network, but they belong to different departments, but this causes data insecurity to a certain extent. If you only want to share data within each department, then you need to Virtual local area network, let each department logically form a local area network
Realization of virtual local area network
There are two departments, the finance department and the sales department. They are connected to different switches. Now we need to divide the finance department into one vlan and the sales department into another vlan, which is equivalent to separating the two and then connecting them up and down. On the line, (actually, they forward data through the rightmost bus. Since we don't know which vlan data is, so we need to add a mark in front of the data when forwarding, which is described in Chapter 2. Yes, statistical time division multiplexing)
The two switches communicate through the trunk link. If vlan broadcasts data, it will not be sent to vlan2, but will be sent directly to the trunk link (the link on the right side of the switch is connected to the hole on the right side of the second switch) , when the second switch receives data on the trunk link, it forwards it to the specific vlan interface in its own switch according to the data tag.
Secure access on the switch
Switches can be bound with ports and MAC addresses.
According to different switches, they can be bound under dos, and some commands are required. You can do this by yourself.