Introduction to LAN Protocols

What Is a LAN?

A LAN is a high-speed data network that covers a relatively small geographic area. It
typically connects workstations, personal computers, printers, servers, and other
devices. LANs offer computer users many advantages, including shared access to
devices and applications, file exchange between connected users, and
communication between users via electronic mail and other applications.

LAN Protocols and the OSI Reference Model

LAN protocols function at the lowest two layers of the OSI reference model, as
discussed in Chapter 1, "Internetworking Basics," between the physical layer and the
data link layer. The following figure illustrates how several popular LAN protocols map
to the OSI reference model.

Popular LAN Protocols Mapped to the OSI Reference Model

LAN Media-Access Methods

Media contention occurs when two or more network devices have data to send
at the same time. Because multiple devices cannot talk on the network
simultaneously, some type of method must be used to allow one device access to the
network media at a time. This is done in two main ways: carrier sense multiple
access collision detects (CSMA/CD) and token passing.

In networks using CSMA/CD technology such as Ethernet, network devices

contend for the network media. When a device has data to send, it first listens to see
if any other device is currently using the network. If not, it starts sending its data.
After finishing its transmission, it listens again to see if a collision occurred. A collision
occurs when two devices send data simultaneously. When a collision happens, each
device waits a random length of time before resending its data. In most cases, a
collision will not occur again between the two devices. Because of this type of
network contention, the busier a network becomes, the more collisions occur. This is
why performance of Ethernet degrades rapidly as the number of devices on a single
network increases.

In token-passing networks such as Token Ring and FDDI, a special network packet
called a token is passed around the network from device to device. When a device
has data to send, it must wait until it has the token and then sends its data. When
the data transmission is complete, the token is released so that other devices may
use the network media. The main advantage of token-passing networks is that they
are deterministic. In other words, it is easy to calculate the maximum time that will
pass before a device has the opportunity to send data. This explains the popularity of
token-passing networks in some real-time environments such as factories, where
machinery must be capable of communicating at a determinable interval.

For CSMA/CD networks, switches segment the network into multiple collision
domains. This reduces the number of devices per network segment that must
contend for the media. By creating smaller collision domains, the performance of a
network can be increased significantly without requiring addressing changes.

Normally CSMA/CD networks are half-duplex, meaning that while a device sends
information, it cannot receive at the time. While that device is talking, it is incapable
of also listening for other traffic. This is much like a walkie-talkie. When one person
wants to talk, he presses the transmit button and begins speaking. While he is
talking, no one else on the same frequency can talk. When the sending person is
finished, he releases the transmit button and the frequency is available to others.

When switches are introduced, full-duplex operation is possible. Full-duplex works

much like a telephone—you can listen as well as talk at the same time. When a
network device is attached directly to the port of a network switch, the two devices
may be capable of operating in full-duplex mode. In full-duplex mode, performance
can be increased, but
not quite as much as some like to claim. A 100-Mbps Ethernet segment is capable of
transmitting 200 Mbps of data, but only 100 Mbps can travel in one direction at a
time. Because most data connections are asymmetric (with more data travelling in
one direction than the other), the gain is not as great as many claim. However, full-
duplex operation does increase the throughput of most applications because the
network media is no longer shared. Two devices on a full-duplex connection can send
data as soon as it is ready.

Token-passing networks such as Token Ring can also benefit from network switches.
In large networks, the delay between turns to transmit may be significant because
the token is passed around the network.

LAN Tr a n s m i s s i o n Methods
LAN data transmissions fall into three classifications: unicast, multicast, and
broadcast.
In each type of transmission, a single packet is sent to one or more nodes.

In a unicast transmission, a single packet is sent from the source to a destination on a

network. First, the source node addresses the packet by using the address of the
destination node. The package is then sent onto the network, and finally, the network
passes the packet to its destination.
A multicast transmission consists of a single data packet that is copied and sent to a
specific subset of nodes on the network. First, the source node addresses the packet
by using a multicast address. The packet is then sent into the network, which makes
copies of the packet and sends a copy to each node that is part of the multicast
address.

A broadcast transmission consists of a single data packet that is copied and sent to
all nodes on the network. In these types of transmissions, the source node addresses
the packet by using the broadcast address. The packet is then sent on to the
network, which makes copies of the packet and sends a copy to every node on the
network

NETWORK
A network is a collection of computers and other devices that allow computer users
to send and receive information to and from each other.

A network allows you to:

• share information without having to carry or mail disks or paper

• ensure that your staff has the same software release
• communicate with a colleague on another campus
• access shared information
• share printers or other devices

Introduction to Networks
Individual workstations are sometimes connected by cable to a shared computer
known as a server. The server is usually located relatively close to the individual
workstations. There is either an Ethernet card or token ring board in each computer
that allows it to be connected to the network. Both workstation and server use
software that allows the computers to speak the same language.

• Local Area Network (LAN) - A network (often in a department or office)

intended to serve a small area. The network allows computers to work
together and people to share resources.
• Wide Area Network (WAN) - A network that covers a large geographic area.
Individual computers can be connected directly to a Wide Area Network
through a data line from the office or a modem from home without first going
through a Local Area Network.

See Glossary of Network Terms for a list of other frequently used network terms.
The Three Components of a Network

In order to have full access to a network (local or wide) from your workstation, three
components are required.

1. The first component is hardware.

Your workstation must have an Ethernet card or token ring board installed and a
cable running from this card to the data jack in your office.

The data jack must be wired from your office through the building to the campus
broadband. Once this hardware wiring connection is made, you have the
infrastructure in place to access the network.

2. The second component is network software that recognizes the hardware and
will use it. Different software is required depending on the network access you
want.
o For a Local Area Network (LAN), you will need network operating
system software (i.e., Novell or Windows NT). If you want to access the
Wide Area Network and the Local Area Network, you will need both
kinds of software. Contact your local support person to find out what
kind of software you have.

3. The third component is application software running on the Local Area

Network. Examples of these would be any network version of word processors
(i.e., Microsoft Word, WordPerfect), databases (Paradox, Dbase), spreadsheets
(Lotus, Excel), etc. These packages are designed to provide multiple access to
files and records and to lock files and records so that a particular document
can be edited by only one person at a time.

Network Pros and Cons

Pros
A network gives you the ability to:

• share and transfer files between people on the Local Area Network (platform
dependent DOS/Windows or Macintosh)
• share common printers
• connect your computers to other sites on the WAN and at other locations
• access a variety of network search facilities such as Gopher, Mosaic, and
World Wide Web
• transfer files between systems using FTP
• save disk space on your hard drive by putting software on the server
• use E-Mail
Cons
A network:

• needs someone on-site to provide network support

• needs someone to back up the server
• may require a longer time to start up applications

Common Network Security Issues

Network security involves two areas of concern: theft or vandalism and virus
infection.

Theft or Vandalism
Theft or vandalism can involve either hardware or software/data. Hardware, whether
networked or not, can be protected by ensuring that the location is secure. Software
and/or data are much more vulnerable on a network because they may be affected
by more than one person or workstation. Shared software or data, if damaged or
stolen, may hamper the productivity of an entire department.

Software and/or data can be secured by implementing the following procedural

guidelines:

• All shared resources must have a detailed chain of authorization (i.e., these
people can read the file; these people can write to the file; these people can
erase the file, etc.)
• Files and computers should be password protected and passwords should
follow established security guidelines.
• Backup procedures should be in place and off-site storage of backups should
be maintained so that, in the event of a problem, software and data can be
restored.
• Only authorized persons should have access to the network and network files.
An individual should be assigned the task of network security and should keep
up-to-date on guidelines and procedures and routinely perform security
audits.

Virus Infection

The other area of network security involves virus infections. Virus protection software
is an invaluable resource in protecting hardware and software from the spread of
viruses - but it is only as good as the way in which it is used. For proper use, virus
protection software should be:

• updated regularly
• placed on every computer that is used with floppy disks that travel from
person to person, and on computers that retrieve program/applications
software from any source
 • installed so that any floppy disk inserted into the drive is checked prior to
loading
• available to easily check any software that updates or changes the system
files, such as autoexec.bat, config.sys, FAT tables, etc.

Every computer station should have a bootable emergency diskette prepared and
kept up-to-date with a copy of the system setup files that are called when the system
is first booted. If a virus is detected, the infected system can be cleaned without fear
of losing the valuable start-up information on the emergency diskette.

For more information about virus protection software, see:

Virus Protection Software for the IBM and IBM Compatibles

Virus Protection Software for the Macintosh

The OSI Reference Model

Modern computer networks are designed in a highly structured way. To reduce their
design complexity, most networks are organized as a series of layers, each one built
upon its predecessor.

The OSI Reference Model is based on a proposal developed by the International

Organization for Standardization (ISO). The model is called ISO OSI (Open Systems
Interconnection) Reference Model because it deals with connecting open systems -
that is, systems that are open for communication with other systems.

The OSI model has seven layers. The principles that were applied to arrive at the
seven layers are as follows:

1. A layer should be created where a different level of abstraction is needed.

2. Each layer should perform a well defined function.

3. The function of each layer should be chosen with an eye toward defining
internationally standardized protocols.

4. The layer boundaries should be chosen to minimize the information flow across
the interfaces.

5. The number of layers should be large enough that distinct functions need not be
thrown together in the same layer out of necessity, and small enough that the
architecture does not become unwieldy.

The Seven Layers Model

Seven layers are defined:

7) Application : Provides different services to the applications

6) Presentation : Converts the information

5) Session : Handles problems which are not communication issues

4) Transport : Provides end to end communication control

3) Network : Routes the information in the network

2) Data Link : Provides error control between adjacent nodes

1) Physical : Connects the entity to the transmission media

What Is an Internet work?
An internet work is a collection of individual networks, connected by intermediate
networking devices, that functions as a single large network. Internetworking refers
to the industry, products, and procedures that meet the challenge of creating and
administering internet works. The following figure illustrates some different kinds of
network technologies that can be interconnected by routers and other networking
devices to create an internet work.

Different Network Technologies Can Be Connected to Create an Internet

work

History of Internetworking
The first networks were time-sharing networks that used mainframes and attached
terminals. Such environments were implemented by both IBM's Systems Network
Architecture (SNA) and Digital's network architecture.

Local-area networks (LANs) evolved around the PC revolution. LANs enabled multiple
users in a relatively small geographical area to exchange files and messages, as well
as access shared resources such as file servers and printers.

Wide-area networks (WANs) interconnect LANs with geographically dispersed users to

create connectivity. Some of the technologies used for connecting LANs include T1,
T3, ATM, ISDN, ADSL, Frame Relay, radio links, and others. New methods of
connecting dispersed LANs are appearing everyday.

Today, high-speed LANs and switched internet works are becoming widely used,
largely because they operate at very high speeds and support such high-bandwidth
applications as multimedia and videoconferencing.

Internetworking evolved as a solution to three key problems: isolated LANs,

duplication
of resources, and a lack of network management. Isolated LANs made electronic
communication between different offices or departments impossible. Duplication of
resources meant that the same hardware and software had to be supplied to each
office or department, as did separate support staff. This lack of network management
meant that no centralized method of managing and troubleshooting networks
existed.

Internetworking Challenges

Implementing a functional internet work is no simple task. Many challenges must be

faced, especially in the areas of connectivity, reliability, network management, and
flexibility. Each area is key in establishing an efficient and effective internet work.

The challenge when connecting various systems is to support communication among

disparate technologies. Different sites, for example, may use different types of media
operating at varying speeds, or may even include different types of systems that
need to communicate.

Because companies rely heavily on data communication, internet works must provide
a certain level of reliability. This is an unpredictable world; so many large internet
works include redundancy to allow for communication even when problems occur.

Furthermore, network management must provide centralized support and

troubleshooting capabilities in an internet work. Configuration, security, performance,
and other issues must be adequately addressed for the internet work to function
smoothly. Security within an internet work is essential. Many people think of network
security from the perspective of protecting the private network from outside attacks.
However, it is just as important to protect the network from internal attacks,
especially because most security breaches come from inside. Networks must also be
secured so that the internal network cannot be used as a tool to attack other external
sites.

Early in the year 2000, many major web sites were the victims of distributed denial of
service (DDOS) attacks. These attacks were possible because a great number of
private networks currently connected with the Internet were not properly secured.
These private networks were used as tools for the attackers.

Because nothing in this world is stagnant, internet works must be flexible enough to
change with new demands

Broadcast
Subnets
A TCP/IP network can have a lot of traffic flowing across it at any given
time. In large networks the flow of information can be too much, causing
bottlenecks and congestion that essentially bogs the network down to the
point it is ineffective. To alleviate this, a network will be divided into
smaller networks called subnets.

Broadcast traffic
Broadcasting is the nature of TCP/IP traffic. When a router receives a packet with a
destination address it is do not know, the packet is broadcast everywhere on the
network.
Simply put, a broadcast will occur when a router receives a packet, looks at the
destination, realizes it does not know where to find this destination, and asks the
other routers, "Do you know this address?" One router will respond, and a route for
that address will be created.
The portion of the network that can receive the broadcast is called a broadcast
domain. In a large network the broadcast domain is the entire network. If each
computer on the network is sending packets, this can cause electronic gridlock fairly
quickly because a copy of each packet is sent to every computer on the network
even if it was not meant to receive it.

Hubs and switches

Networks used to be connected by hubs. A hub simply repeats all the signals it
receives from one port to all of its other ports, which is known as broadcasting. To
solve the broadcast problem engineers made the hubs smarter so they could learn
which computers were on the network and send packets to only the computers they
were meant for, logically dividing the network into smaller pieces to limit broadcast
traffic. The smart hubs were called switches.

Removing the bottleneck

As an extension of the switch, which logically divides a network, a large network can
be manually divided into smaller networks so that broadcasting is limited to the small
sections. These smaller networks are called subnets.
Subnets are created by configuring the IP addresses for all the computers in the
subnet to be similar to each other, but different from other subnets. The different
subnets are kept separate by using a subnet mask. A subnet mask filters IP
addresses allowing computers with specific IP addresses to talk to each other directly
yet other computers will not hear their broadcast traffic. With a large network divided
into many smaller networks, how can they all be connected so they could talk to each
other?

Backbone and routers

A backbone is a high capacity, high bandwidth connection that is used to connect the
many subnets of a large network. If we connect all the subnets together how will they
communicate without broadcasting traffic again? The backbone uses routers to limit
broadcast traffic to the subnet while still connecting computers in different subnets
together. A router is an intelligent device that has the ability to find a path from a
computer in one subnet to a target computer in a different subnet and connect the
two without any broadcast traffic from the subnet leaking out into the backbone.
By using subnets, backbones, and routers it is possible for a large network to operate
efficiently without any bottlenecks or congestion.

Network topology
In telecommunication, network topology is the specific physical (i.e. real) or logical
(i.e. virtual) arrangement of the elements of a network.

A network may be represented as a collection of nodes, some of which are connected

by links. A given nodes may have links to many others (see diagrams below).
Network topology is determined only by the configuration of connections between
nodes; it is therefore a part of Graph theory. Distances between nodes, physical
interconnections, transmission rates, and/or signal types are not a matter of network
topology, although they may be affected by it in an actual physical network.

The common types of network topology are illustrated and defined below.

A fully connected topology is a network topology in which there is a direct link

between all pairs of nodes. In a fully connected network with n nodes, there are n(n-
1)/2 direct links. Synonym fully connected mesh network.

A bus topology is a network topology in which there is a single line (the bus) to which
all nodes are connected, and the nodes connect only to this bus.
linear topology: See bus topology.

mesh topology: A network topology in which there are at least two nodes with two or
more paths between them.

ring topology: A network topology in which every node has exactly two branches
connected to it.

star topology: A network topology in which peripheral nodes are connected to a

central node, which rebroadcasts all transmissions received from any peripheral node
to all peripheral nodes on the network, including the originating node. All peripheral
nodes may thus communicate with all others by transmitting to, and receiving from,
the central node only.

The failure of a transmission line linking any peripheral node to the central node will
result in the isolation of that peripheral node from all others.

If the star central node is passive, the originating node must be able to tolerate the
reception of an echo of its own transmission, delayed by the two-way transmission
time (i.e. to and from the central node) plus any delay generated in the central node.
An active star network has an active central node that usually has the means to
prevent echo-related problems.
tree topology: A network topology in which the nodes are arranged as a tree. From a
purely topologic viewpoint, this resembles an interconnection of star networks in that
individual peripheral nodes (i.e. leaves) are required to transmit to and receive from
one other node only and are not required to act as repeaters or regenerators. Unlike
the star network, the function of the central node may be distributed.

As in the conventional star network, individual nodes may thus still be isolated from
the network by a single-point failure of a transmission path to the node. If a link
connecting a leaf fails, that leaf is isolated; if a connection to a non-leaf node fails, an
entire section of the network becomes isolated from the rest.

A hybrid topology is a combination of any two or more network topologies in such a

way that the resulting network does not have one of the standard forms. For
example, a tree network connected to a tree network is still a tree network, but two
star networks connected together exhibit hybrid network topologies. A hybrid
topology is always produced when two different basic network topologies are
connected

To k e n Ring/IEEE 802.5
The Token Ring network was originally developed by IBM in the 1970s. It is still IBM's
primary local-area network (LAN) technology. The related IEEE 802.5 specification is
almost identical to and completely compatible with IBM's Token Ring network. In fact,
the IEEE 802.5 specification was modelled after IBM Token Ring, and it continues to
shadow IBM's Token Ring development. The term Token Ring generally is used to refer
to both IBM's Token Ring network and IEEE 802.5 networks. This chapter addresses
both Token Ring and IEEE 802.5.

Token Ring and IEEE 802.5 networks are basically compatible, although the
specifications differ in minor ways. IBM's Token Ring network specifies a star, with all
end stations attached to a device called a multi-station access unit (MSAU). In
contrast, IEEE 802.5 does not specify a topology, although virtually all IEEE 802.5
implementations are based on a star. Other differences exist, including media type
(IEEE 802.5 does not specify a media type, although IBM Token Ring networks use
twisted-pair wire) and routing information field size. The following figure summarizes
IBM Token Ring network and IEEE 802.5 specifications.

Although Dissimilar in Some Respects, IBM's Token Ring Network and

IEEE 802.5 Are Generally Compatible
Physical Connections
IBM Token Ring network stations are directly connected to MSAUs, which can be wired
together to form one large ring. Patch cables connect MSAUs to adjacent MSAUs,
while lobe cables connect MSAUs to stations. MSAUs include bypass relays for
removing stations from the ring.

MSAUs Can Be Wired Together to Form One Large Ring in an IBM Token
Ring Network
To k e n Ring Operation
Token Ring and IEEE 802.5 are two principal examples of token-passing networks
(FDDI is the other). Token-passing networks move a small frame, called a token,
around the network. Possession of the token grants the right to transmit. If a node
receiving the token has no information to send, it passes the token to the next end
station. Each station can hold the token for a maximum period of time.

If a station possessing the token does have information to transmit, it seizes the
token, alters 1 bit of the token (which turns the token into a start-of-frame sequence),
appends the information that it wants to transmit, and sends this information to the
next station on the ring. While the information frame is circling the ring, no token is
on the network (unless the ring supports early token release), which means that
other stations wanting to transmit must wait. Therefore, collisions cannot occur in
Token Ring networks. If early token release is supported, a new token can be released
when frame transmission is complete.

The information frame circulates the ring until it reaches the intended destination
station, which copies the information for further processing. The information frame
continues to circle the ring and is finally removed when it reaches the sending
station. The sending station can check the returning frame to see whether the frame
was seen and subsequently copied by the destination.

Unlike CSMA/CD networks (such as Ethernet), token-passing networks are

deterministic, which means that it is possible to calculate the maximum time that will
pass before any end station will be capable of transmitting. This feature and several
reliability features, which are discussed in the section "Fault-Management
Mechanisms," later in this chapter, make Token Ring networks ideal for applications in
which delay must be predictable and robust network operation is important. Factory
automation environments are examples of such applications.

Priority System
Token Ring networks use a sophisticated priority system that permits certain user-
designated, high-priority stations to use the network more frequently. Token Ring
frames have two fields that control priority: the priority field and the reservation field.

Only stations with a priority equal to or higher than the priority value contained in a
token can seize that token. After the token is seized and changed to an information
frame, only stations with a priority value higher than that of the transmitting station
can reserve the token for the next pass around the network. When the next token is
generated, it includes the higher priority of the reserving station. Stations that raise a
token's priority level must reinstate the previous priority after their transmission is
complete.

Fault-Management Mechanisms
Token Ring networks employ several mechanisms for detecting and compensating for
network faults. For example, one station in the Token Ring network is selected to be
the active monitor. This station, which potentially can be any station on the network,
acts as a centralized source of timing information for other ring stations and performs
a variety of ring-maintenance functions. One of these functions is the removal of
continuously circulating frames from the ring. When a sending device fails, its frame
may continue to circle the ring. This can prevent other stations from transmitting
their own frames and essentially can lock up the network. The active mo nitor can
detect such frames, remove them from the ring, and generate a new token.

The IBM Token Ring network's star topology also contributes to overall network
reliability. Because all information in a Token Ring network is seen by active MSAUs,
these devices can be programmed to check for problems and selectively remove
stations from the ring, if necessary.

A Token Ring algorithm called beaconing detects and tries to repair certain network
faults. Whenever a station detects a serious problem with the network (such as a
cable break), it sends a beacon frame, which defines a failure domain. This domain
includes the station reporting the failure, its nearest active upstream neighbour
(NAUN), and everything in between. Beaconing initiates a process called auto
reconfiguration, in which nodes within the failure domain automatically perform
diagnostics in an attempt to reconfigure the network around the failed areas.
Physically, the MSAU can accomplish this through electrical reconfiguration.

Frame Format
Token Ring and IEEE 802.5 support two basic frame types: tokens and data/command
frames. Tokens are 3 bytes in length and consist of a start delimiter, an access
control byte, and an end delimiter. Data/command frames vary in size, depending on
the size of the Information field. Data frames carry information for upper-layer
protocols, while command frames contain control information and have no data for
upper-layer protocols. Both formats are shown in the following figures.

IEEE 802.5 and Token Ring Specify Tokens and Data/Command Frames

To k e n Frame Fields

The three token frame fields illustrated in above figures are summarized in the
descriptions that follow:

• Start delimiter—Alerts each station of the arrival of a token (or

data/command frame). This field includes signals that distinguish the byte
 from the rest of the frame by violating the encoding scheme used elsewhere
in the frame.
• Access-control byte—Contains the Priority field (the most significant 3 bits)
and
the Reservation field (the least significant 3 bits), as well as a token bit (used
to differentiate a token from a data/command frame) and a monitor bit (used
by the active monitor to determine whether a frame is circling the ring
endlessly).
• End delimiter—Signals the end of the token or data/command frame. This
field also contains bits to indicate a damaged frame and identify the frame
that is the last in a logical sequence.

Data/Command Frame Fields

Data/command frames have the same three fields as Token Frames, plus several
others.
The Data/command frame fields illustrated in above figures are described in the
following summaries:

• Start delimiter—Alerts each station of the arrival of a token (or data/command

frame). This field includes signals that distinguish the byte from the rest of the
frame by violating the encoding scheme used elsewhere in the frame.
• Access-control byte—Contains the Priority field (the most significant 3 bits)
and
the Reservation field (the least significant 3 bits), as well as a token bit (used
to differentiate a token from a data/command frame) and a monitor bit (used
by the active monitor to determine whether a frame is circling the ring
endlessly).
• Frame-control bytes—Indicates whether the frame contains data or control
information. In control frames, this byte specifies the type of control
information.
• Destination and source addresses—Consists of two 6-byte address fields that
identify the destination and source station addresses.
• Data—indicates that the length of field is limited by the ring token holding
time, which defines the maximum time a station, can hold the token.
• Frame-check sequence (FCS) — it is filed by the source station with a
calculated value dependent on the frame contents. The destination station
recalculates the value to determine whether the frame was damaged in
transit. If so, the frame is discarded.
• End Delimiter—Signals the end of the token or data/command frame. The end
delimiter also contains bits to indicate a damaged frame and identify the
frame that is the last in a logical sequence.
• Frame Status— Frame status is a 1-byte field terminating a command/data
frame. The Frame Status field includes the address-recognized indicator and
frame-copied indicator.

Summary
Token Ring technology was developed in the 1970s by IBM. Token-passing networks
move a small frame, called a token, around the network. Possession of the token
grants the right to transmit. If a node receiving the token has no information to send,
it passes the token to the next end station. Each station can hold the token for a
maximum period of time.

If a station possessing the token does have information to transmit, it seizes the
token, alters 1 bit of the token (which turns the token into a start-of-frame sequence),
appends the information that it wants to transmit, and sends this information to the
next station on the ring.

Invention of Ethernet

“In late 1972, Metcalfe and his Xerox PARC colleagues developed the first
experimental Ethernet system to interconnect the Xerox Alto, a personal workstation
with a graphical user interface. The experimental Ethernet was used to link Altos to
one another, and to servers and laser printers. The signal clock for the experimental
Ethernet interface was derived from the Alto's system clock, which resulted in a data
transmission rate on the experimental Ethernet of 2.94 Mbps.

Metcalfe's first experimental network was called the Alto Aloha Network. In 1973
Metcalfe changed the name to "Ethernet," to make it clear that the system could
support any computer--not just Altos--and to point out that his new network
mechanisms had evolved well beyond the Aloha system. He chose to base the name
on the word "ether" as a way of describing an essential feature of the system: the
physical medium (i.e., a cable) carries bits to all stations, much the same way that
the old "aluminiferous ether" was once thought to propagate electromagnetic waves
through space. Thus, Ethernet was born.”

The Ethernet System

This chapter provides a brief tutorial on the Ethernet system. We'll begin with the
origins of Ethernet and the Ethernet standards, and then describe the essential
features of Ethernet operation.

Ethernet is a local area network (LAN)*1 technology that transmits information

between computers at speeds of 10 and 100 million bits per second (Mbps). Currently
the most widely used version of Ethernet technology is the 10-Mbps twisted-pair
variety.

The 10-Mbps Ethernet media varieties include the original thick coaxial system, as
well as thin coaxial, twisted-pair, and fiber optic systems. The most recent Ethernet
standard defines the new 100-Mbps Fast Ethernet system which operates over
twisted-pair and fiber optic media.

Development of Ethernet Standards

Ethernet was invented at the Xerox Palo Alto Research Centre in the 1970s by Dr.
Robert M. Metcalfe. It was designed to support research on the "office of the future,"
which included one of the world's first personal workstations, the Xerox Alto. The first
Ethernet system ran at approximately 3-Mbps and was known as "experimental
Ethernet."
Formal specifications for Ethernet were published in 1980 by a multi-vendor
consortium that created the DEC-Intel-Xerox (DIX) standard. This effort turned the
experimental Ethernet into an open, production-quality Ethernet system that
operates at 10-Mbps. Ethernet technology was then adopted for standardization by
the LAN standards committee of the Institute of Electrical and Electronics Engineers
(IEEE 802).

The IEEE standard was first published in 1985, with the formal title of "IEEE 802.3
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and
Physical Layer Specifications." The IEEE standard has since been adopted by the
International Organization for Standardization (ISO), which makes it a worldwide
networking standard.

The IEEE standard provides an "Ethernet like" system based on the original DIX
Ethernet technology. All Ethernet equipment since 1985 is built according to the IEEE
802.3 standard, which is pronounced "eight oh two dot three." To be absolutely
accurate, then, we should refer to Ethernet equipment as "IEEE 802.3 CSMA/CD"
technology. However, most of the world still knows it by the original name of
Ethernet, and that's what we'll call it as well.

The 802.3 standard is periodically updated to include new technology. Since 1985 the
standard has grown to include new media systems for 10-Mbps Ethernet (e.g.
twisted-pair media), as well as the latest set of specifications for 100-Mbps Fast
Ethernet.

Elements of the Ethernet System

The Ethernet system consists of three basic elements: 1. the physical medium used
to carry Ethernet signals between computers, 2. a set of medium access control rules
embedded in each Ethernet interface that allow multiple computers to fairly arbitrate
access to the shared Ethernet channel, and 3. an Ethernet frame that consists of a
standardized set of bits used to carry data over the system.

The following chapters describe the configuration rules for the first element, the
physical media segments. Next we'll take a quick look at the second and third
elements; the set of medium access control rules in Ethernet, and the Ethernet
frame.

Operation of Ethernet

Each Ethernet-equipped computer, also known as a station, operates independently

of all other stations on the network: there is no central controller. All stations
attached to an Ethernet are connected to a shared signalling system, also called the
medium. Ethernet signals are transmitted serially, one bit at a time, over the shared
signal channel to every attached station. To send data a station first listens to the
channel, and when the channel is idle the station transmits its data in the form of an
Ethernet frame, or packet.*1

After each frame transmission, all stations on the network must contend equally for
the next frame transmission opportunity. This ensures that access to the network
channel is fair, and that no single station can lock out the other stations. Access to
the shared channel is determined by the medium access control (MAC) mechanism
embedded in the Ethernet interface located in each station. The medium access
control mechanism is based on a system called Carrier Sense Multiple Access with
Collision Detection (CSMA/CD).

- The CSMA/CD Protocol

- Collisions

- Best Effort Data Delivery

E t h e r n e t F r a m e a n d E t h e r n e t A d d r e s s e s

The heart of the Ethernet system is the Ethernet frame, which is used to deliver data
between computers. The frame consists of a set of bits organized into several fields.
These fields include address fields, a variable size data field that carries from 46 to
1,500 bytes of data, and an error checking field that checks the integrity of the bits in
the frame to make sure that the frame has arrived intact.

The first two fields in the frame carry 48-bit addresses, called the destination and
source addresses. The IEEE controls the assignment of these addresses by
administering a portion of the address field. The IEEE does this by providing 24-bit
identifiers called "Organizationally Unique Identifiers" (OUIs), since a unique 24-bit
identifier is assigned to each organization that wishes to build Ethernet interfaces.
The organization, in turn, creates 48-bit addresses using the assigned OUI as the first
24 bits of the address. This 48-bit address is also known as the physical address,
hardware address, or MAC address.

A unique 48-bit address is commonly pre-assigned to each Ethernet interface when it

is manufactured, which vastly simplifies the setup and operation of the network. For
one thing, pre-assigned addresses keep you from getting involved in administering
the addresses for different groups using the network. And if you've ever tried to get
different work groups at a large site to cooperate and voluntarily obey the same set
of rules, you can appreciate what an advantage this can be.

As each Ethernet frame is sent onto the shared signal channel, all Ethernet interfaces
look at the first 48-bit field of the frame, which contains the destination address. The
interfaces compare the destination address of the frame with their own address. The
Ethernet interface with the same address as the destination address in the frame will
read in the entire frame and deliver it to the networking software running on that
computer. All other network interfaces will stop reading the frame when they discover
that the destination address does not match their own address