This chapter examines the characteristics and operation of Ethernet as it has evolved from a shared media, contention-based data communications technology to today’s high bandwidth, full-duplex technology.
Ethernet Encapsulation
Ethernet is the most widely used LAN technology today.
Ethernet operates in the data link layer and the physical layer. It is a family of networking technologies that are defined in the IEEE 802.2 and 802.3 standards. Ethernet supports data bandwidths of:
- 10 Mb/s
- 100 Mb/s
- 1000 Mb/s (1 Gb/s)
- 10,000 Mb/s (10 Gb/s)
- 40,000 Mb/s (40 Gb/s)
- 100,000 Mb/s (100 Gb/s)
Ethernet Frame Fields
The minimum Ethernet frame size is 64 bytes and the maximum is 1518 bytes. This includes all bytes from the Destination MAC Address field through the Frame Check Sequence (FCS) field. The Preamble field is not included when describing the size of a frame.
If the size of a transmitted frame is less than the minimum or greater than the maximum, the receiving device drops the frame. Dropped frames are likely to be the result of collisions or other unwanted signals and are therefore considered invalid.
MAC Address and Hexadecimal
An Ethernet MAC address is a 48-bit binary value expressed as 12 hexadecimal digits (4 bits per hexadecimal digit).
Just as decimal is a base ten number system, hexadecimal is a base sixteen system. The base sixteen number system uses the numbers 0 to 9 and the letters A to F. Figure 1 shows the equivalent decimal and hexadecimal values for binary 0000 to 1111. It is easier to express a value as a single hexadecimal digit than as four binary bits.
Given that 8 bits (one byte) is a common binary grouping, binary 00000000 to 11111111 can be represented in hexadecimal as the range 00 to FF, as shown in Figure 2. Leading zeroes are always displayed to complete the 8-bit representation. For example, the binary value 0000 1010 is shown in hexadecimal as 0A.
Note: It is important to distinguish hexadecimal values from decimal values regarding the characters 0 to 9, as shown in the figure.
MAC Address : Ethernet Identity
MAC Address Structure
The MAC address value is a direct result of IEEE-enforced rules for vendors to ensure globally unique addresses for each Ethernet device. The rules established by IEEE require any vendor that sells Ethernet devices to register with IEEE. The IEEE assigns the vendor a 3-byte (24-bit) code, called the Organizationally Unique Identifier (OUI).
IEEE requires a vendor to follow two simple rules, as shown in the figure:
- All MAC addresses assigned to a NIC or other Ethernet device must use that vendor’s assigned OUI as the first 3 bytes.
- All MAC addresses with the same OUI must be assigned a unique value in the last 3 bytes.
Note: It is possible for duplicate MAC addresses to exist due to mistakes during manufacturing or in some virtual machine implementation methods. In either case, it will be necessary to modify the MAC address with a new NIC or in software.
MAC Address Representations
On a Windows host, the ipconfig /all command can be used to identify the MAC address of an Ethernet adapter. In Figure, notice the display indicates the Physical Address (MAC) of the computer to be 00-18-DE-DD-A7-B2. If you have access, you may wish to try this on your own computer. On a MAC or Linux host, the ifconfig command is used.
Switch Fundamentals
A Layer 2 Ethernet switch uses MAC addresses to make forwarding decisions. It is completely unaware of the protocol being carried in the data portion of the frame, such as an IPv4 packet. The switch makes its forwarding decisions based only on the Layer 2 Ethernet MAC addresses.
Learning MAC Addresses
Every frame that enters a switch is checked for new information to learn. It does this by examining the frame’s source MAC address and port number where the frame entered the switch.
- If the source MAC address does not exist, it is added to the table along with the incoming port number. In Figure 1, PC-A is sending an Ethernet frame to PC-D. The switch adds the MAC address for PC-A to the table.
- If the source MAC address does exist, the switch updates the refresh timer for that entry. By default, most Ethernet switches keep an entry in the table for 5 minutes.
Note: If the source MAC address does exist in the table but on a different port, the switch treats this as a new entry. The entry is replaced using the same MAC address but with the more current port number.
Forward – Examining the Destination MAC Address
Next, if the destination MAC address is a unicast address, the switch will look for a match between the destination MAC address of the frame and an entry in its MAC address table.
- If the destination MAC address is in the table, it will forward the frame out the specified port.
- If the destination MAC address is not in the table, the switch will forward the frame out all ports except the incoming port. This is known as an unknown unicast. As shown in Figure 2, the switch does not have the destination MAC address in its table for PC-D, so it sends the frame out all ports except port 1.
Note: If the destination MAC address is a broadcast or a multicast, the frame is also flooded out all ports except the incoming port.
Frame Forwarding Methods on Cisco Switches
Switches use one of the following forwarding methods for switching data between network ports:
- Store-and-forward switching
- Cut-through switching
Figure, differences between these two methods.
In store-and-forward switching, when the switch receives the frame, it stores the data in buffers until the complete frame has been received. During the storage process, the switch analyzes the frame for information about its destination. In this process, the switch also performs an error check using the Cyclic Redundancy Check (CRC) trailer portion of the Ethernet frame.
Duplex and Speed Setting
Two of the most basic settings on a switch are the bandwidth and duplex settings for each individual switch port. It is critical that the duplex and bandwidth settings match between the switch port and the connected devices, such as a computer or another switch.
There are two types of duplex settings used for communications on an Ethernet network: half duplex and full duplex.
- Full-duplex – Both ends of the connection can send and receive simultaneously.
- Half-duplex – Only one end of the connection can send at a time.
For example, in Figure 1 PC-A’s Ethernet NIC can operate in full-duplex or half-duplex, and in 10 Mb/s or 100 Mb/s. PC-A is connected to switch S1 on port 1, which can operate in full-duplex or half-duplex, and in 10 Mb/s, 100 Mb/s or 1000 Mb/s (1 Gb/s). If both devices are using autonegotiation, the operating mode will be full-duplex and 100 Mb/s.
One of the most common causes of performance issues on 10/100 Mb/s Ethernet links occurs when one port on the link operates at half-duplex while the other port operates at full-duplex, as shown in Figure 2. This occurs when one or both ports on a link are reset, and the autonegotiation process does not result in both link partners having the same configuration. It also can occur when users reconfigure one side of a link and forget to reconfigure the other. Both sides of a link should have autonegotiation on, or both sides should have it off.
Auto-MDIX
When the auto-MDIX feature is enabled, the switch detects the type of cable attached to the port, and configures the interfaces accordingly. Therefore, you can use either a crossover or a straight-through cable for connections to a copper 10/100/1000 port on the switch, regardless of the type of device on the other end of the connection.
Note: The auto-MDIX feature is enabled by default on switches running Cisco IOS Release 12.2(18)SE or later.
Destination on Same Network
There are two primary addresses assigned to a device on an Ethernet LAN:
- Physical address (the MAC address) – Used for Ethernet NIC to Ethernet NIC communications on the same network.
- Logical address (the IP address) – Used to send the packet from the original source to the final destination.
Introduction on ARP
Recall that every device with an IP address on an Ethernet network also has an Ethernet MAC address. When a device sends an Ethernet frame, it contains these two addresses:
- Destination MAC address – The MAC address of the Ethernet NIC, which will be either the MAC address of the final destination device or the router.
- Source MAC address – The MAC address of the sender’s Ethernet NIC.
To determine the destination MAC address, the device uses ARP. ARP provides two basic functions:
- Resolving IPv4 addresses to MAC addresses
- Maintaining a table of mappings
ARP Request
ARP messages are encapsulated directly within an Ethernet frame. There is no IPv4 header. The ARP request message includes:
- Target IPv4 address – This is the IPv4 address that requires a corresponding MAC address.
- Target MAC address – This is the unknown MAC address and will be empty in the ARP request message.
ARP Replay
Only the device with an IPv4 address associated with the target IPv4 address in the ARP request will respond with an ARP reply. The ARP reply message includes:
- Sender’s IPv4 address – This is the IPv4 address of the sender, the device whose MAC address was requested.
- Sender’s MAC address – This is the MAC address of the sender, the MAC address needed by the sender of the ARP request.
ARP Tables
On a Cisco router, the show ip arp command is used to display the ARP table, as shown in Figure 1.
On a Windows 7 PC, the arp –a command is used to display the ARP table, as shown in Figure 2.
ARP Broadcast
As a broadcast frame, an ARP request is received and processed by every device on the local network.
Computer & Networking 
One thought on “Chapter 5 : Ethernet”