Collision Domains and Broadcast Domains 299 Table 5-7 lists the average number of broadcast and multicasts for IP networks. Although the numbers in Table 5-7 might appear low, they represent an average, well- designed IP network that is not running the Routing Information Protocol (RIP). When broadcast and multicast traffic peak because of storm behavior, peak CPU loss can be orders of magnitude greater than average. Broadcast storms can be caused by a device requesting information from a network that has grown too large. So many responses are sent to the original request that the device cannot process them, or the first request triggers similar requests from other devices that effectively block normal traffic flow on the network. An IP router is a router or workstation that runs any distance vector routing protocol. Some administrators configure all workstations to run RIP (a routing protocol) as a redundancy and reachability policy. Every 30 seconds, RIP uses broadcasts to retrans- mit the entire RIP routing table to other RIP routers. If a large number of routers were configured to run RIP and, on average, 50 packets were required to transmit the routing table, the routers would generate 3333 broadcasts per second. Most network adminis- trators configure only a small number of routers—usually five to ten—to run RIP. For a routing table that has a size of 50 packets, 10 RIP routers would generate about 16 broadcasts per second. (Routing protocols and routing table are discussed in Chapter 8, “Routing Fundamentals and Subnets.”) IP multicast applications adversely can affect the performance of large, scaled, switched networks. Although multicasting is an efficient way to send a stream of multimedia data to many users on a shared-media hub, it affects every user on a flat-switched net- work. A flat-switched network is a network of interconnected switches that does not utilize Layer 3 routing or something similar. A particular packet video application can generate a 7-megabyte (MB) stream of multicast data that, in a switched network, would be sent to every segment, resulting in severe congestion. Table 5-7 Average Number of Broadcast and Multicasts for IP Networks Number of Hosts Average Percentage of CPU Loss Per Host 100 0.14 1000 0.96 10,000 9.15 1102.book Page 299 Tuesday, May 20, 2003 2:53 PM 300 Chapter 5: Ethernet Fundamentals Broadcast Domains A broadcast domain is a grouping of collision domains that are connected by Layer 2 devices. Breaking up a LAN into multiple collision domains improves network efficiency by allowing multiple transmissions of data simultaneously on separate collision domains. But broadcasts travel across the Layer 2 devices and, if excessive, can reduce the effi- ciency of the overall LAN. Broadcasts must be controlled at Layer 3 because Layer 1 and 2 devices have no way of controlling them. The total size of a broadcast domain can be identified by looking at all of the collision domains that the same broadcast frame is processed by. In other words, all the nodes are a part of that network segment bounded by a Layer 3 device. Broadcast domains are controlled at Layer 3 because routers do not forward broadcasts. In Figure 5-34, the router will not forward the broadcast from the blue-highlighted workstation in the left side to the hosts on the right. Routers actually work at Layers 1, 2, and 3. Like all Layer 1 devices, they have a phys- ical connection to and transmit data onto the medium. They have a Layer 2 encapsula- tion on all interfaces and perform just like any other Layer 2 device. Layer 3 allows the router to segment broadcast domains. For a packet to be forwarded through a router, it must have been processed already by Layer 2, and the frame information must have been stripped off. Layer 3 forwarding is based on the destination IP address, not the MAC address. For a packet to be forwarded, it must contain an IP address that is outside the range of addresses assigned to the LAN segment, and the router must have a destination to send the specific packet to in its routing table. Introduction to Data Flow Data flow in the context of collision and broadcast domains focuses on how data frames propagate through a network. It refers to the movement of data through Layer 1, 2, and 3 devices, as well as how data must be encapsulated to effectively make that journey. Remember that data is encapsulated at the network layer with an IP source and destina- tion address, and at the data link layer with a MAC source and destination address. The basic rule to follow here is that a Layer 1 device always forwards the frame, a Layer 2 device wants to forward the frame (in other words, it forwards unless some- thing prevents it), and a Layer 3 device does not forward unless it has to. Using this rule helps identify how data flows through a network. 1102.book Page 300 Tuesday, May 20, 2003 2:53 PM Collision Domains and Broadcast Domains 301 Figure 5-34 Broadcast Domain Segmentation Layer 1 devices (repeaters and hubs) do no filtering, so everything that is received is passed on to the next segment. The frame simply is regenerated and retimed. and thus returned to its original transmission quality. Any segments connected by Layer 1 devices are part of the same domain, both collision and broadcast. Layer 2 devices (bridges and switches) filter data frames based on the destination MAC address. A frame is forwarded if it is going to an unknown destination (outside the col- lision domain). The frame also is forwarded if it is a broadcast, multicast, or unicast going outside the local collision domain. The only time that a frame is not forwarded is when the Layer 2 device finds that the sending host and the receiving host are in the same collision domain. A bridging device (Layer 2) creates multiple collision domains but maintains only one broadcast domain. Layer 3 devices (routers and some high-end switches) filter data packets based on IP destination address. The only way that a packet is forwarded is if its destination IP chpt_05.fm Page 301 Tuesday, May 27, 2003 9:09 AM 302 Chapter 5: Ethernet Fundamentals address is outside the broadcast domain and the router has an identified location to send the packet. A Layer 3 device creates multiple collision and broadcast domains. Data flow through a routed IP-based network involves data moving across traffic- management devices at Layers 1, 2, and 3 of the OSI model Layer 1 is used for trans- mission across the physical medium, Layer 2 is used for collision domain management, and Layer 3 is used for broadcast domain management. Figure 5-35 shows data flowing from Workstation X through Routers A, B, and C to Workstation Y. Figure 5-35 Data Flow Through a Network Network Segment As with many terms and acronyms, segment has multiple meanings. The dictionary definition of the term is as follows: ■ A separate piece of something ■ One of the parts into which an entity or quantity is divided or marked off by, or as if by natural boundaries In the context of data communication, the following definitions are used: ■ Section of a network that is bounded by bridges, routers, or switches. ■ In a LAN using a bus topology, a continuous electrical circuit that is often connected to other such segments with repeaters. 1102.book Page 302 Tuesday, May 20, 2003 2:53 PM Collision Domains and Broadcast Domains 303 ■ Term used in the TCP specification to describe a single transport layer unit of information. The terms datagram, frame, message, and packet also are used to describe logical information groupings at various layers of the OSI reference model and in various technology circles. Figure 5-36 illustrates the three definitions of the term segment within the content of the data communication. Figure 5-36 Segments To define the term segment properly, the context of the usage must be presented with the word. If segment is used in the context of TCP, it is defined as a separate piece of the data. If segment is being used in the context of physical networking media in a routed network, it is seen as one of the parts or sections of the total network. 1102.book Page 303 Tuesday, May 20, 2003 2:53 PM 304 Chapter 5: Ethernet Fundamentals Summary The following key points were presented in this section: ■ The Institute of Electrical and Electronic Engineers (IEEE) is a professional organization that defines network standards. IEEE LAN standards are the best- known IEEE communication standards and are the predominant LAN standards in the world today. ■ The IEEE divides the OSI data link layer into two separate sublayers: Media Access Control (MAC) and Logical Link Control (LLC). ■ Ethernet uses the MAC address, which is the physical address located on a NIC. ■ Framing helps obtain essential information that could not otherwise be obtained with coded bit streams alone. ■ Two broad categories of Media Access Control exist: deterministic (taking turns) and nondeterministic (first come, first served). ■ Ethernet uses carrier sense multiple access collision detect (CSMA/CD). ■ Half-duplex transmission enables signals to travel in either direction, but not in both directions simultaneously. Full-duplex transmission enables data to be sent and received at the same time. ■ Using a shared-media environment can cause traffic congestion that leads to network inefficiency. ■ The most common (and usually benign) error condition on an Ethernet is the collision. ■ The main Ethernet frame error types that can be captured through a protocol- analysis session are local collision, remote collision, and late collision. ■ Situations that are considered Ethernet errors are jabber, long frame, short frame, runts, FCS errors, alignment error, and range error. ■ The fundamental grouping of devices in a shared-media environment is a collision domain. ■ Collision domains can be segmented to reduce congestion and improve network efficiency. ■ Collision domains are segmented by both Layer 2 and Layer 3 devices. ■ Broadcasts are designed to travel throughout collision domains and can cause network inefficiency. ■ Broadcast domains can be segmented by using Layer 3 devices. 1102.book Page 304 Tuesday, May 20, 2003 2:53 PM Summary 305 ■ Data flow is controlled by data encapsulation in conjunction with Layer 2 and Layer 3 devices. ■ Definitions of networking terms and acronyms must be defined in context, not as isolated terms. To supplement all that you’ve learned in this chapter, refer to the chapter-specific Videos, PhotoZooms, and e-Lab Activities on the CD-ROM accompanying this book. 1102.book Page 305 Tuesday, May 20, 2003 2:53 PM 306 Chapter 5: Ethernet Fundamentals Key Terms 10-Gb Ethernet Built on the Ethernet technology used in most of today’s LANs, 10-Gb Ethernet is described as a technology that offers a more efficient and less expensive approach to moving data on backbone connections between networks, while also providing a consistent technology end to end. Ethernet now can step up to offering data speeds at 10 Gbps. alignment error A message that does not end on an octet boundary. backoff The retransmission delay enforced when a collision occurs. broadcast A data packet that is sent to all nodes on a network. Broadcasts are identified by a broadcast address. broadcast domain A set of all devices that will receive broadcast frames originating from any device within the set. Broadcast domains typically are bounded by routers (or, in a switched network, by VLANs) because routers do not forward broadcast frames. collision In Ethernet, the result of two nodes transmitting simultaneously. The frames from each device impact and are damaged when they meet on the physical media. See also collision domain. collision domain In Ethernet, the network area within which frames that have collided are propagated. Repeaters and hubs propagate collisions; LAN switches, bridges, and routers do not. connectionless Data transfer without the existence of a virtual circuit. CSMA/CD (carrier sense multiple access collision detect) A media-access mecha- nism wherein devices ready to transmit data first check the channel for a carrier. If no carrier is sensed for a specific period of time, a device can transmit. If two devices transmit at once, a collision occurs and is detected by all colliding devices. This colli- sion subsequently delays retransmissions from those devices for some random length of time. CSMA/CD access is used by Ethernet and IEEE 802.3. encapsulation Wrapping of data in a particular protocol header. For example, upper- layer data is wrapped in a specific Ethernet header before network transit. Also, when bridging dissimilar networks, the entire frame from one network simply can be placed behind the header used by the data link layer protocol of the other network. Ethernet A baseband LAN specification invented by Xerox Corporation and devel- oped jointly by Xerox, Intel, and Digital Equipment Corporation. Ethernet networks use CSMA/CD and run over a variety of cable types at 10, 100, and 1000 Mbps. Ether- net is similar to the IEEE 802.3 series of standards. 1102.book Page 306 Tuesday, May 20, 2003 2:53 PM Key Terms 307 Fast Ethernet Any of a number of 100-Mbps Ethernet specifications. Fast Ethernet offers a speed increase 10 times that of the 10BASE-T Ethernet specification, while preserving such qualities as frame format, MAC mechanisms, and MTU. Such similar- ities allow the use of existing 10BASE-T applications and network-management tools on Fast Ethernet networks. Fast Ethernet is based on an extension to the IEEE 802.3 specification. FDDI (Fiber Distributed Data Interface) A LAN standard, defined by American National Standards Institute (ANSI) 3T9.5, specifying a 100-Mbps token-passing network using fiber-optic cable, with transmission distances of up to 2 km. FDDI uses a dual-ring architecture to provide redundancy. full duplex The capability for simultaneous data transmission between a sending station and a receiving station. ghost Fluke Networks coined this new term to mean energy (noise) detected on the cable that appears to be a frame but that lacks a valid SFD. To qualify as a ghost, this “frame” must be at least 72 octets long (including preamble); otherwise, it is classified as a remote collision. Gigabit Ethernet Standard for a high-speed Ethernet, approved by the IEEE 802.3z standards committee in 1996. half duplex A capability for data transmission in only one direction at a time between a sending station and a receiving station. header Control information placed before data when encapsulating that data for network transmission. IEEE 802.2 An IEEE LAN protocol that specifies an implementation of the LLC sub- layer of the data link layer. IEEE 802.2 handles errors, framing, flow control, and the network layer (Layer 3) service interface. IEEE (Institute of Electrical and Electronic Engineers) A professional organization whose activities include the development of communications and network standards. IEEE LAN standards are the predominant LAN standards today. IEEE 802.3 An IEEE LAN protocol that specifies an implementation of the physical layer and the MAC sublayer of the data link layer. IEEE 802.3 uses CSMA/CD access at a variety of speeds over a variety of physical media. Extensions to the IEEE 802.3 standard specify implementations for Fast Ethernet. Physical variations of the original IEEE 802.3 specification include 10BASE2, 10BASE5, 10BASE-F, 10BASE-T, and 10BROAD36. Physical variations for Fast Ethernet include 100BASE-TX and 100BASE-FX. 1102.book Page 307 Tuesday, May 20, 2003 2:53 PM 308 Chapter 5: Ethernet Fundamentals jabber Defined several places in the 802.3 standard as being a transmission of at least 20,000 to 50,000 bit-times in duration. However, most diagnostic tools report jabber whenever a detected transmission exceeds the maximum legal frame size—which is considerably smaller than 20,000 to 50,000 bit-times. LLC (Logical Link Control) The higher of the two data link layer sublayers defined by the IEEE. The LLC sublayer handles error control, flow control, framing, and MAC-sublayer addressing. The most prevalent LLC protocol is IEEE 802.2, which includes both connectionless and connection-oriented variants. long frame A frame that is longer than the maximum legal size and that takes into consideration whether the frame was tagged. MAC (Media Access Control) The lower of the two sublayers of the data link layer defined by the IEEE. The MAC sublayer handles access to shared media, such as whether token passing or contention will be used. See also LLC. MAC address A standardized data link layer address that is required for every device that connects to a LAN. Other devices in the network use these addresses to locate specific devices in the network and to create and update routing tables and data struc- tures. MAC addresses are 6 bytes long and are controlled by the IEEE. Also known as a hardware address, a MAC-layer address, or a physical address. MTU (Maximum Transmission Unit) The maximum packet size, in bytes, that a particular interface can handle. OUI (organizationally unique identifier) Three octets assigned by the IEEE in a block of 48-bit LAN addresses. propagation delay The time required for data to travel over a network from its source to its ultimate destination. range error A frame that had a legal-size value in the Length field but that did not match the actual number of octets counted in the Data field of the received frame. segment A section of a network that is bounded by bridges, routers, or switches. simplex The capability for transmission in only one direction between a sending station and a receiving station. Broadcast television is an example of a simplex technology. SNMP (Simple Network Management Protocol) A network-management protocol used almost exclusively in TCP/IP networks. SNMP provides a means of monitoring and controlling network devices and managing configurations, statistics collection, performance, and security. 1102.book Page 308 Tuesday, May 20, 2003 2:53 PM . Number of Broadcast and Multicasts for IP Networks Number of Hosts Average Percentage of CPU Loss Per Host 10 0 0 .14 10 00 0.96 10 ,000 9 .15 11 02. book Page 29 9 Tuesday, May 20 , 20 03 2: 53 PM 300 Chapter. types at 10 , 10 0, and 10 00 Mbps. Ether- net is similar to the IEEE 8 02. 3 series of standards. 11 02. book Page 306 Tuesday, May 20 , 20 03 2: 53 PM Key Terms 307 Fast Ethernet Any of a number of 10 0-Mbps. Ethernet include 10 0BASE-TX and 10 0BASE-FX. 11 02. book Page 307 Tuesday, May 20 , 20 03 2: 53 PM 308 Chapter 5: Ethernet Fundamentals jabber Defined several places in the 8 02. 3 standard as being a