分类: 系统运维
2012-05-07 15:06:53
IEEE 802 encapsulation:
destination addr | source addr | length | DSAP AA | SSAP AA | ctrl | org code | type | data | CRC |
6 |
6 |
2 |
1 |
1 |
1 |
3 |
2 |
38-1492 |
4 |
Ethernet encapsulation:
destination addr | source addr | type | data | CRC |
6 |
6 |
2 |
46-1500 |
4 |
Both frame formats use 48-bit (6-byte) destination and
source addresses. (802.3 allows 16-bit addresses to be used, but 48-bit
addresses are normal.) These are what we call hardware addresses. The
ARP and RARP protocols map between the 32-bit IP addresses and the 48-bit hardware addresses.
The next 2 bytes are different in the two frame formats. In the IEEE 802 format it's a length field, saying how many bytes follow, up to but not including the CRC at the end. In the Ethernet format it's type
field, identifying the type of data that follows. In the 802 frame the
same type field occurs later in the SNAP (Sub-network Access Protocol)
header. Fortunately none of the valid 802 length values is the same as
the Ethernet type values, making the two frame formats distinguishable.
In the Ethernet frame the data immediately follows the type field, while
in the 802 frame format 3 bytes of 802.2 LLC and 5 bytes of 802.2 SNAP
follow.
The DSAP (Destination Service Access Point) and SSAP (Source Service
Access Point) are both set to 0xaa. The Ctrl field is set to 3. The next
3 bytes, the
org code are all 0. Following this is the same 2-byte type field that we had with the Ethernet frame format.
The CRC field is a cyclic redundancy check (a checksum) that detects
errors in the rest of the frame. (This is also called the FCS or frame
check sequence.)
There is a minimum size for 802.3 and Ethernet frames. This minimum
requires that the data portion be at least 38 bytes for 802.3 or 46
bytes for Ethernet. To handle this, pad bytes are inserted to assure
that the frame is long enough.
Trailer Encapsulation
RFC 893 [Leffler and Karels 1984] describes another
form of encapsulation used on Ethernets, called trailer encapsulation.
It was an experiment with early BSD systems on DEC VAXes that improved
performance by rearranging the order of the fields in the IP datagram.
"The variable-length fields at the beginning of the data portion of the
Ethernet frame (the IP header and the TCP header) were moved to the end
(right before the CRC). This allows the data portion of the frame to be
mapped to a hardware page, saving a memory-to-memory copy when the data
is copied in the kernel. TCP data that is a multiple of 512 bytes in
size can be moved by just manipulating the kernel's page tables. Two
hosts negotiated the use of trailer encapsulation using an extension of
ARP. Different Ethernet frame type values are defined for these frames.
Nowadays trailer encapsulation is deprecated.
SLIP: Serial Line IP
SLIP stands for Serial Line IP. It is a simple form of encapsulation for IP datagrams on serial lines, and is specified in RFC 1055 [Rornkey 1988]. SLIP has become popular for connecting home systems to the Internet, through the ubiquitous RS-232 serial port found on almost every computer and high-speed modems. The following rules specify the framing used by SLIP.
1. The IP datagram is terminated by the
special character called END (0xc0). Also, to prevent any line noise
before this datagram from being interpreted as part of this datagram,
most implementations transmit an END character at the beginning of the
datagram too. (If there was some line noise, this END terminates that
erroneous datagram, allowing the current datagram to be transmitted.
That erroneous datagram will be thrown away by a higher layer when its
contents are
detected to be garbage.)
2. If a byte of the IP datagram equals the END character, the 2-byte sequence 0xdb, 0xdc is transmitted instead. This special character, 0xdb, is called the SLIP ESC character, but its value is different from the ASCII ESC character (0xib).
3. If a byte of the IP datagram equals the SLIP ESC character, the 2-byte sequence 0xdb, 0xdd is transmitted instead.
SLIP is a simple framing method. It has some deficiencies that are worth noting.
1. Each end must know the other's IP address. There is no method for one end to inform the other of
its IP address.
2. There is no type field (similar to the frame type field in Ethernet frames). If a serial line is used for
SLIP, it can't be used for some other protocol at the same time.
3. There is no checksum added by SLIP (similar to the CRC field in Ethernet frames). If a noisy
phone line corrupts a datagram being transferred by SLIP, it's up to the higher layers to detect this.
Despite these shortcomings, SLIP is a popular protocol that is widely used.
Compressed SLIP
Since
SLIP lines are often slow (19200 bits/sec or below) and frequently used
for interactive traffic (such as Telnet and Rlogin, both of which use
TCP), there tend to be many small TCP packets exchanged across a SLIP
line. To carry I byte of data requires a 20-byte IP header and a 20-byte
TCP header, an overhead of 40 bytes.
Recognizing this
performance drawback, a newer version of SLIP, called CSLIP (for
compressed SLIP), is specified in RFC 1144 [Jacobson 1990a]. CSLIP
normally reduces the 40-byte header to 3 or 5 bytes. It maintains the
state of up to 16 TCP connections on each end of the CSLIP link and
knows that some of
the fields in the two headers for a given
connection normally don't change. Of the fields that do change, most
change by a small positive amount. These smaller headers greatly improve
the interactive response time.
Most SLIP implementations today support CSLIP.
PPP: Point-to-Point Protocol
PPP, the Point-to-Point Protocol, corrects all the deficiencies in SLIP. PPP consists of three components.
1. A way to encapsulate IP datagrams on a serial link. PPP supports either an asynchronous link with 8 bits of data and no parity (i.e., the ubiquitous serial interface found on most computers) or bit-oriented synchronous links.
2. A link control protocol (LCP) to establish, configure, and test the data-link connection. This allows each end to negotiate various options.
3. A family of network control protocols (NCPs)
specific to different network layer protocols. RFCs currently exist for
IP, the OSI network layer, DECnet, and AppleTalk. The IP NCP, for
example, allows each end to specify if it can perform header
compression, similar to CSLIP. (The acronym NCP was also used for the
predecessor to TCP.)
format of PPP frames
flag 7E | addr FF | control 03 | protocol | information | CRC | flag |
1 |
1 |
1 |
2 |
up to 1500 |
2 |
1 |
1. The byte 0x7e is transmitted as the 2-byte sequence 0x7d, 0x5e. This is the escape of the flag byte.
2. The byte 0x7d is transmitted as the 2-byte sequence 0x7d, 0x5d. This is the escape of the escape byte.
3. By default, a byte with a value less than 0x20
(i.e., an ASCII control character) is also escaped. For example, the
byte 0x01 is transmitted as the 2-byte sequence 0x7d, 0x21. (In this
case the complement of the sixth bit turns the bit on, whereas in the
two previous examples the complement turned the bit off.) The reason for
doing this is to prevent these bytes from appearing as ASCII control
characters to the serial driver on either host, or to the modems, which
sometimes interpret these control characters specially. It is also
possible to use the link control protocol to specify which, if any, of
these 32 values must be escaped. By default, all 32 are escaped.
Since PPP, like SLIP, is often used across slow serial
links, reducing the number of bytes per frame reduces the latency for
interactive applications. Using the link control protocol, most
implementations negotiate to omit the constant address and control
fields and to reduce the size of the protocol field from 2 bytes to 1
byte.
If we then compare the framing overhead in a PPP frame,
versus the 2-byte framing overhead in a SLIP frame (Figure 2.2), we see
that PPP adds three additional bytes: I byte for the protocol field, and
2 bytes for the CRC. Additionally, using the IP network control
protocol, most implementations then negotiate to use Van Jacobson
header compression (identical to CSLIP compression) to reduce the size
of the IP and TCP headers.
If we then compare the framing
overhead in a PPP frame, versus the 2-byte framing overhead in a SLIP
frame (Figure 2.2), we see that PPP adds three additional bytes: I byte
for the protocol field, and 2 bytes for the CRC. Additionally, using the
IP network control protocol, most implementations then negotiate to use
Van Jacobson header compression (identical to CSLIP compression) to
reduce the size of the IP and TCP headers.
Despite all the added
benefits of PPP over SLIP, today there are more SLIP users than PPP
users. As implementations become more widely available, and as vendors
start to support PPP, it should (eventually) replace SLIP.
Loopback Interface
Most
implementations support a loopback interface that allows a client and
server on the same host to communicate with each other using TCP/IP. The
class A network ID 127 is reserved for the loopback interface. By
convention, most systems assign the IP address of 127.0.0.1 to this
interface and assign it the name localhost. An IP datagram sent to the
loopback interface must not appear on any network.
Although we
could imagine the transport layer detecting that the other end is the
loopback address, and short circuiting some of the transport layer logic
and all of the network layer logic, most implementations perform
complete processing of the data in the transport layer and network
layer, and only loop the IP datagram back to itself when the datagram
leaves the bottom of the network layer.
The key points are as follows:
1. Everything sent to the loopback address (normally 127.0.0.1) appears as IP input.
2. Datagrams sent to a broadcast address or a multicast address are copied to the loopback interface and sent out on the Ethernet. This is because the definition of broadcasting and multicasting includes the sending host.
3. Anything sent to one of the host's own IP addresses is sent to the loopback interface.
IP
datagrams sent to the one of the host's own IP addresses normally do
not appear on the corresponding network. For example, on an Ethernet,
normally the packet is not transmitted and then read back. Comments in
some of the BSD Ethernet device drivers indicate that many Ethernet
interface cards are not capable of reading their own transmissions.
MTU
There
is a limit on the size of the frame for both Ethernet encapsulation and
802.3 encapsulation. This limits the number of bytes of data to 1500
and 1492, respectively. This characteristic of the link layer is called
the MTU, its maximum transmission unit. Most types of networks have an
upper limit.
If IP has a datagram to send, and the datagram is
larger than the link layer's MTU, IP performs fragmentation, breaking
the datagram up into smaller pieces (fragments), so that each fragment
is smaller than the MTU.
Network | MTU (bytes) |
---|---|
Hyperchannel 16 Mbits/sec token ring (IBM) 4 Mbits/sec token ring (IEEE 802.5) FDDI Ethernet IEEE 802.3/802.2 X.25 Point-to-Point (low delay) | 65535 17914 4464 4352 1500 1492 576 296 |