2 link layer
2.1 Introduction From Figure 1.4 We can see that in the TCP / IP protocol family, the link layer mainly has three purposes: (1) Send and receive IP datagrams for IP modules; (2) Send ARP request and reception for the ARP module ARP response; (3) Send RARP requests and receive RARP answers to RARP. TCP / IP supports a variety of different link layer protocols, depending on the hardware used by the network, such as Ethernet, token ring, FDDI (fiber distributed data interface), RS-232 serial line, and the like. In this chapter, we will discuss in detail the Ethernet link layer protocol, two serial interface link layer protocols, and the loopback driver that most implementations are included. Ethernet and SLIP are the link layers used in most examples in this book. We introduced the MTU (Maximum Transmission Unit), which will encounter multiple times in the later chapter of this book. We also discussed how to select MTU for the serial line.
2.2 Ethernet and IEEE 802 Package Ethernet The terms generally refers to a standard for Digital Equipment Corp., Intel Corp., and Xerox jointly announced in 1982. It is the main local area network technology used in TCP / IP today. It uses a media access method called CSMA / CD, which means carrier listening multi-channel access / conflict detection (Multiple Access with Collision Detection). It has a rate of 10 mb / s, address is 48 bit. A few years later, the IEEE (Electronic Engineering Association) 802 Committee announced a slightly different standard set, of which 802.3 directed the entire CSMA / CD network, 802.4 for the token bus network, 802.5 for the token ring network. The common characteristics of these three are defined by 802.2, that is, 802 network shared logical link control (LLC). Unfortunately, 802.2 and 802.3 define a frame format different from Ethernet. Document [Stallings 1987] has been described in detail on all IEEE 802 standards. In the TCP / IP world, the Package of the Ethernet IP datagram is defined in RFC 894 [Hornig 1984], IEEE 802 network IP datagram package is defined in RFC 1042 [Postel and Reynolds 1988]. Host demand RFC requires each Internet host to connect to a 10Mbit / s Ethernet cable: 1. Must be able to send and receive packets using RFC 894 (Ethernet) package format. 2. Packets in the RFC 1042 (IEEE 802) package format mixed with RFC 894 should be received. 3. Perhaps it is possible to send packets with RFC 1042 format packages. If the host can simultaneously send two types of packet data, the transmitted packet must be set, and the RFC 894 packet must be set by default. The most commonly used package format is the format defined by the RFC 894. Figure 2.1 shows two different forms of package format. The numbers under each box in the figure are their byte lengths. Both frame formats use 48 bit (6 bytes) target addresses and source address. (802.3 Allows the use of 16 bits address, but is usually 48 bit addresses.) This is the hardware address we call in this book. The ARP and RARP protocols (Chapters 4 and Chapter 5) mapping 32 Bit IP addresses and 48 Bit hardware addresses. The next two bytes are different in both frame formats. In the frame format defined in the 802 standard, the length field refers to the byte length of its subsequent data, but does not include a CRC inspection code. The type field of the Ethernet defines the type of subsequent data. In the frame format defined by the 802 standard, the type field is given by the subsequent subnet access protocol (SNAP) of Sub-Network Access Protocol, SNAP). Fortunately, the valid length value defined by 802 is in the same value of the Ethernet's valid type, so that two frame formats can be distinguished. In the Ethernet frame format, the type field is data, and in the 802 frame format, followed by the 3-byte 802.2 LLC and 5 bytes of 802.2 SNAP. The value of the Destination Service Access Point, DSAP and Source Service Access Point, SSAP is set to 0xAA. The value of the CTRL field is set to 3. Subsequent 3 byte org code is set to 0. Then the next two byte type fields are the same as the Ethernet frame format.
(Other types of field values can be found in RFC 1340 [Reynolds and Postel 1992]). CRC fields are used for cyclic redundancy tests (inspections and inspection and) of subsequent byte errors within intra. (It is also known as FCS or frame test sequence) 802.3 Standard defined frames and Ethernet frames have minimal length requirements. 802.3 The data section must be at least 38 bytes, and for Ethernet, you request a minimum of 46 bytes. In order to ensure this, the fill (pad) byte must be inserted in the short space. We will encounter this minimum length when starting the packet on the line. In this book, we will give an Ethernet package format when we need it, as this is the most common package format. Figure 2.1 IEEE 802.2 / 802.3 (RFC 1042) and Ethernet package format (RFC 894)
2.3 Tail Package RFC 893 [Leffler and Karels 1984] Another package format for Ethernet is described as a TRALER ENCAPSULATION. This is a test format for an early BSD system running on the DEC VAX machine, which improves performance by adjusting the order of the fields in the IP datagram. In the Ethernet data frame, the part begins is a growing field (IP header and TCP header). Move them to the tail (before CRC), so when copying the data to the kernel, you can map the data portion in the data frame to a hardware page, saving the replication process of memory to the memory. The length of the TCP datagram is an integer multiple of 512 bytes, and it is exactly to handle the page table in the kernel. Two hosts use ARP extension protocols to make tail packages for data frames by negotiation. These data frames need to define different Ethernet frame type values. Now, the tail packages have been opposed, so we don't give any examples. Interested readers, please refer to RFC 893 and 11.8 of Document [Leffler et al. 1989].
2.4 SLIP: The full name of the serial line IPSLIP is Serial Line IP. It is a simple form of packaging on the IP datagram on the serial line, which is described in detail in RFC 1055 [Romkey 1988]. SLIP is suitable for almost all of the RS-232 serial ports and high-speed modems accessing Internet. The following rules describe the frame format defined by the SLIP protocol: 1. The IP datagram ends with a special character called end (0xc0). At the same time, in order to prevent the line noise before the data is reported as a data report, most implementations have also transmitted an end character in the beginning of the datagram. (If there is a line noise, the end character will end the wrong message. Such a current message is transmitted correctly, and after the previous error message is given to the upper layer, it will be discovered to be discarded. .)2. If a character in the IP message is end, then two bytes 0xDB, 0xDC will replace it continuously. 0xDB This special character is called the SLIP ESC character, but its value is different from the ESC character (0x1b) of the ASCII code. 3. If a character is Slip's ESC character in the IP packet, then two bytes 0xDB, 0xDD will replace it. The example in Figure 2.2 is an IP message containing an end character and an ESC character. In this example, the total byte number transmitted on the serial line is the original IP packet length plus 4 bytes. SLIP is a simple frame packaging method, and some defects worth mentioning: 1. Each end must know the other's IP address. There is no way to notify the IP address of this end to the other end. 2. There is no type field in the data frame (similar to the type field in the Ethernet). If a serial line is used for SLIP, then it cannot use other protocols at the same time. 3. SLIP does not add inspection and (similar to the CRC field in the Ethernet) in the data frame. If the message transmitted by the SLIP is an error, it can only be discovered by the upper protocol. (Another way is that the new modem can detect and correct the error message.) This, the upper protocol provides some form of CRC. In Chapter 3 and Chapter 17, we will see IP headers and TCP headers and their data have always been inspected. In Chapter 11, we will see that the UDP header and its data are inspected and optional. Figure 2.2 SLIP packet package
Despite these disadvantages, SLIP is still a widely used protocol.
(The following is the original book P.251) SLIP's history dates back to 1984, and Rick Adams were first implemented in the 4.2BSD system. Although its description is a non-standard protocol, the SLIP is increasingly popular with the rate and reliability of the modem. Now, many products can be obtained, and many producers support this agreement.
2.5 Compressed SLIP Since the speed of the serial line is usually low (19200 b / s or less), and communication is often interactive (eg TELNET and RLOGIN, both use TCP), there is a lot on the SLIP line. Small TCP packets are exchanged. In order to transmit 1 byte of data requires 20 bytes of IP headers and 20 bytes of TCP headers, the total number exceeds 40 bytes. (Section 19.2 During the Rlogin session, the details of these small packets transmission are knocked into a simple command.) Since people recognizing these performance defects, people have proposed a new newly known as CSLIP (ie The agreement is described in detail in RFC 1144 [Jacobson 1990A]. CSLIP typically compresses the above 40 bytes to 3 or 5 bytes. It maintains up to 16 TCP connections at each end of CSLIP, and knows that some fields in each of them generally do not change. For those fields that have changed, most of them are only small numbers and changes. These compressed headers greatly shorten the interaction response time. (Below is the original book P.252) Now most SLIP products support CSLIP. There are two SLIP links in the subnet (see the inner page), which are both CSLIP links.
2.6 PPP: Point-to-point protocol PPP and point-to-point protocol modify all the defects in the SLIP protocol. PPP includes the following three parts: 1. The method of encapsulating the IP datagram on a serial link. PPP supports both data as an asynchronous mode of 8-bit and non-parity (serial interfaces that are generally existing on most computers), but also supports bits. Synchronous links. 2. Configure, configure and test the link control protocol (LCP: Link Control Protocol) of the Data Link. It allows both parties to communicate for negotiation to determine different options. 3. Network Control Protocol (NCP: NETWORK Control Protocol) system for different network layer protocols. The current RFC defined network layer has IP, OSI network, DECNET, and AppleTalk. For example, IP NCP allows both parties to agree to compress the header of the message, similar to CSLIP. (Acbe) NCP can also be used in front of TCP). RFC 1548 [SIMPSON 1993] describes a method and link control protocol for packet packaging. RFC 1332 [McGregor 1992] describes a network control protocol for IP. The format of the PPP data frame looks like ISO's HDLC (High-level Data Link Control) standard. Figure 2.3 is the format of the PPP data frame.
Figure 2.3 PPP data frame format
Each frame starts and ends with flag character 0x7e. Then, it is an address byte, the value is always 0xFF, then a control byte value of a value of 0x03. Next is the protocol field, similar to the functionality of the type field in the Ethernet. When its value is 0x0021, the message field is an IP datagram. The value is 0xc021 indicates that the information field is link control data, and the value is 0x8021 indicates that the information field is network control data. The CRC field (or FCS, frame verification sequence) is a loop redundancy check code to detect errors in the data frame. Since the value of the logo character is 0x7e, the PPP needs to escape it when the character appears in the information field. In the synchronous link, the process is done by a hardware technology called bit stuffing. [TANENBAUM 1989]. In an asynchronous link, special character 0x7d is used as an essential character. When it appears in the PPP data frame, then the sixth bit of the next character should be completed, the specific implementation process is as follows: 1. When the character 0x7e is encountered, two characters need to be transferred continuously: 0x7d and 0x5e To implement the escape of the logo character. 2. When you encounter an escape character 0x7d, you need to transfer two characters: 0x7D and 0x5D to implement the escape of the escape character. 3. By default, if the value of the character is less than 0x20 (for example, an ASCII control character), it is generally necessary to perform escalation. For example, the 0x7D and 0x21 two characters will be transferred for the character 0x01. (At this time, the sixth ratio of the second ratio is 1, and both of the two situations have changed it to 0.) This reason is to prevent them from appearing in the serial interface driver or modem of the host's host. Sometimes they explain these control characters as special meaning. Another possibility is to use a link control protocol to specify whether to escape some of these 32 characters. By default, all 32 characters are escaped. Similar to SLIP, since PPP is often used for low-speed serial links, reduces the number of bytes per frame can reduce the interaction of the application. With link control protocols, most products can omit the flags and address fields through negotiation, and reduce the protocol fields from 2 bytes to 1 byte. If we compare the PPP's frame format (Figure 2.2) in the frame format (Figure 2.2), PPP only adds 3 additional bytes: 1 byte leaves the protocol field, and the other is used to use the CRC field. . In addition, using the IP network control protocol, most products can be used to use the VAN Jacobson packet header compression method (corresponding to CSLIP compression), reduce the length of IP and TCP. In general, PPP has the following advantages over SLIP: (1) PPP supports running multiple protocols on a single serial line, not just IP protocol; (2) Each frame has cycle redundancy inspection; (3) Communication two sides can perform dynamic negotiation of IP addresses (using IP network control protocol); (4) Similar to CSLIP, compress TCP and IP packets; (5) Link Control Protocol can be paired for multiple data link options Set. The cost we pay for these advantages is to add 3 bytes at the first part of each frame, and send several frame negotiation data when establishing a link, and more complex implementation. (The following is the original book P.271) Although PPP has more advantages over SLIP, the current SLIP users are still more than PPP users. As the product is getting more and more, the producer also begins to gradually support PPP, so the final PPP should replace SLIP.
2.7 Roop-back Interface Most products support loopback interface (loopback interface to allow client programs and server programs running on the same host to communicate via TCP / IP. The Class C class number 127 is reserved for the ring back interface. Based on conventions, most systems allocate IP address 127.0.0.1 to this interface and name Localhost. A IP datagram that passes the ring back interface cannot appear on any network. We imagine that once the transport layer detects that the destination address is a loopback address, the logical operation of partial transport layers and all network layers should be omitted. However, most products still use all the processes of the transport layer and the network layer, but return it to themselves when IP datagram leaves the network layer. Figure 2.4 is a simple process of processing IP datagrams in a loopback interface. Figure 2. Down the process of processing IP datagram
It is necessary to indicate that the key points in the figure are: 1. Any data transmitted to the loopback address (typically 127.0.0.0.1) is used as an IP input. 2. Pass the data report to the broadcast address or the multicast address, and send it to the loopback interface and then sent to Ethernet. This is because the definition of broadcast transmission and multicast transmission (Chapter 12) contains the host itself. 3. Any data transmitted to the host IP address is sent to the loopback interface. It seems that the way to use the transport layer and the IP layer to deal with the loopback data seems to be less efficient, but it simplifies the design because the loopback interface can be seen as another link layer below the network layer. The network layer sends a datagram to the ring back, just like transmitting it to other link layers, only the loopback interface returns it to the IP input queue. In Figure 2.4, another implicit means that IP datagrams give to the host itself IP address generally do not appear on the corresponding network. For example, in an Ethernet, the packet is generally not transmitted and then read back. Note Description of some BSD Ethernet device drivers, many Ethernet interface cards cannot read them on their own data. Since a host must handle the IP datagram sent to you, the process shown in Figure 2.4 is the most simple processing.
(The following is a translation of the original book P.291) 4.4BSD system defines the variable UseroPBack and initializes 1. However, if this variable is set to 0, the Ethernet driver will send the local packet to the network instead of send it to the ring back. It may not work, depending on the Ethernet interface card and device driver you use.
2.8 Maximum Transmission Unit MTU As we see in Figure 2.1, Ethernet and 802.3 have a limit on the length of the data frame, and its maximum is 1500 and 1492 bytes, respectively. This feature of the link layer is called the MTU, the maximum transmission unit. Most of the different types of networks have a maximum. If the IP layer has a data report, and the length of the data is larger than the MTU of the link layer, then the IP layer needs to be fragmentation, and the data is distributed, so that each piece is smaller than the MTU. We will discuss the process of IP fragmentation in Section 11.5. Figure 2.5 lists some typical MTU values, which are taken from RFC 1191 [Mogul and Deering 1990]. The MTU of the point-to-point link layer (such as SLIP and PPP) does not refer to the physical characteristics of the network media. Instead, it is a logical limit that provides a sufficient enough response time for interaction. In Section 2.10, we will see how this limit value is calculated. In Section 3.9, we will print out the MTU of the network interface with the NetStat command.
Figure 2.5 Several common maximum transmission units (MTU)
2.9 Path MTU When communicating with two hosts on the same network, the MTU of the network is very important. However, if communication between two hosts is to pass multiple networks, then the link layer of each network may have different MTUs. Important is not the value of the MTU of the network where the network is located is important. The minimum MTU in the two communication host paths. It is called path MTU. The path MTU between the two hosts is not necessarily a constant. It depends on the route selected at the time. The route selection is not necessarily symmetrical (from the route from A to B), the path MTU is not necessarily consistent in both directions from the route from b to a. RFC 1191 [Mogul and Deering 1990] describes the discovery mechanism of the path MTU, that is, the method of determining the path MTU at any time. We introduce the ICMP and IP fragmentation methods to see how it operates. In Section 11.6, we will see this discovery method in the unreachable error of ICMP. In Section 11.7, we will also see that the Traceroute program is also using this method to determine the path MTU that arrives at the target node. In Section 11.8 and 24.2, we will introduce how udp and tcp operate when the product support path MTU is discovered. 2.10 Serial line throughput Calculation If the line rate is 9600 b / s, and one byte has 8 bit, plus a start bit and a stop bit, then the rate of the line is 960 b / s (bytes / second) . Transferring a 1024-byte group of 1066 ms at this rate. If we run a interactive application with a SLIP link, run another application such as FTP to send or receive 1024 bytes of data, then usually wait for half a time (533 ms) to put interactive applications The packet data of the program is sent. Assume that our interactive packet data can be sent before the other "large block" packet data is sent. Most SLIP implementations do provide such service queuing methods, put interaction data in front of the bulk data. Interactive communication typically has Telnet, Rlogin, and FTP control section (user command, not data).
(The following is a translation of the original book P.311) This service queuing method is not perfect. It does not affect non-interactive data that has entered the downstream (such as serial driver) queue. At the same time, the new modem has a large buffer, so non-interactive data may have entered the buffer.
For interactive applications, waiting for 533 ms unacceptable. About people's related studies have shown that more than 100-200 ms of interactive response time is considered a bad [Jacobson 1990a]. This is a round trip time that is sent to the interpretation of the interactive message until the response information is received (usually a back display character). Show SLIP's MTU to 256 means that the link transmission is up to 266 ms, half of it is 133 ms (this is the time we usually wait for the time). This will be fine, but it is still imperfect. We chose its cause (compared to 64 or 128) because the large block data provides a good line utilization (such as large file transmission). Suppose the first part of CSLIP is 5 bytes, the total length of the data frame is 261 bytes, and the 256-byte data makes the line's utilization rate of 98.1%, and the frame head accounts for 1.9%. This utilization is very good. . If the MTU drops below 256, the maximum throughput of the transfer block data will be reduced. In the MTU value listed in Figure 2.5, the MTU of the point-to-point link is 296 bytes. Suppose the data is 256 bytes, TCP and IP header account for 40 bytes. Since the MTU is the result of the IP to the link layer query, this value must include the usual TCP and IP headers. This will lead to how IP is decomposed. IP does not know if the compression of CSLIP. Our calculation of the average waiting time (half of the time required for maximum data frame) is only applicable to the SLIP link (or PPP link) in both cases of interactive communication and large block data transmission. When only interactive communication, if the line rate is 9600 b / s, then 1 byte data in any direction (there is a 5-byte compressed frame header) round-trip approximately 12.5 ms. It is small enough than the 100-200 ms mentioned above. It should be noted that the 1-byte data round trip time is reduced from 85 ms to 12.5 ms due to the frame header to 5 bytes from 40 bytes. Unfortunately, such computing is more difficult when using new error correction and compression modems. The compression method used by these modems makes the number of bytes transmitted on the line greatly reduced, but the error correction mechanism will increase the transmission time. However, these calculations are the entry point for us to make reasonable decisions. In the following chapters, we will use these serial line throughput to verify the time passed from the serial line. 2.11 Summary This chapter discusses the bottom protocol and link layer protocol in the Internet protocol. We compare the package format of Ethernet and IEEE 802.2 / 802.3, as well as SLIP and PPP package format. Since SLIP and PPP are often used for low-speed links, both provide methods of compressing uncommonly changing public fields. This improves interaction performance. Most implementations provide loopback interfaces. Accessing this interface can be accessed through a special loopback address, typically 127.0.0.1, or any IP address that the host has either by sending IP datagrans. When the loopback data is returned to the upper protocol stack, it has passed the transfer layer and the IP layer complete processing. We describe that many links have an important feature, the MTU, the concept is the path MTU. According to the typical serial line MTU, we calculate the transmission of the SLIP and CSLIP links. This chapter only covers some of the data link public technologies employed by TCP / IP. One of the reasons for the success of TCP / IP is that it can run almost any data link technology.
Exercise 2.1 If your system supports NetStat (1) command (see 3.9), use it to determine the interface on the system and its MTU.
2-1
