internet.com
You are in the: Small Business Computing Channelarrow View Sites +
Small Business Technology
» ECommerce-Guide | Small Business Computing | Webopedia | WinPlanet |  »Close
Webopedia.com
Enter a word for a definition... ...or choose a computer category.
 
 

menu
   Home
   Term of the Day
   New Terms
   Pronunciation
   New Links
   Quick Reference
   Did You Know?
   Categories
   Tech Support
   Webopedia Jobs
   About Us
   Link to Us
   Advertising
  

talk to us
   Submit a URL
   Suggest a Term
   Report an Error

internet.com
Developer
Downloads
International
Internet Lists
Internet News
Internet Resources
IT
Linux/Open Source
Personal Technology
Small Business
Windows Technology
xSP Resources
Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers
commerce
  Be a Commerce Partner
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Understanding The Data Link Layer

~ By Charlie Schluting

What's more important than IP and routing? Well, Layer 2 is much more important when it's broken. Many people don't have the Spanning Tree Protocol (STP) knowledge necessary to implement a layer 2 network that's resilient. A switch going down shouldn't prevent anyone from having connectivity, excluding the hosts that are directly attached to it. Before we can dive into Spanning Tree, you must understand the inner workings of layer 2.

Layer 2, the Data Link layer, is where Ethernet lives.

Ethernet bridges, as they're called now, began life as a "bridge." Traditional bridges would read all Ethernet frames, and then forward them out every port, except the ones they came in on. They had the capability to allow redundancy via STP, and they also began learning which MAC addresses were on which port. At this point, a bridge then became a learning device, which means they would store a table of all MAC addresses seen on a port. When a frame needed to be sent, the bridge could look up the destination MAC address in the bridge table, and know which port should be sent out. The capability to send data to only the correct host was a huge advance in switching because collisions became much less likely. If the destination MAC address wasn't found in the bridge table, the switch would simply flood it out all ports. That's the only way to find where a host actually lives for the first time, so as you can see, flooding is an important concept in switching. It turns out to be quite necessary in routing, too.

Key Terms To Understanding the Data Link Layer

OSI
Short for Open System Interconnection, an ISO standard for worldwide communications that defines a networking framework for implementing protocols in seven layers.

spanning tree protocol
Abbreviated STP, a link management protocol that is part of the IEEE 802.1 standard for media access control bridges.

bridge
A device that connects two local-area networks (LANs), or two segments of the same LAN that use the same protocol, such as Ethernet or Token-Ring.

 

Important terminology in this layer includes the following:

  • Unicast segmentation: Bridges can limit which hosts hear unicast frames (frames sent to only one MAC address). Hubs would simply forward everything to everyone, so this alone is a huge bandwidth-saver.
  • Collision Domain : The segment over which collisions can occur. Collisions don't happen any more, since switches use cut-through forwarding and NICs are full-duplex. If you see collisions on a port, that means someone negotiated half-duplex accidentally, or something else is very wrong.
  • Broadcast Domain : The segment over which broadcast frames are sent and can be heard.

A few years later, the old store-and-forward method of bridge operation was modified. New switches started only looking at the destination MAC address of the frame, and then sending it instantly. Dubbed "cut-through forwarding," presumably because frames cut through the switch much more quickly and with less processing. This implies a few important things: A switch can't check the CRC to see if the packet was damaged, and that implies that collisions needed to be made impossible.

Now, to address broadcast segmentation, VLANs were introduced. If you can't send a broadcast frame to another machine, they're not on your local network, and you will instead send the entire packet to a router for forwarding. That's what a Virtual LAN (VLAN) does, in essence: It makes more networks.

On a switch, you can configure VLANs, and then assign a port to a VLAN. If host A is in VLAN 1, it can't talk to anyone in VLAN 2, just as if they lived on totally disconnected devices. Well, almost; if the bridge table is flooded and the switch is having trouble keeping up, all data will be flooded out every port. This has to happen in order for communication to continue in these situations. This needs to be pointed out because many people believe VLANs are a security mechanism. They are not even close. Anyone with half a clue about networks (or with the right cracking tool in their arsenal) can quickly overcome the VLAN broadcast segmentation. In fact, a switch will basically turn into a hub when it floods frames, spewing everyone's data to everyone else.

If you can't ARP for a machine, you have to use a router, as we already know. But does that mean you have to physically connect wires from a router into each VLAN? Not anymore, we have layer 3 switches now! Imagine for an instance, if you will, a switch that contains 48 ports. It also has VLAN 1 and VLAN 2, and ports 1-24 are in VLAN 1, while ports 25-48 are part of VLAN 2. To route between the two VLANs, you have basically three options. First, you can connect a port in each VLAN to a router, and assign the hosts the correct default route. In the new-fangled world of today, you can also simply bring up two virtual interfaces in each VLAN. In Cisco-land, the router interfaces would be called vlan1 and vlan2. They get IP addresses, and the hosts use the router interface as their router.

The third way brings us to the final topic of our layer 2 overview. If you have multiple switches that need to contain the same VLANs, you can connect them together so that VLAN 1 on switch A is the same as VLAN 1 on switch B. This is accomplished with 802.1q, which will tag the packets as they leave the first switch with a VLAN identifier. Cisco calls these links "trunk ports," and you can have as many VLANs on them as the switch allows (currently 4096 on most hardware). So, the third and final way to route between VLANs is to connect a trunk to a router, and bring up the appropriate interfaces for each VLAN. The hosts on VLAN 1, on both switch A and B will have access to the router interface (which happens to be on another device) since they are all "trunked" together and share a broadcast domain.

We've saved you from the standard "this is layer 2, memorize the Ethernet header" teaching method. To become a true guru you must know it, but to be a useful operator, (something the cert classes don't teach you) simply understand how it all works.

Did You Know... (Summing it up)

  • Bridges, aka switches, store MAC address tables to enable unicast segmentation; that is, they only send unicast data to the host that needs it.
  • VLANs provide absolutely zero security benefits.
  • A layer 3 switch can be delivered multiple VLANs through a trunk, and route between them. This can happen all on the same wire.

Related Terminology: Webopedia > Networks > Networking Standards >


~ By Charlie Schluting
Adapted from Enterprise Networking Planet
Last updated: January 20, 2005


Related Links

Webopedia's "Did You Know ... Understanding Layers"
It is time to take a trip up the OSI Reference Model, and learn what this mysterious thing is all about.

Webopedia's Quick Reference: The 7 Layers of the OSI Model
Use this handy guide to compare the different layers of the OSI model and understand how they interact with each other.

Networking 101: Understanding IP Addresses
Networks don't work without addresses: Whenever you are sending something, you need to specify where it should go and where it came from. To be an effective network engineer or administrator, you need to understand IP addresses backward and forward: you need to be able to think on your feet.

Networking 101: Understanding Subnets and CIDR  
Let's get one thing straight: there is no "Class" in subnetting. In the olden days, there were Class A, B and C networks. These could only be divided up into equal parts, so VLSM, or Variable Length Subnet Masks , were introduced. The old Class C was a /24, B was a /16, and A was a /8. That's all you need to know about Classes. They don't exist anymore.

Networking 101: Subnets Realized (Including IPv6)
An oft-asked question in networking classes is "why can't we just put everyone on the same subnet and stop worrying about routing?" The reason is very simple. Every time someone needs to talk, be it to a router or another host, they have to send an ARP request. Also, there are broadcast packets that aren't necessarily limited to ARP, which everyone hears.




Do you have an interesting piece of computer-related trivia that you would like us to explore?
Tell us about it.


JupiterWeb networks:

internet.comearthweb.comDevx.com graphics.com

Search JupiterWeb:

Jupitermedia Corporation has three divisions:
Jupiterimages, JupiterWeb and JupiterResearch


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Jupitermedia Corporate Info | Newsletters | Tech Jobs | Shopping | E-mail Offers