Community Groups Rewards Enterprise

[IP Adventure] A Packet's Adventures on Routers - 07

EchoW
EchoW  Senior  (1)
5 years 11 months ago  View: 6448  Reply: 5
1F

Layer 2 Ethernet Bridged Forwarding

This chapter describes the Ethernet Bridged forwarding process for unicast, multicast, and broadcast traffic.

Basics of Layer 2 Ethernet Frame Forwarding

What Is Layer 2 Ethernet Frame Forwarding?

Layer 2 Ethernet frame forwarding describes how data frames are forwarded on the data link layer through network bridges or switches.

The data link layer has different network protocols, such as token ring, Ethernet, and FDDI. Among these protocols, Ethernet is most widely used. This chapter focuses on how Ethernet frames are forwarded.

An Ethernet forwards frames based on Layer 2 Ethernet frame headers or - to be more specific - MAC addresses.

MAC Address

A MAC address is a globally unique 48-bit binary address. MAC addresses are uniformly managed and assigned by the IEEE. For easier readability, MAC addresses are represented in hexadecimal notation, such as 00-e0-fc-00-00-06. They can be classified into three types:

·         Unicast address: The least significant bit of the first octet is 0, such as 00-e0-fc-00-00-06.

·         Multicast address: The least significant bit of the first octet is 1, such as 01-e0-fc-00-00-06.

·         Broadcast address: All 48 bits are 1s, represented as ff-ff-ff-ff-ff-ff.

Frame Forwarding Process for Layer 2 Unicast Traffic

In the following example, PC-A in a LAN sends an Ethernet frame to PC-B over a Layer 2 switch. The Ethernet frame's destination MAC address is MAC2 and source MAC address is MAC1.

Upon receipt of the Ethernet frame, the Layer 2 switch performs the following operations:

·         Parses the Ethernet frame and reads the destination MAC address. In this example, the destination MAC address is MAC2.

·         Looks up its MAC address table and finds the corresponding outbound port. In this example, MAC2 is mapped to Port2.

·         Forwards the Ethernet frame. In this example, the Layer 2 switch forwards the Ethernet frame from Port2 to PC-B.

Frame Forwarding Process for Layer 2 Broadcast Traffic

In the preceding example, what will PC-A do if it does not know PC-B's MAC address? PC-A will broadcast an ARP request, in which the destination MAC address is a broadcast address and the source MAC address is PC-A's own MAC address. Upon receipt of the ARP request, the switch sends the request to all ports except Port1. All hosts in the LAN receive the broadcast ARP request.

After PC-B receives the ARP request, it returns an ARP response. The switch forwards the ARP response only to PC-A.

MAC Address Learning

We've seen the MAC address table on the Layer 2 switch that contains mappings between MAC addresses and ports. Where does this table come from? We've learned that a router learns IP-MAC mappings through ARP, as described in IP Unicast Forwarding Process, and now let's discover how the MAC address table is built.

In the preceding example, the switch's MAC address table starts out empty. After PC-A sends an Ethernet frame to PC-B, the switch receives the frame and performs the following operations:

1.    Reads the frame's source MAC address, maps the address to the port that received the frame, and adds the mapping to its MAC address table.

2.    Reads the frame's destination MAC address and searches its MAC address table for the corresponding port. Since the switch has not learned PC-B's MAC address, the switch floods the data frame to all ports except to the port that received the frame.

PC-B then receives the data frame.

The switch learns every device's MAC address after PC-B, PC-C, and PC-D send data frames to the switch.

Aging of MAC Address Table Entries

In the preceding example, if PC-D is moved or the ports connecting to PC-D and PC-C are switched, the switch may send frames to incorrect PCs if its MAC address table is not updated in real time. The switch prevents this problem by setting a timer for each MAC address entry. If the switch does not receive any frames from a particular PC before the timer expires, the switch considers the PC's MAC address entry invalid and removes it from its MAC address table. If the PC wants to send frames again, the switch has to re-learn the PC's MAC address.

VLAN Basics

In a LAN, broadcasting is unavoidable. We've learned that a switch floods broadcast or unknown unicast frames to a network. Other protocols, such as DHCP or RIP, also frequently send broadcast frames. Flooding consumes link resources and burdens hosts.

To reduce broadcast frame traffic, the virtual local area network (VLAN) was created. VLANs logically divide LANs into multiple broadcast domains. Hosts in the same VLAN can communicate with each other but hosts in different VLANs cannot. How does a VLAN isolate broadcast frames?

To isolate broadcast frames, switch ports are assigned with VLANs. Ports between multiple switches can belong to more than one VLAN. In the following figure, after Switch 1 receives a broadcast frame from host A, it adds a VLAN 10 tag to the frame and forwards the frame only to ports in VLAN 10. Ports in VLAN 20 cannot receive this frame.

How do hosts in a VLAN communicate?

After VLANs are assigned to the switch's ports, VLAN IDs appear in the original MAC address table.

After the switch receives a frame, the switch adds a VLAN tag to the frame based on the inbound interface and forwards the frame based on the VLAN ID and destination MAC address. The format of a VLAN-tagged Ethernet frame is as follows:

After the peer switch receives the VLAN-tagged frame, the switch removes the VLAN tag and forwards the frame based on the VLAN ID and destination MAC address in its forwarding table. (Note that hosts in different VLANs can only communicate through routers.)

In the preceding example, some ports allow only one VLAN to pass, while some allow multiple VLANs to pass. VLAN ports can be classified into three types:

·         Access port: belongs to only one VLAN and connects devices that do not support 802.1Q encapsulation, such as a user computer.

·         Trunk port: can belong to multiple VLANs and receive and send frames from multiple VLANs. A trunk port is used to connect network devices.

·         Hybrid port: can belong to multiple VLANs and receive and send frames from multiple VLANs. A hybrid port can connect network devices or devices that do not support 802.1Q encapsulation.

Frame processing mechanism:

To ensure efficient frame processing, switches perform VLAN-based forwarding and frame processing differently for inbound and outbound directions. Vendor-specific devices and different VLAN ports also perform differently when processing VLAN frames. Huawei high-end routers process VLAN frames as follows.

Port type

Inbound

Outbound

Receiving an untagged frame

Receiving a tagged frame

Sending a frame

Access port

Accepts and adds the default VLAN tag to the frame before forwarding.

Forwards if the frame's VLAN ID is same as the default VLAN ID. Discards if not.

Strips the VLAN tag.

Trunk port

Discards the frame.

Forwards if the VLAN ID is permitted. Discards if not permitted.

Directly sends the frame.

Hybrid port

Accepts and adds the default VLAN tag to the frame. If the default VLAN ID in the tag is permitted, the port forwards the frame. Otherwise, the port discards it.

Forwards if the VLAN ID is permitted. Discards if not permitted.

If the VLAN ID carried in the frame is the same as the default VLAN ID, the port strips the VLAN tag before forwarding. Otherwise, the port directly forwards the frame without changing the VLAN tag.

Layer 2 Loop Prevention - Spanning Tree Protocol

Ring networks are very common in Ethernet LAN. However, the ring network topology is prone to broadcast storms.

How do broadcast storms occur? If host A wants to communicate with host D without knowing D's MAC address, host A broadcasts an ARP request. Upon receipt, SW1 floods the frame. Both SW2 and SW3 receive the ARP request and flood the frame. SW1 receives its own ARP request and restarts the flooding process. All the three devices continuously receive and flood the frame, causing a broadcast storm.

Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) were developed to detect and eliminate Layer 2 loops. These STPs are used to probe link-layer topologies and control link-layer forwarding behaviors of switches. If a network loop exists, these STPs block a selected port from forwarding or receiving Ethernet frames to eliminate the loop. Since this chapter focuses on data frame forwarding, STP-defined port status and forwarding behavior will be discussed in detail.

STP defines five port states as follows:

·         Forwarding: Forwards both user traffic and STP protocol packets - BPDUs.

·         Learning: Creates a MAC address table based on the received user traffic but does not forward the user traffic.

·         Listening: Determines the root bridge, root port, and designated port but does not forward the user traffic.

·         Blocking: Receives and forwards BPDUs only.

·         Disabled: Forwards neither BPDUs nor user traffic.

MSTP and RSTP streamline the five port states into the following three states:

·         Forwarding: Forwards both user traffic and BPDUs.

·         Listening: Only receives and processes BPDUs.

·         Discarding: Forwards neither BPDUs nor user traffic.

Only ports in Forwarding state forward user traffic.

Layer 2 Ethernet Frame Forwarding Process

On Huawei high-end routers, if Ethernet interfaces are switched from Layer 3 to Layer 2 using the portswitch command, the Layer 2 Ethernet interfaces support Layer 2 bridge forwarding. The following figure shows the complete Layer 2 bridge forwarding process, with a focus on FIB-based forwarding and encapsulation information obtainment. Other processes that are shown have been described in the previous chapters.

Detailed flowchart for FIB-based forwarding:

1.    The uplink PFE (NP or ASIC chip) parses the received packet, checks VLAN validity based on port types (access, trunk, or hybrid), and discards the packet if it is invalid. For processing details, see the table description on pages 60 and 61.

2.    If the packet is valid, the PFE determines whether the packet's destination MAC is a local MAC. If so, the PFE performs IP or MPLS forwarding; If not, the PFE proceeds to the next step.

3.    The PFE performs STP status check. If an interface stays in the Forwarding state or does not have STP enabled, the interface forwards the packet. If an interface stays in other states, it discards the packet.

4.    The PFE then determines whether the destination MAC is unicast, multicast, or broadcast according to the following:

·         Unicast: Looks up the MAC address table based on port+VLAN. If a match exists, the PFE obtains the outbound interface and VLAN ID, based on which the SFU switches the packet to the correct downlink LPU. If no match exists, the PFE broadcasts the packet.

·         Multicast: Looks up the Layer 2 multicast MAC address table based on port+VLAN for the outbound interface and VLAN ID. If no match exists, the PFE broadcasts the packet.

·         Broadcast: Continues the subsequent processing.

If the packet is a unicast or multicast one, and the outbound interface is a trunk, the packet will be hashed to one trunk member interface.

5.    The uplink TM chip copies unknown unicast and multicast packets, and broadcast packets to all destination LPUs. It copies known multicast packets to destination LPUs where the multicast members reside, but does not copy unicast packets.

6.    The downlink TM chip copies unknown unicast and multicast packets, and broadcast packets on the board receiving these packets.

7.    If MAC address learning is enabled, the downlink forwarding engine learns MAC addresses.

8.    The downlink forwarding engine obtains encapsulation information and performs processing based on the VLAN ID and port type (access, trunk, or hybrid). For processing details, see the table description on pages 60 and 61.

9.    The downlink forwarding engine performs STP status check at the exit. If an interface stays in the Forwarding state or does not have STP enabled, the interface forwards the packet. If the interface stays in the Learning or Listening state, it discards the packet.

Related subjects:

[IP Adventure] A Packet's Adventures on Routers - 06

[IP Adventure] A Packet's Adventures on Routers - 05

[IP Adventure] A Packet's Adventures on Routers - 04

[IP Adventure] A Packet's Adventures on Routers - 03

[IP Adventure] A Packet's Adventures on Routers - 02

[IP Adventure] A Packet's Adventures on Routers - 01

[IP Adventure] A Packet's Adventures on Routers - Introduction

This post was last edited by EchoW at 2016-04-27 11:40.
Comment
nklsureshkumar nklsureshkumar  5 years 5 months ago

Excellent tutorial 

Comment| Reply
Favorite Favorite (0) | Like 1 |Report
faz
faz  Platinum 
5 years 11 months ago
2F
Good tutorial
Comment| Reply
|Report
Saravanan.S
Saravanan.S  Gold 
5 years 5 months ago
3F
Very good tutorial for Packet's Adventures on Routers
Comment| Reply
|Report
Saravanan.S
Saravanan.S  Gold 
5 years 5 months ago
4F
L2 Ethernet bridging basics perfectly explained here
Comment| Reply
|Report
nklsureshkumar
nklsureshkumar  Platinum 
5 years 5 months ago
5F
perfect data doc
Comment| Reply
|Report
Reply
Return New post Share

Hot Group

Fixed Network Info Community
Members:9595   Posts:9360
Wireless Network Info Community
Members:2501   Posts:11275
Support HedEx User Group
Members:14004   Posts:4898
Core Network Info Community
Members:1125   Posts:14720
Network OSS Club
Members:4641   Posts:1596
Information For
Consumers
Enterprises
Carriers
Journalist
Suppliers
Job Seekers
About HUAWEI
Corporate Information
Corporate Governance
Executives
Bond Investor Relations
Sustainability
Cyber Security
Publications
Annual Report
News & Events
Latest News
Media Kit
Media Contact
Security Bulletins
Events
Huawei| Huawei Connect| Support| Privacy| Terms of Use
Contact Us:hworld@huawei.com
Follow Huawei Connect :
Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.