Home

Ethernet (802.3)

2 Comments

Important Note: Ethernet dalam istilah Computer Network (IEEE 802.3) adalah teknologi layer 2 (data link) untuk menghantarkan data dalam suatu Local Area Network (LAN) dengan membaca MAC Address (dalam bentuk frame), jadi bukan sebuah mesin, alat, atau kabel yang seperti kebanyakan orang bilang

Ethernet itu adalah sebuah protocol

Ethernet Frame Field (di dalam data Ethernet yang dikirim Switch…ada apa aja sih??)

warning: most of this article words are in english…wkwkwk


The Preamble (7 bytes) and Start Frame Delimiter (SFD) (1 byte) fields digunakan untuk sending dan receiving. 8 byte pertama dari frame Ethernet digunakan untuk memberitahu lawan “bicara” bahwa mereka siap untuk menerima atau mengirim frame.

The Destination MAC Address field (6 bytes) is the identifier for the intended recipient. Seperti yang kita tahu bahwa alamat ini digunakan layer 2 (data link) untuk membantu devices menentukan apakah sebuah frame yang ditujukan kepada mereka. The address in the frame is compared to the MAC address in the device. If there is a match, the device accepts the frame.

Length field (or Type Field) defines the exact length of the frame’s data field. This is used later as part of the FCS to ensure that the message was received properly. If the purpose of the field is to designate a type as in Ethernet II, the Type field describes which protocol is implemented. (apakah Ethernet II ini lebih baik daripada Ethernet biasa ataukah Ethernet II ini maksudnya adalah FastEthernet yang digunakan sekarang ini, gw kurang tau…feel free to provide me with the Information)

The Data and Pad field (46 – 1500 bytes) contains the encapsulated data from a higher layer, which is a generic Layer 3 PDU, or more commonly, an IPv4 packet. All frames must be at least 64 bytes long. If a small packet is encapsulated, the Pad is used to increase the size of the frame to this minimum size.

The Frame Check Sequence (FCS) field (4 bytes) is used to detect errors in a frame. It uses a cyclic redundancy check (CRC). The sending device includes the results of a CRC in the FCS field of the frame.

*gw ga ajarin CRC, out of field gw…liat aja di Wikipedia

Initially, Ethernet was implemented as part of a bus topology. Every network device was connected to the same, shared media. In low traffic or small networks, this was an acceptable deployment. The main problem to solve was how to identify each device. The signal could be sent to every device, but how would each device identify if it were the intended receiver of the message?

using MAC Address Structure

MAC Address = 48 bit size

The MAC address value is a direct result of IEEE-enforced rules for vendors to ensure globally unique addresses for each Ethernet device (kita bisa bilang…ini nomor/alamat Mesin). The rules established by IEEE require any vendor that sells Ethernet devices to register with IEEE. The IEEE assigns the vendor a 3-byte code, called the Organizationally Unique Identifier (OUI) (ada 1 pertanyaan CCNA Exam tentang ginian loh…wkwkw kampret kan..ginian jg ditanyain).

IEEE requires a vendor to follow two simple rules:

  • All MAC addresses assigned to a NIC or other Ethernet device must use that vendor’s assigned OUI as the first 3 bytes.
  • All MAC addresses with the same OUI must be assigned a unique value (vendor code or serial number) in the last 3 bytes.

The MAC address is often referred to as a burned-in address (BIA) because it is burned into ROM (Read-Only Memory) on the NIC. This means that the address is encoded into the ROM chip permanently – it cannot be changed by software. (makanya kadang disebut Physical Address)

However, when the computer starts up, the NIC copies the address into RAM. When examining frames, it is the address in RAM that is used as the source address to compare with the destination address. The MAC address is used by the NIC to determine if a message should be passed to the upper layers for processing. (makanya ada software2/hardware2 buat duplikat MAC address…contohnya aja TP-LINK…ada tuh buat duplicate mac address…biasanya buat Internetan pake Cable modem kek FastNet)

Figure 1 Taken from Wikipedia.org

The source device sends the data through the network. Each NIC in the network views the information to see if the MAC address matches its physical address. If there is no match, the device discards the frame. When the frame reaches the destination where the MAC of the NIC matches the destination MAC of the frame, the NIC passes the frame up the OSI layers, where the decapsulation process take place.

All devices connected to an Ethernet LAN have MAC-addressed interfaces. Different hardware and software manufacturers might represent the MAC address in different hexadecimal formats. The address formats might be similar to 00-05-9A-3C-78-00, 00:05:9A:3C:78:00, or 0005.9A3C.7800 (klo lo liat2 sama…Cuma beda penempatan titk, dash, sama titik dua aja). MAC addresses are assigned to workstations, servers, printers, switches, and routers any device that must originate and/or receive data on the network.

Hexadecimal Numbering on Ethernet

View MAC Address

Ketik di command prompt > ipconfig /all

Sekarang….coba search…di http://standards.ieee.org/develop/regauth/oui/public.html , MAC address lo siapa yang bikin (LAN Card/ NIC lo manufakturnya siapa?? Dari ketik ipconfig /all, alamat MAC uda diketahui kan ?? nah…3 HURUF pertama adalah kode dari vendor / manufaktur LAN Card / NIC lo)

Oh iya…sebelum lupa….

Ketika host send frame…untuk bisa sampai ke tujuan, tergantung tipe koneksinya (Unicast, Broadcast, Multicast)

  1. Klo UNICAST= switch/router akan baca DESTINATION MAC & IP Address
  2. Klo Multicast = switch/router akan baca DESTINATION MAC Address & IP Multicast (224.0.0.1)
  3. Klo Broadcast = switch/router akan baca BROADCAST MAC & IP Address (FF-FF-FF-FF-FF-FF (dan 255.255.255.255 ga ada IP sama sekali) & 192.168.1. [255] ) – 255: broadcast (kalau subnet mask/prefix nya adalah /24, klo /23, /25, itu itung lagi..bisa dengan VLSM)

Media Access Control in Ethernet (CSMA/CD) – The Process

Collision Domain

Karena metode CSMA/CD sewaktu2 bisa saja terjadi collision, maka kita perlu tahu…daerah mana yang sering terjadi collision

Hub (Multi Port Repeater) = yaitu alat untuk menghubungkan device satu dengan yang lain, 1 Hub = 1 Collision Domain (dikarenakan Hub adalah network devices tipe lama), kalau ga ngerti…penjelasannya ada di bawah ini (Switch)

Switch = fungsi sama dengan Hub, hanya saja karena Switch adalah teknologi baru, dia bisa menghubungkan device yang 1 dengan yang lain dengan resiko ZERO collision, kenapa ?? karena tiap port dalam switch adalah 1 collision domain tersendiri, koq bisa tiap 1 port adalah 1 domain collision sedangkan Hub adalah 1 collision domain tanpa perduli jumlah portnya ??? karena switch bisa menggunakan teknologi multiplexing (memecah data dan mentransfernya tanpa harus tabrakan dengan packet lain), kelemahan dari multiplexing adalah, lebih lambat transfer datanya (kan dipecah2 dulu / segmentasi)

The electrical signal that is transmitted takes a certain amount of time (latency) to propagate (travel) down the cable

Ethernet with throughput speeds of 10 Mbps and slower are asynchronous. An asynchronous communication in this context means that each receiving device will use the 8 bytes of timing information to synchronize the receive circuit to the incoming data and then discard the 8 bytes.

Ethernet implementations with throughput of 100 Mbps and higher are synchronous. Synchronous communication in this context means that the timing information is not required. However, for compatibility reasons, the Preamble and Start Frame Delimiter (SFD) fields are still present.

Type of Ethernet (lebih lengkap)

ARP Process – Mapping IP to MAC Address

ARP means Address Resolution Protocol (Mapping IP to MAC Address), ARP inilah yg dipakai ketika suatu host ingin menemukan host lainnya untuk mengirim datanya

ARP-How it works:

NO ARP Entry at First


Broadcast ARP Frame


Unicast Frame from 10.10.0.3 (owner of destination frame)


Adding MAC Address of Destination Host to its ARP Cache

Done….

Standar ARP “ping” (di windows sih) itu dalah 2 menit, jika “tetangga” menjawab, akan ditambah jadi 10 menit, untuk bisa ping2an lagi

As a broadcast frame, an ARP request is received and processed by every device on the local network. On a typical business network, these broadcasts would probably have minimal impact on network performance. However, if a large number of devices were to be powered up and all start accessing network services at the same time, there could be some reduction in performance for a short period of time. For example, if all students in a lab logged into classroom computers and attempted to access the Internet at the same time, there could be delays. (Overhead on the Media)

In some cases, the use of ARP can lead to a potential security risk. ARP spoofing, or ARP poisoning, is a technique used by an attacker to inject the wrong MAC address association into a network by issuing fake ARP requests. An attacker forges the MAC address of a device and then frames can be sent to the wrong destination. (Security)

Manually configuring static ARP associations is one way to prevent ARP spoofing. Authorized MAC addresses can be configured on some network devices to restrict network access to only those devices listed.

*untuk Spoofing dan ARP Poisoning nanti akan kita pelajari

Network Basic Theory 9 (Physical Layer)

Leave a comment

The purpose of the Physical layer is to create the electrical, optical, or microwave signal that represents the bits in each frame

Pengiriman Frame dari Data Link ke local medium membutuhkan persyaratan dari Physical Layer berikut :

  • The physical media and associated connectors
  • A representation of bits on the media
  • Encoding of data and control information
  • Transmitter and receiver circuitry on the network devices

At this stage of the communication process, the user data has been segmented by the Transport layer, placed into packets by the Network layer, and further encapsulated as frames by the Data Link layer

There are three basic forms of network media on which data is represented:

  • Copper cable
  • Fiber
  • Wireless

Similar to technologies associated with the Data Link layer, the Physical layer technologies are defined by organizations such as:

  • The International Organization for Standardization (ISO)
  • The Institute of Electrical and Electronics Engineers (IEEE)
  • The American National Standards Institute (ANSI)
  • The International Telecommunication Union (ITU)
  • The Electronics Industry Alliance/Telecommunications Industry Association (EIA/TIA)
  • National telecommunications authorities such as the Federal Communication Commission (FCC) in the USA.

The technologies defined by these organizations include four areas of the Physical layer standards:

  • Physical and electrical properties of the media
  • Mechanical properties (materials, dimensions, pinouts) of the connectors
  • Bit representation by the signals (encoding)
  • Definition of control information signals

The three fundamental functions of the Physical layer are:

  • The physical components
  • Data encoding
  • Signaling

Physical Components: ’nuff said

Data Encoding: Encoding is a method of converting a stream of data bits into a predefined code. Codes are groupings of bits used to provide a predictable pattern that can be recognized by both the sender and the received. Using predictable patterns helps to distinguish data bits from control bits and provide better media error detection

Signaling: The method of representing the bits is called the signaling method, The Physical layer must generate the electrical, optical, or wireless signals that represent the “1” and “0” on the media. (1 = Adanya Listrik alias NYALA, 0 = tidak ada nya listrik alias MATI)

Beberapa cara untuk merepresentasikan sinyal ke medium:

  • Membedakan amplitude
  • Membedakan frequency
  • Membedakan phase
  • Membedakan clock rate

Signaling

  • NRZ Signaling

  • Manchester Encoding Signaling (10BaseT Ethernet running with this encoding signal !! )

Mengenali Signal Frame dari data link layer

A code group is a consecutive sequence of code bits that are interpreted and mapped as data bit patterns. For example, code bits 10101 could represent the data bits 0011.

Encoding techniques use bit patterns called symbols. The Physical layer may use a set of encoded symbols – called code groups – to represent encoded data or control information

By transmitting symbols, the error detection capabilities and timing synchronization between transmitting and receiving devices are enhanced

Advantages using code groups include:

  • Reducing bit level error (They do this by using symbols to ensure that not too many “1” or “0” are used in a row
  • Limiting the effective energy transmitted into the media (Transmitting a long series of “1”could overheat the transmitting laser and the photo diodes in the receiver, potentially causing higher error rates)
  • Helping to distinguish data bits from control bits

    The code groups have three types of symbols:

    • Data symbols – Symbols that represent the data of the frame as it is passed down to the Physical layer.
    • Control symbols – Special codes injected by the Physical layer used to control transmission. These include end-of-frame and idle media symbols.
    • Invalid symbols – Symbols that have patterns not allowed on the media. The receipt of an invalid symbol indicates a frame error.

    The symbols encoded onto the media are all unique. The symbols representing the data being sent through the network have different bit patterns than the symbols used for control. These differences allow the Physical layer in the receiving node to immediately distinguish data from control information.

  • Better media error detection (In addition to the data symbols and control symbols, code groups contain invalid symbols. These are the symbols that could create long series of 1s or 0s on the media; therefore, they are not used by the transmitting node. If a receiving node receives one of these patterns, the Physical layer can determine that there has been an error in data reception.)

*Intinya dari code group adalah (klo bingung) setiap transmisi data kan pake listrik (contohnya), nah transmisi listrik itu kan “kedap-kedip” tuh…nyala-mati nyala-mati gitu, nah simbol2 untuk nyala dan mati itu 1 dan 0, klo kebanyakan 1 aliasnyala mulu….panas bisa medianya, klo 0 mulu…mati doooonkk, intinya code group ini untuk ENSURE connectivity.

Contoh code group 4b/5b (jujur..gw ga ngerti…wakakak)

Bermain di physical layer berarti kita bermain di bits

BITS = 1 & 0

BYTES = 8 BIT

And the rest are…

The practical bandwidth of a network is determined by a combination of factors:

  • The properties of the physical media
  • The technologies chosen for signaling and detecting network signals.

Physical media properties, current technologies, and the laws of physics all play a role in determining available bandwidth

Throughput is the measure of the transfer of bits across the media over a given period of time. Due to a number of factors, throughput usually does not match the specified bandwidth in Physical layer implementations such as Ethernet.

Goodput is the measure of usable data transferred over a given period of time, and is therefore the measure that is of most interest to network users. goodput measures the effective transfer of user data between Application layer entities, such as between a source web server process and a destination web browser device.
Unlike throughput, which measures the transfer of bits and not the transfer of usable data, goodput accounts for bits devoted to protocol overhead. Goodput is throughput minus traffic overhead for establishing sessions, acknowledgements, and encapsulation.

As an example, consider two hosts on a LAN transferring a file. The bandwidth of the LAN is 100 Mbps. Due to the sharing and media overhead

Jadi sebenernya….yg kita bilang cepet nih bandwidthnya, cepet nih transfer datanya…itu adalah Goodput (kita biasa bilang throughput malah). Aktual dari sesi kirim2an datanya adalah throughput

Tipe Media

  • Ethernet

Yang sering kita pake di LAN adalah FastEthernet 100Base-TX (NRZ Encoding), 10BASE-T hanya bisa mentransfer 10Mbit/s walau dengan jarak tempuh yang sama dengan 100Base-TX (yaitu 100 meter)

Sedang 100Base-FX itu adalah kabel fiber optic

1000Base-CX adalah GigabitEthernet (klo FastEthernet biasa kan dari 8 kabel hanya 4 kabel yg dipakai buat tuker2an data / transmisi data, klo Gigabit…8-8 nya dipakai, FastEthernet menggunakan UTP[Unshielded Twisted Pair], sedang 1000Base-CX menggunakan STP /kebalikannya UTP), tipe kabel ini masi dipakai, contoh: IBM Blade Server dengan switching mereka (transmisi tinggi dan jarak yang pendek memungkinkan mereka untuk ensure connectivity, reliability, and speed)

1000Base-T adalah GigabitEthernet JUGA..hanya dengan kabel UTP

1000Base-SX, 1000Base-LX, 1000Base-ZX, 10GBase-ZR adalah kabel fiber optic (yang membedakan adalah metode pengiriman signal pada kabel fiber optic dan besarnya kabel fiber optic itu sendiri)

*GW POSTING INI PAS WIKIPEDIA LAGI BLACKOUT…ASUUU…..FUCK SOPA !!!

*catatan:

  • SMF: Single mode fiber, yaitu teknik pensinyalan dengan hanya mengirimkan 1 “ray” cahaya dalam satu waktu
  • MMF: Multi mode fiber, kebalikannya

*dalam teknik mensinyalan di fiber optic, rumit..penuh dengan hukum fisika, ada Helmholtz equation, ada Maxwell’s equations, cari sendiri dah 😆

MMDS: Multipoint Multichannel Distribution Service / BRS (Broadband Radio Service)

LMDS: Local Multichannel Distribution Service

penjelasannya dibawah ^_^

Cable types with shielding or twisting of the pairs of wires are designed to minimize signal degradation due to electronic noise.

UTP Cable

TIA/EIA-568 alias T568A & T568B

Coaxial Cable

Coaxial is also the most widely used media for transporting high radio frequency signals over wire, especially cable television signals. Traditional cable television, exclusively transmitting in one direction, was composed completely of coax cable.

Untuk Cable ISP, main backbone nya memakai fiber optic, hanya saja, di customer location (modem) dan wiring inside customer’s premises (router / alat ISP yang provide internet ke Modem-nya LANGSUNG) tetap memakai coaxial. Ini yang dinamakan Hybrid Fiber Coax (HFC)

STP

Shielded Twisted Pair ini walaupun sudah digantikan fungsinya dengan UTP, tapi beberapa perusahaan masih ada yang memakai STP (contoh: IBM)

STP cable shields the entire bundle of wires within the cable as well as the individual wire pairs. STP provides better noise protection than UTP cabling, however at a
significantly higher price.

Fiber Optic

Given that the fibers used in fiber-optic media are not electrical conductors, the media is immune to electromagnetic interference and will not conduct unwanted electrical currents due to grounding issues. Because optical fibers are thin and have relatively low signal loss, they can be operated at much greater lengths than copper media, without the need for signal regeneration. Some optical fiber Physical layer specifications allow lengths that can reach multiple kilometers.

Optical fiber media implementation issues include:

  • More expensive (usually) than copper media over the same distance (but for a higher capacity)
  • Different skills and equipment required to terminate and splice the cable infrastructure
  • More careful handling than copper media

At present, in most enterprise environments (mainly ISP), optical fiber is primarily used as backbone cabling for high-traffic point-to-point connections between data distribution facilities and for the interconnection of buildings in multi-building campuses. Because optical fiber does not conduct electricity and has low signal loss, it is well suited for these uses.

Karena serat fiber optic HANYA BISA mentransmit cahaya SATU arah, maka untuk full duplex mode harus membutuhkan 2 serat fiber

  • SMF (Single-mode optical fiber) carries a single ray of light, usually emitted from a laser. Because the laser light is uni-directional and travels down the center of the fiber, this type of fiber can transmit optical pulses for very long distances.
  • MMF (Multimode fiber) typically uses LED emitters that do not create a single coherent light wave. Instead, light from an LED enters the multimode fiber at different angles. Because light entering the fiber at different angles takes different amounts of time to travel down the fiber, long fiber runs may result in the pulses becoming blurred on reception at the receiving end. This effect, known as modal dispersion, limits the length of multimode fiber segments.

Multimode fiber, and the LED light source used with it, is cheaper than single-mode fiber and its laser-based emitter technology.

Wireless

The IEEE and telecommunications industry standards for wireless data communications cover both the Data Link and Physical layers. Four common data communications standards that apply to wireless media are:

  • Standard IEEE 802.11 – Commonly referred to as Wi-Fi, is a Wireless LAN (WLAN) technology that uses a contention or non-deterministic system with a Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA) media access process.
  • Standard IEEE 802.15 – Wireless Personal Area Network (WPAN) standard, commonly known as “Bluetooth“, uses a device pairing process to communicate over distances from 1 to 100 meters.
  • Standard IEEE 802.16 – Commonly known as Worldwide Interoperability for Microwave Access (WiMAX), uses a point-to-multipoint topology to provide wireless broadband access.
  • Global System for Mobile Communications (GSM) – Includes Physical layer specifications that enable the implementation of the Layer 2 General Packet Radio Service (GPRS) protocol to provide data transfer over mobile cellular telephony networks.

Other wireless technologies such as satellite communications provide data network connectivity for locations without another means of connection. Protocols including GPRS enable data to be transferred between earth stations and satellite links.

In each of the above examples, Physical layer specifications are applied to areas that include:

  • data to radio signal encoding
  • frequency and power of transmission
  • signal reception and decoding requirements
  • and antenna design and construction.

A common wireless data implementation is enabling devices to wirelessly connect via a LAN. In general, a wireless LAN requires the following network devices:

  • Wireless Access Point (AP) – Concentrates the wireless signals from users and connects, usually through a copper cable, to the existing copper-based network infrastructure such as Ethernet.
  • Wireless NIC adapters – Provides wireless communication capability to each network host.

Wireless Wi-Fi Standard

  • IEEE 802.11aOperates in the 5 GHz frequency band and offers speeds of up to 54 Mbps. Because this standard operates at higher frequencies, it has a smaller coverage area and is less effective at penetrating building structures. Devices operating under this standard are not interoperable with the 802.11b and 802.11g standards described below.
  • IEEE 802.11bOperates in the 2.4 GHz frequency band and offers speeds of up to 11 Mbps. Devices implementing this standard have a longer range and are better able to penetrate building structures than devices based on 802.11a.
  • IEEE 802.11gOperates in the 2.4 GHz frequency band and offers speeds of up to 54 Mbps. Devices implementing this standard therefore operate at the same radio frequency and range as 802.11b but with the bandwidth of 802.11a.
  • IEEE 802.11n – The IEEE 802.11n standard is currently in draft form. The proposed standard defines frequency of 2.4 Ghz or 5 GHz. The typical expected data rates are 100 Mbps to 210 Mbps with a distance range of up to 70 meters.

The benefits of wireless data communications technologies are evident, especially the savings on costly premises wiring and the convenience of host mobility. However, network administrators need to develop and apply stringent security policies and processes to protect wireless LANs from unauthorized access and damage

Connector