Ethernet, Switches, and VLANs
Ethernet is the de facto standard for wired LANs, handling the majority of worldwide LAN traffic. Since its invention by Bob Metcalfe in 1973, it has evolved from 10 Mbps to 400 Gbps today.
In this post, we examine MAC addresses and the ARP protocol, Ethernet frame structure, link-layer switch operation, VLANs, and data center networks.
1. MAC Addresses and ARP
1.1 MAC Address
A MAC (Media Access Control) address is a 48-bit (6-byte) physical address assigned to a network interface.
MAC Address Structure
======================
1A:2B:3C:4D:5E:6F (hexadecimal notation)
- 48 bits = 6 bytes
- First 24 bits: OUI (Organizationally Unique Identifier)
Example: 00:1A:2B = Ayecom Technology
- Last 24 bits: Unique number assigned by manufacturer
- Broadcast address: FF:FF:FF:FF:FF:FF
IP Address vs MAC Address:
IP Address: Network layer, logical, changes with location
MAC Address: Link layer, physical, fixed (embedded in NIC)
1.2 ARP (Address Resolution Protocol)
ARP translates IP addresses to MAC addresses. It operates within the same subnet.
ARP Operation
===============
Host A (192.168.1.10) sends data to Host B (192.168.1.20)
1. A's ARP table does not have B's MAC address
2. A broadcasts ARP request:
"What is the MAC address for 192.168.1.20?"
Destination MAC: FF:FF:FF:FF:FF:FF (broadcast)
Source MAC: A's MAC address
3. All nodes in the subnet receive the ARP request
Only B responds: "My MAC address is BB:BB:BB:BB:BB:BB"
Destination MAC: A's MAC address (unicast)
4. A stores B's mapping in ARP table (TTL: typically 20 minutes)
ARP Table Example:
IP Address | MAC Address | TTL
----------------+---------------------+------
192.168.1.20 | BB:BB:BB:BB:BB:BB | 13 min
192.168.1.1 | AA:AA:AA:AA:AA:AA | 8 min
1.3 Communication Between Different Subnets
When communicating with a host in a different subnet, the gateway router's MAC address is used.
Inter-Subnet Communication
============================
Host A (10.0.0.2) --> Host B (20.0.0.2)
Subnet 1 Router Subnet 2
[A: 10.0.0.2] ---- [10.0.0.1 | 20.0.0.1] ---- [B: 20.0.0.2]
MAC: AA MAC: R1L | MAC: R1R MAC: BB
Step 1: A sends to router
Source MAC: AA, Destination MAC: R1L
Source IP: 10.0.0.2, Destination IP: 20.0.0.2
Step 2: Router sends to B
Source MAC: R1R, Destination MAC: BB
Source IP: 10.0.0.2, Destination IP: 20.0.0.2
--> MAC addresses change per hop, IP addresses remain end-to-end
2. Ethernet Frame Structure
Ethernet Frame Format
=======================
+----------+----------+----------+------+----------+-----+
| Preamble | Dest MAC | Src MAC | Type | Data | CRC |
| 8 bytes | 6 bytes | 6 bytes | 2 B | 46~1500 | 4 B |
+----------+----------+----------+------+----------+-----+
Field Descriptions:
Preamble (8 bytes):
- 7 bytes: 10101010 pattern (clock synchronization)
- 1 byte: 10101011 (SFD, Start of Frame Delimiter)
Dest MAC (6 bytes): Destination MAC address
Src MAC (6 bytes): Source MAC address
Type (2 bytes): Upper layer protocol identifier
- 0x0800: IPv4
- 0x0806: ARP
- 0x86DD: IPv6
Data (46~1500 bytes): Payload
- Minimum 46 bytes (padded if less)
- Maximum 1500 bytes (MTU)
CRC (4 bytes): Error detection (CRC-32)
2.1 Ethernet Characteristics
Ethernet Characteristics
==========================
- Connectionless: No handshake
- Unreliable: No ACK/NAK, erroneous frames are simply discarded
(Upper layer TCP handles retransmission)
- Uses CSMA/CD (half-duplex mode)
(CSMA/CD not needed in full-duplex mode)
Ethernet Speed Evolution:
10 Mbps (10BASE-T) 1990s
100 Mbps (Fast Ethernet) 1995
1 Gbps (Gigabit) 1999
10 Gbps (10GbE) 2002
40/100 Gbps 2010
400 Gbps 2017
3. Link-Layer Switches
3.1 Role of Switches
A link-layer switch examines the MAC address of incoming frames and forwards them to the appropriate port. Its presence is transparent to hosts and routers.
Switch Operation Overview
===========================
Port1 Port2 Port3 Port4
| | | |
+--+--------+--------+--------+--+
| Link-Layer Switch |
+--+--------+--------+--------+--+
| | | |
[A] [B] [C] [D]
A sends frame to C:
1. Switch receives frame on Port 1
2. Destination MAC = C's MAC
3. Switch table lookup: C is on Port 3
4. Forward frame only to Port 3
--> B and D do not receive this frame
3.2 Self-Learning
Switches automatically build their switch table without any configuration.
Self-Learning Algorithm
=========================
When frame arrives on port x with source MAC = AA:
--> Record in switch table: MAC AA is on port x (set TTL)
Switch Table Building Process:
Time 0: Table is empty
Time 1: A (Port 1) sends frame to C
Table: A -> Port 1
C's location unknown --> Flooding (send to all ports except Port 1)
Time 2: C (Port 3) replies to A
Table: A -> Port 1, C -> Port 3
A's location is known --> Forward only to Port 1
Time 3: B (Port 2) sends to A
Table: A -> Port 1, C -> Port 3, B -> Port 2
A's location is known --> Forward only to Port 1
3.3 Spanning Tree Protocol (STP)
If there are loops in the network, frames circulate endlessly. STP prevents loops by deactivating certain ports to form a tree structure.
Spanning Tree Example
=======================
Topology with loops:
[SW1] ---- [SW2]
| \ / |
| \ / |
| X |
| / \ |
| / \ |
[SW3] ---- [SW4]
After STP applied (some links deactivated):
[SW1] ---- [SW2]
| |
| |
[SW3] [SW4]
Deactivated links: SW1-SW4, SW2-SW3, SW3-SW4
--> Loop-free tree structure formed
STP operation steps:
1. **Root Bridge Election**: Switch with the smallest bridge ID becomes root
2. **Root Port Selection**: Port with minimum cost path to root on each non-root switch
3. **Designated Port Selection**: Port with lowest cost to root on each segment
4. **Block Remaining Ports**: Ports that are neither root nor designated are blocked
4. Switch vs Router
Switch vs Router Comparison
==============================
Item | Switch (L2) | Router (L3)
-------------------+----------------------+--------------------
Operating Layer | Link Layer (L2) | Network Layer (L3)
Address Used | MAC Address | IP Address
Table | Switch Table | Forwarding Table
Plug and Play | Self-learning (yes) | Configuration needed (partial)
Loop Handling | STP required | TTL natural elimination
Broadcast | Propagates everywhere| Can be blocked
Scalability | Limited at large scale| Hierarchical scaling possible
5. VLAN (Virtual Local Area Network)
5.1 Need for VLANs
VLANs separate a single physical switch into multiple logical LANs.
When VLANs Are Needed
========================
Physically one switch:
Ports 1-4: Marketing team
Ports 5-8: Development team
Ports 9-12: Management
Without VLAN: All broadcasts propagate to all ports
--> Security issues, performance degradation
With VLAN:
VLAN 10 (Marketing): Ports 1-4
VLAN 20 (Development): Ports 5-8
VLAN 30 (Management): Ports 9-12
--> Each VLAN is an independent broadcast domain
--> Inter-VLAN communication only through a router
5.2 Trunk Ports and 802.1Q
Trunk ports are used when configuring VLANs across multiple switches.
VLAN Trunking
===============
[Switch 1] [Switch 2]
VLAN 10: Ports 1,2 Trunk VLAN 10: Ports 1,2
VLAN 20: Ports 3,4 <=========> VLAN 20: Ports 3,4
Trunk port: Carries frames from multiple VLANs over a single link
802.1Q Tag (4 bytes):
+--------+-----+-------+---------+
| TPID | PRI | CFI | VLAN ID |
| 0x8100 | 3b | 1b | 12 bits |
+--------+-----+-------+---------+
VLAN ID: 0~4095 (4096 VLANs possible)
Operation: Add 802.1Q tag when sending frame over trunk
Receiver checks tag and forwards to appropriate VLAN port
6. MPLS (Multiprotocol Label Switching)
6.1 Concept of MPLS
MPLS uses short labels instead of IP addresses for fast forwarding. It operates between the link layer and network layer.
MPLS Operation
================
Normal IP Routing:
Each router performs longest prefix matching based on IP address (slow)
MPLS Routing:
Ingress router assigns label --> Intermediate routers only reference label (fast)
Packet Structure:
[L2 Header][MPLS Label][IP Header][Data]
MPLS Header (4 bytes):
+-------+-----+---+-----+
| Label | Exp | S | TTL |
| 20bit | 3b | 1b| 8b |
+-------+-----+---+-----+
Advantages:
- Faster forwarding than IP routing
- Traffic engineering possible
- Easy VPN configuration
7. Data Center Networks
7.1 Scale of Data Centers
Large data centers house tens to hundreds of thousands of servers, and the network design connecting them is critical.
Data Center Network Topology
===============================
Traditional Hierarchical Structure:
[Core Switch]
/ | \
[Aggregation] [Aggregation] [Aggregation]
/ \ / \ / \
[ToR] [ToR] [ToR] [ToR] [ToR] [ToR]
||| ||| ||| ||| ||| |||
Servers Servers Servers Servers Servers Servers
ToR: Top-of-Rack switch (located on top of rack)
Aggregation: Aggregation switch
Core: Core switch
Problem: Bandwidth bottleneck toward upper layers
7.2 Fat-Tree Topology
Fat-Tree Topology
====================
[Core Switches]
/ | | | | | | | \
[Agg1] [Agg2] [Agg3] [Agg4]
/ | \ / | \ / | \ / | \
[ToR] [ToR] [ToR] [ToR] [ToR] [ToR]
Features:
- Equal bandwidth at all layers
- Load balancing through multiple paths
- Can use inexpensive commodity switches
- Maximizes bisection bandwidth between servers
7.3 Load Balancing
Data Center Load Balancing
============================
External Request --> [Load Balancer] --> Server 1
--> Server 2
--> Server 3
--> Server 4
Load Balancer Roles:
- Exposes a single public IP to the outside
- Distributes incoming requests to internal servers
- Monitors server health (health checks)
- L4 (TCP port-based) or L7 (HTTP-based) distribution
8. Summary
| Concept | Key Points |
| -------------- | ----------------------------------------------- |
| MAC Address | 48-bit physical address, fixed in NIC |
| ARP | Translates IP to MAC, broadcast request |
| Ethernet Frame | Preamble + MAC + Type + Data + CRC |
| Self-Learning | Switch auto-builds table from source MACs |
| STP | Maintains tree structure for loop prevention |
| VLAN | Separates one switch into multiple logical LANs |
| 802.1Q | Adds VLAN tag (4 bytes) to frame |
| MPLS | Label-based fast forwarding |
In the next post, we will examine the characteristics of wireless networks and mobile communications.
References
- James F. Kurose, Keith W. Ross, "Computer Networking: A Top-Down Approach", 6th Edition, Chapter 5
- IEEE 802.3 - Ethernet Standard
- IEEE 802.1Q - VLAN Tagging
- RFC 826 - An Ethernet Address Resolution Protocol
현재 단락 (1/247)
Ethernet is the de facto standard for wired LANs, handling the majority of worldwide LAN traffic. Si...