You are on page 1of 22

Ethernet training

Section 1 – Why Deploy Ethernet?
1.1 Background
Years ago, voice service drove the design and deployment of wide area networks
throughout the world. Over the past 10 years this has changed. The desire for
information across the country and across the globe has lead to a focus on next generation
data networks in the wide area.
Initial data deployments were at low speeds and with low reliability. Typical rates were
between 9.6 kb/s and 64 kb/s running X.25. The customer, in this case, owned the data
service, with the provider owning the pipe.
Next generation services allowed the carrier to offer the pipe as well as the data service,
offering more revenue to the carrier and more flexibility and support to the customer.
The first data services were bases on the SMDS standard. Speeds were still slow, but the
service was more reliable.
The next step in data service is our current position. Technologies such as frame relay
and ATM lead the way for customers to spread their data across the globe. Speeds are no
longer limited to 64kb/s. A customer can purchase data services from 64kb/s up to
2.4Gbs and higher. Point-to-point or point-to-multi point services are available.
As well as ATM and frame relay, carriers are now offering Ethernet to their customers.
Why would a customer want to go to Ethernet instead of staying with their existing frame
relay or ATM data services?
Frame relay, a technology designed to carry data, is not widely available above a T1
(1.544Mbs). In some areas, as much as a DS3 (45Mbs) frame relay pipe can be ordered.
ATM offers a wider range of speeds, T1 (1.544Mbs) to an OC-12 (622Mbs), but is not as
efficient with data as frame relay. ATM was designed to carry voice, video, and data all
on one pipe. This added functionality adds a lot of overhead to the data stream.
Ethernet offers a range of speeds and is focused solely on data. Ethernet allows the
customer to save time and money by not having to buy expensive routers to convert their
LAN traffic to a WAN technology. With the wide scale carrier based deployment of
Ethernet, customers will be able to buy Ethernet pipes ranging from 10 Mb/s through
1Gb/s. In the near future, the next generation of Ethernet will be available running at
10Gb/s.

1.2 Ethernet’s Capabilities
The benefit of Ethernet, and its main reason to exist, is that it handles data traffic
extremely well. Various technologies such as Appletalk, DECnet, TCP/IP, and IPX
(Novell) are equally handled and transported by Ethernet. LAN administrators could

build a network with all of these technologies running simultaneously and Ethernet could
handle the task.
In today’s LAN environment, there are two main types of technologies that exist with
Ethernet – IPX and IP. IPX is Novell’s technology designed mainly to manage printers,
servers, and access to mainframes. This technology typically resides on a LAN and does
not often traverse the wide area network. It is not often that a person in Atlanta, for
example, will want to print a document in their New York office. It is more likely they
will print it locally and fax it, if necessary.
IP (Internet Protocol) represents the bulk to the traffic that traverses Ethernet networks.
This is the addressing scheme that enables the Internet and many other technologies
around the globe to work together. IP is the main driver to Ethernet’s growth. Since IP
was created initially to support the Internet, it is critical to understand the history of the
Internet.

1.3 Internet History
Today’s Internet was created in 1969 through a government-sponsored project called
ARPANET (Advanced Research Projects Agency Network). The purpose of ARPANET
was to test and determine the viability of packet switched networks. The first
deployment of ARPANET was at four separate locations: Stanford Research Institute, the
University of California at Santa Barbara, the University of California at Los Angeles,
and the University of Utah.
The initial tests went well and ARPANET grew. It had become obvious to the
researchers that non-military as well as military personnel could benefit from a large,
interconnected network. It was also clear that a more reliable set of protocols was
required to handle the ever-growing network. In 1973, ARPANET added IP, TCP, UDP,
and ICMP (Ping) to the list of supported protocols. This allowed traffic to be handled
quickly and easily by the end stations. It also offered error correction and retransmission
of lost data. In 1981, the NSF (National Science Foundation) approved funds for the
Computer Science Network (CSNET). This network allowed both university and
industry to share information.
In 1984 ARPANET was split into two different networks – one for military and one for
non-military traffic. At the same time, the NSF expanded its funding and established
NSFNET. NSFNET connected six supercomputers together with high-speed lines –
much faster than ARPANET. Because of this, ARPANET became obsolete, and was
dismantled in the very early 1990s.
In 1993 the NSF announced it would no longer provide the traditional backbone services
it had it the past. It did state that it would specify several locations where users could
gain access to the Internet. These sites are called NAPs (Network Access Points).
The network built to replace NSFNET is referred to as the vBNS (very high speed
Backbone Network Service). In 1995, NSFNET was officially turned off and vBNS took
over 100% of the domestic Internet traffic (see figure below).

CA applied the ALHOA network principles and created the world’s first Local Area Network (LAN). Norman Abramson pioneered the precepts of Ethernet by developing this packet radio networking system that ran at 4800bp/s and 9600bp/s. the Gang of Three) in 1980 as Ethernet. Version 2. This first version of Ethernet ran at speeds up to 2. the weather. Beyond that. Finding directions.4 Ethernet History The University of Hawaii’s ALOHA network is considered to be the ancestor of all shared media networks. . Version 1 (commonly referred to as Ethernet DIX80).94Mbps. 1. this version of Ethernet was not successfully commercialized. the Internet is the maze of sites and information that we have come to use every day. First commercial released was by DEC. the name was later changed to Ethernet. This is the standard we know today as Ethernet. Robert Metcalfe and David Boggs at Xerox Corporation in Palo Alto. In 1968.Today. Version 2 (commonly referred to as Ethernet DIX82). Intel and Xerox (DIX. or information on any topic. the web offers it all. One of the first customers of Ethernet was the White House – it was used for word processing. The second revision release was in 1982 as Ethernet. A few years later (1973). Initially named ALTO ALOHA.

3 specification. Section 2 .In 1980. Any time two or more computers pass information. It was this combination of low cost transmission medium with an agreed standard that led to the wide deployment of Ethernet.3.Technology Overview By understanding a few basic concepts. Ethernet demand from services providers will grow tremendously over the next decade.3i standard and quickly became the preferred Ethernet media type. . Each block has its own function and role in getting data from one point to another point. the transmission medium needed to be agreed on. which used a proprietary frame format based on a preliminary specification of the IEEE 802. and is cheap to deploy.2 Logical Link Control (LLC). The following sections are focused on that goal. 1. is optimized for next generation data services. Now that the overall packet standards were finished. SynOptics Communications developed a mechanism for transmitting 10Mbps Ethernet signals over twisted-pair cables. 2.3 specification. In the late 1980s. Ethernet and Ethernet turn-up/troubleshooting will be easily within your grasp. in some form. Since Ethernet is a mature technology. the IEEE formed its Project 802 to provide a framework for the standardization of LAN technology. The model (shown below) is a series of basic building blocks. will require more bandwidth that is optimized for data. the IEEE approved the IEEE 802. which included IEEE 802. SNAP was created for the new IEEE 802. This model. Ethernet is the technology that will allow customers access to higher speeds optimized for data. Novell released Novell Netware ’86 in 1983.1 OSI Model The ISO (International Standards Organization) designed the OSI (Open System Interconnect) model for data communications.5 Summary Next generation services such as managed IP and voice over IP. This is the same Novell that is used today to manage printers and servers. is followed by ALL data communications. In order to resolve this incompatibility. In 1983. is built around a solid standard. they follow the OSI model. This made the Novell Netware proprietary format incompatible with the latest technology. The Ethernet-over-twisted-pair standard (10BASE-T) was approved by the IEEE in 1990 as the IEEE 802.

frame relay) or can be provided by the customer in a point-to-point leased line environment (e.LAYER 7 Application LAYER 6 Presentation LAYER 5 Session LAYER 4 Transport LAYER 3 Network LAYER 2 Data Link LAYER 1 Physical • Physical Layer – Layer 1 The physical layer represents the “pipe”. or any service provider offers to its customers. • Network – Layer 3 The network layer currently represents the beginning of customer traffic.g. . This is normally what BellSouth. If a packet or two is missed. There are two parts to the physical layer – the physical media and the bandwidth. HDLC or PPP). • Data Link – Layer 2 The data link is the beginning of the data and offers the basic data framing. If all the packets making up the e-mail don’t make it.g. The transport layer identifies the application that rides within the data packet and makes sure that all packets get from the source to the destination. coax. the lower layers and the application meet.g. The physical media could be twisted pair copper. AT&T. This layer can be provided by the carrier (e. Connectionless applications are those that do not require all packets to get from source to destination. the computer will skip a few bars of music and keep playing. There are two types of connections – connection oriented (TCP) and connectionless (UDP). The addressing type for this layer is often a router or a computer. the e-mail is unreadable. Examples of network layer protocols include IP and IPX • Transport – Layer 4 At this layer. T1 B8ZS). This layer also specifies the connection type. Connection oriented applications require all packets to get from the source to the destination. or fiber. An example of this would be streaming audio. The bandwidth is a combination of signal characteristics and rates (e. This is the layer where computers speak to each other and data is addressed for end-toend communications. An example of this is e-mail.

none of the data will pass across the copper. A house can have multiple people. Each layer builds upon the next layer – the bottom layer being the physical layer. it won’t get to the destination. being the basic data format. DATA LINK LAYER The data link. Similarly. it is easy to identify and solve.g. 6. The layers can be . POP3 mail. the data at layers 2 and up will not properly get from the source to the destination. It is the actual piece of information sent from one location destined for another location to be read by a specific person TRANSPORT LAYER The final part is the name that resides on the envelope. data link. These types of problems tend to come and go and are difficult to identify. For purposes of this training class. PHYSICAL LAYER The roads and trucks that carry the mail are analogous to the physical layer. SMTP mail. would look like the envelope that the letter is put into. APPLICATION LAYER The application is the letter. network. In this case. city. Many of these marginal problems will show themselves at the higher layers.1. transport. When looking at problem circuits.1 OSI MODEL ANALOGY In order to better understand the five-layer model we will work with for this training (physical. and 7 In most data communication networks today. 2.• Session. 6. The name on the envelope identifies who should read the letter NETWORK LAYER The address put on the envelope represents the network layer. state. The roads represent the copper or fiber. 2. T1). The envelope identifies one letter from another. these layers merge together into just the application. No matter how perfect the envelope or how well it is addressed. If you look at our mail model. Aspects of Lotus Notes. and web surfing all have layers 5. so can a computer have multiple applications. if the truck can’t carry the mail. It is important to remember that almost any layer 3 technology can reside on any layer 2 technology which could reside on any layer 1 technology. a closed road or broken down mail truck means no mail delivery.1. and Application – Layers 5. Since the failure is total and usually very obvious.3 EXAMPLES OF OSI LAYER TECHNOLOGIES The following table gives examples of technologies and what layer they reside within the OSI model. if the copper that carries the customer data is bad or the T1 is mis-optioned. The more difficult problems to solve are on the marginal circuits. we will combine these layers together into only layer 7 and refer to this as the application layer. some problems are easier to identify than others. even though the problem is at lower layers of the OSI model. 2. the address would be the street address. and zip code. If a farmer in Georgia cuts through a pair of copper.2 OSI MODEL IMPORTANCE The most important portion of the OSI model is apparent when dealing with a service issue or turn-up. while the truck represents the technology (e.1. and application) we offer a parallel model built around something everyone is used to – mail delivery. and 7 built into them. Presentation.

100BASE-X is often seen on copper but is occasionally deployed over fiber to extend the range of the signal. . Ethernet.25Gb/s. T3 (coax). ATM. OSI LAYER FROM HOME . UDP. There are currently three standards widely deployed: • 10BASE-X – This Ethernet standard runs at 10Mb/s.3 Ethernet standards. It can be run over copper for short distances.25Gb/s. This is the most common type of Ethernet deployed within local area networks. Each layer is independent of the layer above and below. T3. 2. 802. The data rate is 1Gb/s. T1. but the line coding used (8B/10B) creates a bit rate of 1.2.3 (Ethernet) Using the above table.2 Ethernet 101 Now that we have completed OSI model 101. SMTP. The electrical specifications are based on the IEEE 802. SPX IP. PPP. The electrical characteristics of the signal are determined by the speed at which the Ethernet runs. SONET. IPX HDLC. WWW. such as T1 (twisted pair). OSI LAYER TECHNOLOGY APPLICATION TRANSPORT NETWORK DATA LINK PHYSICAL Lotus Notes. we can move onto the technology of interest. and SONET (fiber). This is the same for standard TDM based services.DSL FROM OFFICE APPLICATION TRANSPORT NETWORK DATA LINK PHYSICAL HTTP (WWW) TCP IP PPP QFSK HTTP (WWW) TCP IP ATM DMT HTTP (WWW) TCP IP Frame Relay T1 Notice that the end-to-end addressing scheme (layer 3 – IP) is constant no matter how you surf the web. here are three specific examples of how people can surf the web. DMT (DSL). This technology is most often seen running over fiber. the cable types change (from low grade copper to higher grade copper to fiber). 2.switched around depending on the network architecture (dial-up or DSL). • 1000BASE-X/Gigabit – 1000BASE-T/Gigabit Ethernet has a speed of 1.MODEM FROM HOME . As the speed increases from standard to standard. Frame Relay. MAC QFSK (modem).1 ETHERNET 101 – PHYSICAL LAYER The physical layer for Ethernet is defined by certain electrical and bit rate specifications. Most new networks are built with 100BASE-X links. if required. POP3 TCP. This standard is almost always seen running over copper. • 100BASE-X – This Ethernet standard runs at 100Mb/s.

is almost always seen in a full duplex configuration. This is the beginning of the basic data format for Ethernet. as their names suggest.3. and the CRC. 2. however. control information. If any of the bits change while the packet traverses the network. are the fields in the data frame that identify the source and destination MAC addresses for the frame. There is. This is where the upper layer information is encapsulated. one part of the Ethernet standard that is more prevalent for gigabit than for the 10BASE-X and 100BASE-X standard – Pause Control. A half duplex circuit is either speaking or listening – it is incapable of both simultaneously. • Data Field – This field is the meat of the frame. As Ethernet speeds grew and the bandwidth requirements grew with them. This layer is referred to as the MAC layer – Media Access Control. There are four main parts to this particular frame – destination address. source address. 100BASE-X or 1000BASEX/Gigabit. . • Frame Type – This field contains information that determines the format of the frame – either an Ethertype field for Ethernet Version II or a Length field for IEEE 802. this is not a problem. The Source address is the device that transmitted the frame and the Destination address is the device destined to receive the frame. Because of its speed. DESTINATION ADDRESS SOURCE ADDRESS FRAME TYPE INFORMATION (DATA) F C S • Source/Destination Address Field . 100BASE-X can be seen as a full duplex or half duplex. Below is what a basic Ethernet frame looks like. the FCS value will no longer be correct. This particular type of Ethernet is what is driving the carrier based Ethernet deployment.2 ETHERNET 101 – DATA LINK The data link layer for Ethernet is the same for 10BASE-X.The source and destination address fields. The FCS is a calculation done by the equipment generating the frame on the total bits in the frame. The device receiving the packet at the far end will see that the frame has been corrupted during transmission and will discard the frame. A full duplex circuit is able to transmit and receive at the same time. being the slowest Ethernet speed. • FCS Field – This is the frame check sequence. full duplex became more critical.2. 100BASE-X or 1000BASEX/Gigabit Ethernet. Gigabit Ethernet. All of what has been discussed applies to 10BASE-X. 10BASE-X Ethernet is most commonly deployed in a half duplex environment.Another important physical layer characteristic of Ethernet is full duplex or half duplex operation. depending on the bandwidth requirements. similar to a phone where a person can speak and hear at the same time. with its high bandwidth capabilities.

For the purposes of our training. The overall role of IP is routing of the packet from the source to the destination. pause control standard allowed a local element to tell the far end element to slow down until the local element caught up. this is still part of the Ethernet standard and can be seen in deployed networks.3 ETHERNET 101 – NETWORK LAYER The network layer resides within the information field of the data link layer (2. destination.2). If we look back to the OSI model from the previous section. Take a look at the OSI model for Ethernet that we have built so far… LAYERS 5/6/7 Application LAYER 4 Transport LAYER 3 Network LAYER 2 MAC LAYER 1 802. . It is not responsible for quality of service. Almost all potential customers are standardized on IP based networks as well. It is more complicated than a MAC frame. At this layer we are looking at individual computer addresses or web site addresses. For an Ethernet deployment. causing customer traffic errors – dirty fiber connections or bad media converters (electrical-to-optical or short range optical to long range optical).2. We will focus on IP for this section – this is the technology that almost all carriers are moving forward with to provide next generation services. Because of this. we will focus on a few of the fields below.Pause control frames allow Ethernet elements to throttle the actual throughput of the link real time.2. That is the responsibility of higher layers of the OSI model. If a customer or a carrier element is registering bad FCS frames. all information above will be corrupted. Commonly used network layer protocols include IP (most common) and IPX (Novell). there are events and issues we can see that would cause FCS errors. Below is a picture of the IP portion of an Ethernet frame. 2. As with the MAC layer. the IP layer contains source. When gigabit Ethernet was first released. and a FCS. many elements could not support long durations of full bandwidth routing. Although not as prevalent as a few years ago. It does not keep track of numbers of packets or lost packets through the network. a bad physical layer often causes it. there are several danger spots that would cause the physical layer to be bad.3 If the physical layer is bad. Most elements could support full 10BASE-X and 100BASE-X rates.

com When you enter an address in the URL field. The IP FCS allows a technician to correlate layer 2 versus layer 3 FCS issues.the third layer is now IP. IP AND THE INTERNET IP addresses have four different value locations. The frame check sequence is a layer 3 frame check sequence.123 The mechanism that allows a user to get from a computer to an Internet site is through the IP addressing scheme built into the internet and a the local computer. like Acterna’s: www. See the insert for more information about what an IP address looks like and how it relates to the Internet.acterna.234. One could look like: 212. This server converts the web address to the IP address – you just don’t see it. • The Information field is the next level up on the OSI model.com. The requesting packet would be small. However.VERSION TTL IHL IDENTIFIER TOS TOTAL LENGTH FLAGS FRAGMENT OFFSET HEADER CHECKSUM (FCS) PROTOCOL SOURCE ADDRESS DESTINATION ADDRESS INFORMATION (DATA) OPTIONS AND PADDING • Like the MAC frame. This includes all of the upper layer information at the Transport and Application layers. enter in the IP address above – you will get to the same location.80 In the URL field. The destination and source address are the final end point addresses. a source address.43. • The length field identifies the overall length of the information field. The response is often a large web page. There is a difference. Here is how it looks: . your computer sends that URL to a DNS sever (Domain Name Server). destination address. an Internet URL request is a short connection request. • Finally. It is important to notice that the info field can have a wide range. instead of entering in www. the IP frame includes a and a FCS/CRC check. however. the FCS finishes off the frame.acterna. Acterna’s IP address on the Internet is: 157. not the next addressable port. For example.223. We can now add a layer to our OSI model for Ethernet carrier based deployments. you don’t enter in IP address into the URL field of your browser – you enter in a web address. The overall length of the address field could range from 46 bytes to 1500 bytes. while the response packets would be larger to accommodate the larger amounts of data.52. We have the physical layer and the data link layer identified . This allows various size packets to be put into one IP frame. each ranging from 0 to 255.

4. the packet will not arrive at the proper destination (like mis-addressing an e-mail). the OSI layers: OSI Application. Built into the TCP Data Link MAC Network overhead information of the TCP frame are Interface Physical Ethernet sequence numbers.3 Now that we have added the IP layer. The chart below shows the ARPA layers vs. users will not be able to transmit their data to the destination. Example Protocol ARPA Process/ • Basic data transfer and reliability . 2. As discussed earlier. Presentation. Multiplexing 5. If a user mis-addresses a packet. If any packets do not arrive. It is obvious to see that the main goal of IP is getting packets from a beginning point (source) to the end point (destination). These two protocols are very different in their roles and responsibilities and are important to distinguish. any errors at lower layers will corrupt the traffic above.4 ETHERNET 101 – TRANSPORT LAYER The final layer of the OSI model prior to the actual desired data is the transport layer. Security THE ARPA HOST-TO-HOST MODEL When dealing with host-to-host communications. 2. make sure that And Session Transport TCP/UDP Host-to-Host all data gets from the beginning to the end Network IP Internet of the network. the TCP layer knows which . These are: 1. We will break this section up into two separate sections – TCP and UDP. we have another layer for events to occur at. Basic data transfer 2. Reliability 3. There are two main protocols that reside over IP and are common transport protocols in an IP network. These protocols are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). Flow control 4. This is apparent from the basic IP frame format.g. Connection Management 6. HTTP Application being connection oriented.2. If the addressing scheme is flawed (e.1 ETHERNET 101 – TCP – CONNECTION ORIENTED TCP has six main responsibilities. customers will often speak in the ARPA model instead of the OSI model.2. These numbers keep track of all of the information sent and the order in which it arrives.LAYERS 5/6/7 Application LAYER 4 Transport LAYER 3 IP LAYER 2 MAC LAYER 1 802.TCP. DNS server is not operating properly). It is critical that the physical layer and MAC layer be clean for IP to properly run.

• Connection Management and Security – When two end points begin a conversation. It is this way that each end knows if it is sending to much data for the far end to handle. we can look at the frame and its parts. will attempt to confirm that the requesting end has the right to access the information. if implemented. The receiving end point manages the connection and. however. • Checksum – This field. It is outside the scope of this training course to get into each portion of the TCP header. As packets are sent from one end point to the other. and makes sure outbound packets are properly identified by the far end. a few fields that are worth discussing. like our other checksum fields.packets didn’t arrive and requests those lost packets. • Multiplexing – We are all used to running multiple applications on our PCs at one time. • Source / Destination Port – These are the address fields that identifies the application type • Sequence/Acknowledgement Number – These are the fields that keep track of the packet sequences and which packet have and have not arrived from the far end sender. Below is a typical TCP frame: SOURCE PORT OFFSET RESERVED URG CHECKSUM DESTINATION PORT SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER ACK PSH RST SYN FIN WINDOW URGENT POINTER OPTIONS AND PADDING INFORMATION (DATA) Compared to our less featured protocols. Now that TCP’s responsibilities have been identified. such as MAC. there is another portion of the header that contains a value known as a window size. • Flow Control – Along with the sequence numbers discussed above. TCP not only connects us to the other end point (web or e-mail). It is this layer that allows small blips in local area networks and wide area networks to not be noticed by the user. the requesting end point requests a connection to the receiving end point. . There are. represents the basic CRC/FCS for the frame. the TCP frame is extremely complicated and has many different fields responsible for the various tasks described above. The window size gives each end the value of the buffer size of the far end. the window size for each machine is passed. Often times we are checking our e-mail and surfing one or more websites at the same time. but it also manages which packets entering your computer are from the web or e-mail.

SOURCE PORT LENGTH DESTINATION PORT CHECKSUM INFORMATION (DATA) Why would we use UDP? The main use for UDP is for those applications.com for example.2.2. which do not require all the data to arrive to work. UDP is for those applications. CNN has many viewers with different computers. to watch the latest news report. www. and link qualities. etc.cnn. CNN can’t stop transmitting video and retransmit some packets that one user did not get. When a user logs into a streaming website. More importantly.2 ETHERNET 101 – UDP – CONNECTIONLESS UDP is simpler protocol than TCP. connection speeds. which cannot use the information unless it arrives in the sequence in which it was sent: VoIP.3 . the OSI model can be re-examined as a complete set of building blocks: LAYERS 5/6/7 Application LAYER 4 TCP/UDP LAYER 3 IP LAYER 2 MAC LAYER 1 802. UDP is designed with the following features: 1. Basic data transfer 2. Connection management Based on this reduced feature set.4. 2. streaming video.2. we can look directly at the UDP frame and get a good understanding of how it works and why it has a reduced feature set. UDP allows users to connect to CNN without all of the management and security that would cause the video service to fail.4. CNN doesn’t want to know anything about what their users are getting real time.3 ETHERNET 101 – TRANSPORT SUMMARY With the solid understanding of the transport layer.

all of the users packets have the SYN bit low because the user has been granted access. If your packet rate is 40Mb/s.3 Common Terms and Definitions There are a lot of terms that get applied to all of the technology that has been taught to this point. and can’t accept any legitimate requests from legitimate users. but never actually follow up with the connection.2. There is no guarantee that any of the traffic will get from one side to the other. runs at 1. Along with our common terms and definitions. For example. or gigabit). the throughput of the system is 90%. however. It is very much a quality of service metric. A denial of service attack occurs when a hacker gets multiple computers to keep sending requests to connect. The web site is flooded with connection requests. How does anything reliably run over Ethernet? The answer is TCP and UPD. for example. If 100 packets are sent. Any traffic put onto the link will get to the far end. then the overall utilization is 40%. 2.544Mb/s at all times. It is at these layers that sequence numbers along with other portions of the overhead check. This tells the website to set aside bandwidth and a connection spot. A T1. So. DENIAL OF SERVICE ATTACKS (DOS) Over the last year we have heard reports of the Whitehouse website and Yahoo! being taken down by denial of service attacks. we will go over some common customer complaints and what they mean. 100Mb/s. and 90 of them arrive at the far end. the utilization could jump from 0% to 100% and back to zero within a few moments.3. it is considered a “best effort” technology. Ethernet does not offer similar guarantees. When a user connects to a website. Utilization for data can fluctuate widely throughout the day on an operational network. Round trip delay specifically addresses the time it . a denial of service attack is caused by thousands of TCP frames with the SYN bit set to one with no follow up information. the first TCP packet they send has the SYN bit set to one (high). 2. a 100meg Ethernet link (100BASE-X) has an available bandwidth of 100Mb/s. From there on. This section will explain many of these terms within the context of an Ethernet deployment. Throughput.1 DEFINITIONS AND TERMS • Utilization – The utilization on a link is determined by comparing the packet rate to the overall bandwidth of a link. Traditional WAN technologies are not “best effort”.5 ETHERNET 101 – CONNECTIONLESS? Although Ethernet operates at specific speeds (10Mb/s. • Round Trip Delay / Latency – Round trip delay and latency are time measurements for a network. runs out of room. • Throughput – Throughput is a measurement not unlike utilization. and resend any data within an application. measures the number of packets sent versus the number of packets received.2. Depending on who is doing what at any given moment. confirm.

is counted. For a point-topoint data T1. If VLAN tagging is added (layer 2. It is a lot like dividing up traffic onto major highways (VLANs) in order to get them closer to their destination. Frame sizes range from 64 bytes to 1518 bytes.2. packets are also counted by their size (see section 2. The customer’s router can often count these . the maximum frame size increases to 1522 bytes. Latency is the time from one point to another. • CPE – CPE stands for Customer Premise Equipment. o Retransmissions – Retransmissions occur when the far end does not receive all of the data it was sent. It usually refers to the customer equipment or the overall customer site. the payload line is between layers 1 and layer 2. Occasionally. There are several CPE terms that you need to be familiar with in order to understand the customer. A PDU is typically layer 3 and above.4. It is also labeled as a good packets (good FCS) or a bad packet (FCS error). • PDU – PDU stands for Protocol Data Unit. From section 2. With VLAN tagging. but it is a little easier to manage the traffic from a network standpoint. we learned that TCP sequences packets so that lost packets would be identified and retransmitted. • Frame Size – Frame size is measured from the beginning of the Ethernet packet to the end of the packet. For frame relay.takes for a packet to go from one point on the network to another point and back again.3 for size ranges).2. The destination is still the same (IP).5 VLAN LAYER 2 MAC LAYER 1 802. An existing WAN technology would be DLCIs (frame relay) or VCCs (ATM). the line is between layer 2 and 3. as it is received. Latency can be measured for a single element (router) or for an entire network path. • Payload – The payload of a packet is often viewed as layer 4 and up – effectively the application. • VLAN – VLAN stands for Virtual Local Area Network.5). Payload can also be the line between the carrier service and the customer data. the model looks like this: LAYERS 4 TCP/UDP LAYER 3 IP LAYER 2.3 • Frame Counts – Frame counts are just packet counts. A VLAN is a way to separate traffic on a LAN into different sub groups. VLAN tagging actually adds a sub layer to the OSI model. Each packet.

or even the network layer. If a customer can’t “ping” the far end device.retransmissions and express them as an error condition.1 – Deployment Options The two deployment options. . so retransmissions can be a sign of a physical layer. data link layer. Section 3 – Gigabit / 10BASE-X / 100BASE-X Deployment Most carriers are offering two versions of the Ethernet services to date. the packets “collide” and are unreadable. 3. o Collisions – On a half-duplex Ethernet link. A ping is a packet that is sent from a source address to a destination address and back again. transparent and addressable. These are counted when one or more of the bits in a packet have been switched (e. On full-duplex links. This event is known as a collision. These are overly long packets (> 1518 bytes). An analogy would be when FedEX scans a package as it goes through each one of its distribution centers. One of the services is based on the “transparent LAN” model. he can’t send traffic there. o Ping – Another common CPE term is a “ping”. this is a non-event because there are separate transmit and receive paths. 1 to a 0). The other is based on the “addressable LAN” model. Broken NIC cards/ports often cause jabbers o Bad FCS – Bad FCS frames are those frames with an incorrect CRC/FCS value. o Symbol Errors – Symbol errors represent a line coding issues at the physical layer. It is important to remember that errors in the lower layers can corrupt the higher layers. o Jabbers/Oversize – A jabber is the opposite of a runt. This allows a user to determine if the network will allow traffic to go from one point to another.g. each computer has to share the bandwidth with the rest of the computers. are based on the OSI layer that is required for the traffic to transverse the network. • Ethernet Errors – There are several types of Ethernet errors that you need to be aware of in order to turn-up and troubleshoot an Ethernet service: o Runts/Undersize – These errors are generically defined as any packet less then the minimum 64 byte length and does not have a CRC/FCS value. o Trace Route – A trace route is a means for a user to trace all IP addressable devices in the network from one point to another. This allows the user to see all the points along the way of a packet’s journey. The user can see each point the package touched on its journey. If two or more computers on the network broadcast at the same time.

This service is ONLY point-to-point. This allows 10BASE-X or 100BASE-X to travel miles. the Ethernet is limited to an OC-12 worth of bandwidth. converted back to the appropriate wavelength for the Ethernet service. The core network for this . this is more than enough. A layer 2. If the electrical or optical characteristics of the signal are correct. For 10BASE-X or 100BASE-X.5 service (VLAN layer) is available with some carriers today and on the horizon for most. Also. this requires the customer to correctly address at layer 2.25Gb/s). and have no idea if the Ethernet traffic is traveling 5 feet or 50 miles. A layer 2 service (MAC layer) is the most common available today. Like the DWDM based option. an STS-12 circuit only offers about 60% of the room required. the Ethernet signal is placed directly into the transport system. A media convert takes a signal – electrical or optical – and converts it into a long haul optical signal.1. however. VLAN tagging allows the user to easily set up a point-to-multipoint network using a very simple addressing scheme. the service will pass the data. To overcome this. An OSR looks at the Ethernet packets and routes them based on their destination MAC address. this type of service is offered via a DWDM (Dense Wave Division Multiplexing) system. the tags are very easy for the carrier to read and allow for quick and efficient routing. although already optical. A media converter can receive the 850nm or 1310nm and convert it to 1550nm. Normally gigabit Ethernet is available at 850nm or 1310nm – both considered short haul wavelengths. Transparent service requires only that the first layer of the OSI model (physical) is properly formatted in order to pass traffic. Another way for transparent LANs to work is through media converters. By using addressing schemes. such as ATM.2 ADDRESSABLE LAN (OSI LAYER 2 SERVICE) This type of offering has more flexibility but it is slightly more complicated to turn-up and troubleshoot. If the SONET pipe available to the Ethernet is only an STS-12 (622Mb/s).1 – TRANSPARENT LAN (OSI LAYER 1 SERVICE) By “transparent” we mean that the LAN sites on either end of the service are tied together by a pipe. The customer only has access to 60% of the total possible bandwidth.1. 3. Typically. some providers are offering gigabit Ethernet encapsulated into an STS-24c or STS-48c. Whatever the card receives is transmitted over the long haul and delivered to the far end. layer 2. the customer must provide some type of addressing.3. An incorrect destination MAC address causes the OSR to ignore the packet. This type of service is typically offered using an OSR (Optical Switched Router). A final option for transparent services is using a standard ADM (Add/Drop Multiplexer). Instead of a SONET card being the customer interface. The core network for a MAC based service can be a traditional core. In OSI terms. Unlike the DWDM option. For gigabit Ethernet (1.5. or layer 3. the card is Ethernet (typically gigabit). can benefit from media converters. the signal is limited by the SONET signal structure. In order for this service to operate. Gigabit Ethernet. the carrier can sell the service as a point-to-multipoint service instead of just a point-to-point.

both point-to-point services as well as point-to-multipoint services are available.2. The service uses addressing schemes either at layer 2. 3. When the word managed is added. the carrier owns that portion of the service. Because the service requires addressing to route the packets. The screen shots shown throughout this document will be using an Acterna FST-2802 Ethernet services test tool. For the most part. Another layer 3 type of service is generically called managed Ethernet. layer 2. or it may be encapsulated in a traditional WAN service. This signal may remain as native Ethernet over fiber from end-to-end.2.2 Network Architecture For carriers. such as SONET or ATM. we will discuss turn-up and troubleshooting of a basic Ethernet service. these are the different types of equipment and architecture that will be used to deploy Ethernet. but requires the OSR to map different VLAN tags to the appropriate ATM circuit. 3. without corrupted any data. Gigabit Ethernet is often converted from 850nm or 1310nm to a 1550nm signal. This transformation is totally transparent to the customer.5. but the VPN server is owned and operated by the enterprise customer. A layer 3 service (IP layer) is not widely deployed today. The problem. a large IP network would need to be set up in the core. Effectively. Without an IP core.2 ROUTER/OSR POINT-TO-MULTI-POINT A router or OSR (Optical Switched Router) type deployment offers carriers more flexibility and growth than a DWDM point-to-point Ethernet deployment. the carrier takes a signal and converts it to a different type of signal. or layer 3. In order for a full IP addressable service to be offered. Section 4 – Turn-up and troubleshooting of Ethernet networks For the purposes of this section. any turn-up of the service will require addressing on the test set. Many enterprise networks currently utilize VPNs. typically a POS (Packet Over SONET) network. If either the technician or the customer misaddresses packets. Other Acterna products. while traversing the cloud. such as the DA3400 and the DominoFE and DomnioGIG offer similar feature sets and could be used in place of the FST-2802. . An example of a managed Ethernet service would be a VPN.1 MEDIA CONVERTER DEPLOYMENT This deployment is based on a transparent service using media converters.service can be traditional ATM. 10BASE-X and 100BASE-X circuit are converted to an optical signal for long haul transport. making the circuit look down at the physical layer. however. is at higher levels. IP addressable LANs will not come to fruition. Currently. 3. the pipe will not pass any of the traffic.

the element may drop or corrupt some frames.2. In order to confirm that the pipe is clean and will transport the customer’s traffic. Higher speed circuits require even traffic is not corrupted is critical longer test times. When setting up a test set to generate traffic. and traffic profile.1. 4. From a customer standpoint.25Gb/s or HOW LONG TO GENERATE TRAFFIC? less. Therefore with the speed of the circuit.4. To have any sense that larger frames. Lower speeds generating traffic at the maximum circuits. Smaller frames A circuit tested for a short time period (30 cause elements to work harder than seconds to just a few minutes) is not truly to be error free. frame size. there are three main parameters that must be specified: utilization.510). this portion is irrelevant to the Ethernet service. the technician must generate traffic and confirm that all of the traffic traverses the network without being corrupted. • Utilization – This is the most critical setting. At high utilizations. generating traffic at the maximum rate is the only way to confirm that the circuit can pass the customer data at the guaranteed rate and without errors. • Frame Size – Different frame sizes can affect elements. such as a T1. the maximum bandwidth available to the end user may vary. Depending on the service. . When turning up a circuit. • Payload – The payload is the PDU portion of the frame. turn-up and troubleshooting of Ethernet networks is critical to confirm that the service works prior to the hand-off. The two main units of measure are actual bit rate (megabits per second) or percent of the total available bandwidth. there are several different units of measure. this is the most critical portion of the service. the Ethernet pipe may pass 1. For the most part. and less time for the element to process a frame before the next frame arrives.1 TRAFFIC RATE – CONSTANT BANDWIDTH When setting utilization. To confirm Ethernet services the technician will generate traffic and measure that traffic for various different parameters. have test length line rate and confirming that the requirements of 15 to 45 minutes (ANSI T1.2 Turn-up testing 4. a test should be small frames have a smaller payload run for at least 15 full minutes error free. Because of this. The carrier and type of network will determine the The time required to fully test a circuit varies maximum throughput. This section covers those types of traffic that will need to be generated as well as the measurements to be made on that traffic. 4. the ability to edit the payload may be a requirement for some turn-ups.1 Overview of turn-up and troubleshooting As with any service.1 TRAFFIC GENERATION An Ethernet service is a pipe offered to the customer to transport traffic from one point to another point. The reason is that proven a circuit is going to be reliable. Depending on how the carrier is offering the Ethernet service.2. Stating bandwidth in terms of percent of the total available bandwidth is the most common way.

5%. like the constant rate test.2 TRAFFIC RATE – RAMP Another option for generating traffic is to step up the traffic rate over time. The easier way to accomplish this is to have the test set do it for you. waiting for a short time.3 TRAFFIC RATE – BURSTY Bursty traffic is a way to simulate real customer data. Errors include runts. etc). Firstly. When the test set is set to bursty.2. If there are errors on the link.1.1. etc). When setting up a ramp test. the test set is able to emulate customer data more easily. 10%.2 RESULTS After setting up and generating traffic. the user must enter the step rate (2%.2.2. any received errors are an indication of a problem. The frame size (section 2.2. Now that you know the step size. 1 minute. By generating the different frames real time. confirms that the service works and will pass all of the customer’s traffic without errors. Setting a constant bandwidth.2. the traffic utilization is adjusted around a particular rate. the test set varies the traffic in two important ways. Either the customer network or the carrier network will drop any errored of these frames A screen shot of the FST-2802 test pad offers visibility into the types of errors that are tracked. 4. Customer traffic has a wide variety of frame sizes due to different applications and their different requirements. To begin generating any traffic. the utilization will fluctuate around the 50%. By stepping up the traffic at specific intervals. The ramp test. 4. the step function will identify the rate at which the errors are being caused. jabbers. much like customer traffic will. 5 minutes. Any errors will be displayed .1 INTERPRETING ERRORS When generating traffic. the user needs to set the time at each step (20 seconds. the results of the test need to be analyzed to confirm that the service will or will not work per the standard.1) is also varied by the test set. and then restarting the test at a higher bandwidth can accomplish this. there are a couple of extra parameters over the constant rate test. and bad FCS frames. the service can be proven to be error free at all rates. similar to the QRSS test pattern for a standard T1 BER (Bit Error Rate) test. If the user sets the average at 50%.3. not just at the maximum bandwidth being offered. 4.The maximum bandwidth test should run error free and offer the customer proof that the circuit will pass traffic appropriately. 4.

This packet has a sequence number (similar to the TCP sequence number) and a time stamp.2. The first three show utilization as a percent of total bandwidth. please see the FST-2802 training manual. It is EXTREMELY difficult to take down a reported marginal circuit. This allows the FST-2802 to do real time QoS/SLA analysis including lost packet rate and round trip delay.3 FST-2802 DETAIL INFORMATION For more information on the FST-2802. Toward the bottom of the window. Errors will be displayed in two different categories – Error Stats and Summary. even though the service is marginal. The first six results are the ones that will be mainly used. can generate an Acterna test packet. Larger customers often have protocol analysis tools.2. Fiber.2). while the second three show utilization as a frame rate.2. The FST-2802. This manual will give a full understanding of all of the features and set up choices for the FST-2802 4. For Ethernet services. there are no test points. For a more traditional customer offering. . 2. The screen shot to the left shows the link statistics that the FST-2802 collects. as one of its packet generation options. notice the PAUSE Frames result. All of the statistics captured in the screen gives the user a complete view of how the circuit is behaving. like T1. The summary view scans all results and picks out anything out of specification that is seen by the test unit. In order monitor a live circuit an optical splitter must be inserted.for the user to see. 4. 4. especially gigabit. The customer will have a similar issue when trying to monitor the WAN traffic. which most technicians do not have.2. not to let the service be taken down for an out of service troubleshooting test. by design does not offer a simple way to see the information on the pipe in a monitor mode. there are several link statistics that the technician can use to confirm that the traffic he is sending is getting properly received by the test set. It is common for customers.2 INTERPRETING LINK STATISTICS Whether the link has errors or is operating nominally. The pause control frames are those frames that tell elements to slow down or speed up their transmission rate (section 2.4 SUMMARY Proving a service is operational prior to customer traffic being placed on the circuit is critical for two reasons: 1.2. there are access points for analysis that do not take the customer down. One important error result seen in the summary portion of the picture is the lost frames result.

QOS/SLA? QoS: Quality of Service SLA: Service Level Agreement Many applications that run on a customer network are not tolerant of long delays through the network. owns the local Ethernet switch. some customers will require that the latency and packet loss / error rate be the same or better than the latency and error rate stated in the contract. . Since the customer owns the Ethernet switches. however. Prior to handing off a circuit. The only way to prove to the customer that his circuit meets the specified requirements is to generate known traffic and measure the latency and error rate received. By properly turning up Ethernet services. Performing a test like this is often called a QoS test. the provider does not often have the ability to test from that point. The switch has the ability to “mirror” any port to another. a carrier can reduce return trips to the customer site and feel confident that their service is reliable. therefore. The cause of this delay through the network could be a LAN (customer) or a WAN (carrier) problem. for enterprise customers to use their Ethernet switches as test points. It is common. without taking down the network.The customer.