Chapter 2: Network Access

CCNA Routing and Switching

Introduction to Networks v6.0
OBJECTIVES 2.1 Construct physical layer
protocols and network media

Explain data link layer

2.2 protocols and media access
control

2.3 Describe Ethernet and

ARP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Physical Layer
Protocols and Network
Media

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Physical Layer Protocols

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Physical Layer Connection
Types of Connections
 Before network
communications can
occur, a physical
connection to a local
network must be
established.
 A physical connection
can be a wired
connection using a
cable or a wireless
connection using
radio waves.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Physical Layer Connection
Network Interface Cards

 Network Interface Cards (NICs) connect a device to

a network.
 Used for a wired connection.

 Wireless Local Area Network

(WLAN) NICs are used for
wireless connections.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Purpose of the Physical Layer
The Physical Layer
• Provides the means to
transport the bits that
make up a data link
layer frame across the
network media.
• Accepts a complete
frame from the data
link layer and encodes
it as a series of signals
that are transmitted
onto the local media.
• Encoded bits that
comprise a frame are
received by either an
end device or an
intermediate device.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Purpose of the Physical Layer
Physical Layer Media

Three basic
forms of
network media

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Purpose of the Physical Layer
Physical Layer Standards

 International Organization for

Standardization (ISO)
 Telecommunications Industry
Association/Electronic
Industries Association
(TIA/EIA)
 International
Telecommunication Union
(ITU)
 American National Standards
Institute (ANSI)
 Institute of Electrical and
Electronics Engineers (IEEE)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
 Creates and maintains standards Encourage competition and
affecting a wide range of industries To maintain an open Internet innovation.
including power and energy, freely accessible To guarantee no company
healthcare, telecommunications and specifications and protocols will monopolize the market.
networking. that can be implemented by
any vendor
-Provide specifications for
products, services and good
practice, helping to make Open
industry more efficient and standards
effective Promoting and facilitates
importance open development of
standards and protocols for
coordinates U.S. standards with the technical infrastructure of
international standards so that the internet
American products can be used Responsible for overall
worldwide. management and
Physical Layer Standard Internet development of internet
architecture board
- EIA is the series of standards for Organization standards.
residential and commercial network
cabling and must be followed to
comply with government legal and
safety requirements. Manages IANA and the
Internet Protocol address
spaces for IPv4 and IPv6,
Develop communication
Internet's global Domain
standards for various
Name System and
telecommunication To develop, update, and
equipments assignment of address
blocks to regional Internet Internet maintain Inetrnet and TCP/IP
registries. ICANN also Research technologies, focuses on
Responsible for short-term issues
maintains registries of Task Force
issues that concern
Internet protocol identifiers.
information and
Manage global IP address allocation, Focused on long term
communication
autonomous system number research related to Internet
technologies; IPTV,
allocation, root zone management in and TCP/IP protocols,
DSL, video
the Domain Name System (DNS), applications, architectures
compression.
media types, and other Internet © 2016 Cisco and/or its affiliates. All rights reserved.
and technologies.
Cisco Confidential 10
Protocol-related symbols and numbers
Physical Layer Characteristics
Functions
 Encoding
The transition occurs at the
• Method of converting a stream of
middle of each bit period.
data bits into a predefined
"code”.
 Signaling Method
• Method of representing the bits.
• Physical layer standards must
define what type of signal Modulation is the
represents a "1" and what type process by
of signal represents a "0”. which the
• Long pulse might represent a 1 characteristic of
whereas a short pulse one wave (the
represents a 0. signal) modifies
another wave
(the carrier).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Physical Layer Characteristics
Bandwidth
 Capacity of a medium to carry data.

 Digital bandwidth measures the amount of data that can flow from one place to another in a given
amount of time.
 Bandwidth is sometimes thought of as the speed that bits travel, however this is not accurate. In
both 10Mb/s and 100Mb/s Ethernet, the bits are sent at the speed of electricity. The difference is
the number of bits that are transmitted per second.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Physical Layer Characteristics
Throughput
 Measure of the transfer of bits across
the media over a given period of time.
 Usually does not match the specified
bandwidth in physical layer
implementations due to many factors.
• Amount of traffic
• Type of traffic
• Latency created by network devices
encountered between source and
destination

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Physical Layer Characteristics
Types of Physical Media
The figure shows different types of interfaces and ports available on a 1941 router.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Network Media

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Copper Cabling
Characteristics of Copper Media
 Transmitted on copper cables as electrical pulses.

 Attenuation - the longer the signal travels, the

more it deteriorates.
 All copper media must follow strict distance
limitations.
 Electromagnetic interference (EMI) or radio
frequency interference (RFI) - distorts and corrupts
the data signals being carried by copper media.
• To counter copper cables wrapped in shielding.
 Crosstalk - disturbance caused by the electric or
magnetic fields of a signal on one wire to the
signal in an adjacent wire.
• To cancel crosstalk opposing circuit wire pairs
twisted together.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Copper Cabling
Copper Media
There are three main types of copper media used in networking.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Copper Cabling
Unshielded Twisted-Pair Cable
 UTP cabling is the most common networking media.
• Terminated with RJ-45 connectors.
• Used for interconnecting network hosts with networking devices such as switches.
• Consists of four pairs of color-coded wires that have been twisted together to help protect against signal
interference from other wires.
• Color codes aid in cable termination.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Copper Cabling
Shielded Twisted-Pair (STP) Cable

 STP provides better noise protection than

UTP.
 STP cable is significantly more expensive
and difficult to install.
 Uses an RJ-45 connector.

 Combines the techniques of shielding to

counter EMI and RFI, and wire twisting to
counter crosstalk.
 Uses four pairs of wires, each wrapped in a
foil shield, which are then wrapped in an
overall metallic braid or foil.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Copper Cabling
Coaxial Cable
 Coax consists of:
• A copper conductor used to transmit the electronic signals.
• A layer of flexible plastic insulation surrounding a copper
conductor.
• The insulating material is surrounded in a woven copper
braid, or metallic foil, that acts as the second wire in the
circuit and as a shield for the inner conductor.
• The entire cable is covered with a cable jacket to prevent
minor physical damage.
 UTP cable has essentially replaced coaxial cable in
modern Ethernet installations but is used in:
• Wireless installations: Coaxial cables attach antennas to
wireless devices.
• Cable Internet installations

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Copper Cabling
Copper Media Safety
Copper media are susceptible to fire and electrical hazards.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
UTP Cabling
Properties of UTP Cabling
 Consists of four pairs of color-coded copper
wires that have been twisted together and
then encased in a flexible plastic sheath.
 Small size can be advantageous during
installation. Notice that the
 UTP cable does not use shielding to counter orange/orange white
the effects of EMI and RFI. pair is twisted less than
the blue/blue white pair.
• Cancellation: When two wires in an electrical
circuit are placed close together, their
Each colored pair is
magnetic fields are the exact opposite of each twisted a different
other and cancel out any outside EMI and RFI number of times.
signals.
• Varies the number of twists per wire pair to
further enhance the cancellation effect of a
paired circuit.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
UTP Cabling
UTP Cabling Standards  UTP cabling conforms to the standards established by
TIA/EIA.
• TIA/EIA-568 stipulates the cabling standards for LAN
installations
 Cat 3 Cable
• Used for voice communication
• Most often used for phone lines
 Cat 5 and 5e Cable
• Used for data transmission
• Cat5 supports 100 Mb/s and can support 1000Mb/s, but
it is not recommended
• Cat5e supports 1000 Mb/s
 Cat 6 Cable
• Used for data transmission
• An added separator is between each pair of wires
allowing it to function at higher speeds
• Support 1000 Mb/s – 10 Gb/s, though 10 Gb/s is not
recommended © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
UTP Cabling
UTP Connectors
 UTP cable terminated with an RJ-45
connector.
 TIA/EIA-568 standard describes the wire
color codes to pin assignments (pinouts)
for Ethernet cables.
 RJ-45 connector is the male component,
crimped at the end of the cable.
 Socket is the female component of a
network device, wall, cubicle partition
outlet, or patch panel.
 Essential that all copper media
terminations be of high quality to ensure
optimum performance with current and
future network technologies.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
UTP Cabling
Types of UTP Cable

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
UTP Cabling
Testing UTP Cables
UTP Testing Parameters:
 Wire map

 Cable length

 Signal loss due to attenuation

 Crosstalk

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Fiber Optic Cabling
Properties of Fiber Optic Cabling
 Transmits data over longer distances and at
higher bandwidths.
 Transmit signals with less attenuation and is
completely immune to EMI and RFI.
 Used to interconnect network devices.

 Flexible, but extremely thin, transparent strand of

 Fiber-optic cabling is now being very pure glass, not much bigger than a human
used in four types of industry: hair.
 Enterprise Networks
• Fiber-to-the-Home (FTTH)  Bits are encoded on the fiber as light pulses.
• Long-Haul Networks
• Submarine Cable Networks

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Fiber Optic Cabling
Fiber Media Cable Design Jacket
Protects the fiber against abrasion, moisture, and other
contaminants. Composition can vary depending on the
cable usage.
Strengthening Material
Surrounds the buffer, prevents the fiber cable from
being stretched when it is being pulled. Often the same
material used to produce bulletproof vests.
Buffer
Used to help shield the core and cladding from
damage.
Cladding
Tends to act like a mirror by reflecting light back in the
core of the fiber. Keeps light in the core as it travels
down the fiber.
Core
Light transmission element at the center of the optical
fiber. Core is typically silica or glass. Light pulses travel
through the fiber core.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Fiber Optic Cabling
Types of Fiber Media

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Fiber Optic Cabling
 Light can only travel in one direction over
Fiber-Optic Connectors optical fiber, two fibers are required to support
the full duplex operation.
 Straight-Tip (ST) Connectors
• One of the first connector types used.
• Locks securely with a “twist-on/twist-off”.
 Subscriber Connector (SC) Connectors
• Referred to as square or standard connector.
• Uses a push-pull mechanism to ensure positive
insertion.
• Used with multimode and single-mode fiber.
 Lucent Connector (LC) Simplex Connectors
• Smaller version of SC and popular due to size.

 Duplex Multimode LC Connectors

• Similar to LC but using a duplex connector.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Fiber Optic Cabling
Fiber-Optic Connectors (Cont.)

 Fiber patch cords are required for

interconnecting infrastructure devices.
 Yellow jacket is for single-mode fiber
cables
 Orange (or aqua) for multimode fiber
cables.
 Fiber cables should be protected with a
small plastic cap when not in use.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Fiber Optic Cabling
Fiber versus Copper

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Wireless Media
Properties of Wireless Media
 Wireless media carry electromagnetic signals that represent
the binary digits of data communications using radio or
microwave frequencies.
 Wireless areas of concern:
• Coverage area: Construction materials used in buildings and
structures, and the local terrain, will limit the coverage.
• Interference: Disrupted by such common devices as
fluorescent lights, microwave ovens, and other wireless
communications.
• Security: Devices and users, not authorized for access to the
network, can gain access to the transmission.
• Shared medium: Only one device can send or receive at a
time and the wireless medium is shared amongst all wireless
users.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Wireless Media
Types of Wireless Media
 Wi-Fi: Standard IEEE 802.11
• Uses Carrier/Sense Multiple Access/Collision Avoidance (CSMA/CA).
• Wireless NIC must wait till channel is clear.
 Bluetooth: Standard IEEE 802.15
• Wireless Personal Area Network (WPAN)
• Uses a device pairing process for distances 1 to 100 meters
 WiMAX: Standard IEEE 802.16
• Worldwide Interoperability for Microwave Access
• Wireless broadband access.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
Wireless Media
Wireless LAN

 Wireless LAN requires the following

network devices:
• Wireless Access Point (AP):
Concentrates the wireless signals from
users and connects to the existing copper-
based network infrastructure, such as
Ethernet.
• Wireless NIC adapters: Provide wireless
communication capability to each network
host.
Home and small business wireless
routers integrate the functions of a router,
switch, and access point into one device.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Data Link Layer
Protocols and Media
Access Control

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
4.1 Physical Layer Protocols

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Purpose of the Data Link Layer
The Data Link Layer
The data link layer of the OSI model (Layer 2), as
shown in Figure, is responsible for:

 Allowing the upper layers to access the media

 Accepting Layer 3 packets and packaging them into
frames
 Preparing network data for the physical network
 Controlling how data is placed and received on the
media
 Exchanging frames between nodes over a physical
network media, such as UTP or fiber-optic
 Receiving and directing packets to an upper layer
protocol
 Performing error detection

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Purpose of the Data Link Layer
Data Link Sublayers  Data link layer is divided into two sublayers:
• Logical Link Control (LLC) 
• Communicates with the network layer.
• Identifies which network layer protocol is being used
for the frame.
• Allows multiple Layer 3 protocols, such as IPv4 and
IPv6, to utilize the same network interface and
media.
• Media Access Control (MAC) 
• Defines the media access processes performed by
the hardware.
• Provides data link layer addressing and access to
various network technologies.
• Communicates with Ethernet to send and receive
frames over copper or fiber-optic cable.
• Communicates with wireless technologies such as
Wi-Fi and Bluetooth.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Purpose of the Data Link Layer
Media Access Control

 As packets travel from the

source host to the destination
host, they travel over different
physical networks.
 Physical networks can consist
of different types of physical
media such as copper wires,
optical fibers, and wireless
consisting of electromagnetic
signals, radio and microwave
frequencies, and satellite links.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Purpose of the Data Link Layer
Providing Access to Media

 At each hop along the path, a router:

• Accepts a frame from a medium
• De-encapsulates the frame
• Re-encapsulates the packet into a new frame
• Forwards the new frame appropriate to the medium
© 2016 Cisco and/or its affiliates. All rights reserved.
of that segment
Cisco Confidential 41
Purpose of the Data Link Layer
Data Link Layer Standards

 Engineering organizations that define

open standards and protocols that apply
to the network access layer include:
• Institute of Electrical and Electronics
Engineers (IEEE)
• International Telecommunication Union
(ITU)
• International Organization for
Standardization (ISO)
• American National Standards Institute
(ANSI)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Media Access Control

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
Topologies
Controlling Access to the Media
 Media access control is the equivalent
of traffic rules that regulate the
entrance of motor vehicles onto a
roadway.
 The absence of any media access
control would be the equivalent of
vehicles ignoring all other traffic and
entering the road without regard to the
other vehicles.
 However, not all roads and entrances
are the same. Traffic can enter the
road by merging, by waiting for its turn
at a stop sign, or by obeying signal
lights. A driver follows a different set of
rules for each type of entrance.

Sharing the Media © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Topologies
Physical and Logical Topologies

 Physical topology - Refers

to the physical connections
and identifies how end
devices and infrastructure
devices such as routers,
switches, and wireless
access points are
interconnected.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Topologies
Physical and Logical Topologies (Cont.)

 Logical Topology: Refers to

the way a network transfers
frames from one node to the
next. These logical signal
paths are defined by data link
layer protocols.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
WAN Topologies
Common Physical WAN Topologies

 Point-to-Point - Permanent link

between two endpoints.
 Hub and Spoke - A central site
interconnects branch sites using
point-to-point links.
 Mesh - Provides high availability,
but requires that every end system
be interconnected to every other
system. Administrative and
physical costs can be significant.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
WAN Topologies
Physical Point-to-Point Topology

 Frames are placed

on the media by the
node at one end
and taken from the
media by the node
at the other end of
the point-to-point
circuit.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
WAN Topologies
Logical Point-to-Point Topology

• End nodes communicating in a point-to-point network can be physically

connected via a number of intermediate devices.
• However, the use of physical devices in the network does not affect the logical
topology.
• The logical connection between nodes forms what is called a virtual circuit.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
WAN Topologies
Logical Point-to-Point Topology (Cont.)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
LAN Topologies
 Star - End devices are connected to a
Physical LAN Topologies central intermediate device. Use Ethernet
switches.
 Extended Star - Additional Ethernet
switches interconnect other star topologies.
 Bus - Used in legacy networks. All end
systems are chained to each other and
terminated in some form on each end.
Switches are not required to interconnect
the end devices. Bus topologies using coax
cables were used in legacy Ethernet
networks because it was inexpensive and
easy to set up.
 Ring - End systems are connected to their
respective neighbor forming a ring. Unlike
the bus topology, the ring does not need to
be terminated. Ring topologies were used in
legacy Fiber Distributed Data Interface
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
(FDDI) and Token Ring networks.
LAN Topologies
Half and Full Duplex

 Half-Duplex Communication
• Both devices can transmit and
receive on the media but cannot do
so simultaneously.
• Used in legacy bus topologies and
with Ethernet hubs.
• WLANs also operate in half-duplex.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
LAN Topologies
Half and Full Duplex (Cont.)

 Full-Duplex Communication
• Both devices can transmit and
receive on the media at the same
time. 
• Data link layer assumes that the
media is available for transmission for
both nodes at any time.
• Ethernet switches operate in full-
duplex mode by default, but can
operate in half-duplex if connecting to
a device such as an Ethernet hub.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
LAN Topologies
Media Access Control Methods

 Contention-Based Access
• Nodes operate in half-
duplex.
• Compete for the use of
the medium.
• Only one device can
send at a time.  

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
LAN Topologies
Media Access Control Methods (Cont.)

 Controlled Access
• Each node has its own
time to use the medium.
• Legacy Token Ring
LANs are an example 

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
LAN Topologies
Contention-based Access - CSMA/CD
 Carrier Sense Multiple Access/Collision Detection
(CSMA/CD) process is used in half-duplex Ethernet
LANs.
• If two devices transmit at the same time, a collision
will occur.
1 • Both devices will detect the collision on the network.
• Data sent by both devices will be corrupted and will
need to be resent.

2 3

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
LAN Topologies
Contention-based Access - CSMA/CA

 CSMA/CA

• Uses a method to detect if the

media is clear.
• Does not detect collisions but
attempts to avoid them by
waiting before transmitting.
 Note: Ethernet LANs using
switches do not use a contention-
based system because the switch
and the host NIC operate in full-
duplex mode.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
Data Link Frame
The Frame

 Each frame type has three

basic parts:
• Header
• Data
• Trailer
 Structure of the frame and the
fields contained in the header
and trailer depend on Layer 3
protocol.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
Data Link Frame
Frame Fields
 Frame start and stop indicator
flags - Identifies the beginning
and end limits of the frame.
 Addressing - Indicates the source
and destination nodes.
 Type - Identifies the Layer 3
protocol in the data field.
 Control - Identifies special flow
control services such as QoS.
 Data - Contains the frame payload
(i.e., packet header, segment
header, and the data).

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
Data Link Frame
Layer 2 Addresses

Each data link frame contains the source data link address of the NIC card sending the frame,
and the destination data link address of the NIC card receiving the frame.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
Data Link Frame
LAN and WAN Frames

 Layer 2 protocol used for a

topology is determined by the
technology.
 Data link layer protocols include:
• Ethernet
• 802.11 Wireless
• Point-to-Point Protocol (PPP)
• HDLC
• Frame Relay

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
Ethernet MAC Addresses
MAC Addresses and Hexadecimal
 An Ethernet MAC address is a 48-bit binary
value expressed as 12 hexadecimal digits (4
bits per hexadecimal digit).

 Hexadecimal is used to represent Ethernet

MAC addresses and IP Version 6 addresses.
• Hexadecimal is a base sixteen system using
the numbers 0 to 9 and the letters A to F.
• It is easier to express a value as a single
hexadecimal digit than as four binary bits.
• Hexadecimal is usually represented in text by
the value preceded by 0x (E.g., 0x73).

 Convert the decimal or hexadecimal value to

binary, and then to convert the binary value to
either decimal or hexadecimal as needed. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
Ethernet MAC Addresses
MAC Addresses: Ethernet Identity
 MAC addresses were created to
identify the actual source and
destination.
• The MAC address rules are established
by IEEE.
• The IEEE assigns the vendor a 3-byte
(24-bit) code, called the
Organizationally Unique Identifier (OUI).
 IEEE requires a vendor to follow two
simple rules:
• All MAC addresses assigned to a NIC
or other Ethernet device must use that
vendor's assigned OUI as the first 3
bytes.
• All MAC addresses with the same OUI
must be assigned a unique value in © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64

the last 3 bytes.

Ethernet MAC Addresses
Frame Processing
 The MAC address is often referred to as a
burned-in address (BIA) meaning the
address is encoded into the ROM chip
permanently. When the computer starts up,
the first thing the NIC does is copy the MAC
address from ROM into RAM.

 When a device is forwarding a message

to an Ethernet network, it attaches
header information to the frame.

 The header information contains the

source and destination MAC address.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
Ethernet MAC Addresses
MAC Address Representations
 Use the ipconfig /all command on a Windows host to identify the MAC address of an Ethernet
adapter. On a MAC or Linux host, the ifconfig command is used.

 Depending on the device and the operating system, you will see various representations of MAC
addresses.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
Ethernet MAC Addresses
Unicast MAC Address
 A unicast MAC address is the
unique address used when a
frame is sent from a single
transmitting device to a single
destination device.

 For a unicast packet to be sent

and received, a destination IP
address must be in the IP packet
header and a corresponding
destination MAC address must
also be present in the Ethernet
frame header.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
Ethernet MAC Addresses
Broadcast MAC Address
 Many network protocols, such as
DHCP and ARP, use broadcasts.
 A broadcast packet contains a
destination IPv4 address that has all
ones (1s) in the host portion
indicating that all hosts on that local
network will receive and process the
packet.
 When the IPv4 broadcast packet is
encapsulated in the Ethernet frame,
the destination MAC address is the
broadcast MAC address of FF-FF-
FF-FF-FF-FF in hexadecimal (48
ones in binary).

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
Ethernet MAC Addresses
Multicast MAC Address
 Multicast addresses allow a
source device to send a packet
to a group of devices.
• Devices in a multicast group are
assigned a multicast group IP
address in the range of 224.0.0.0
to 239.255.255.255 (IPv6
multicast addresses begin with
FF00::/8).
• The multicast IP address
requires a corresponding
multicast MAC address that
begins with 01-00-5E in
hexadecimal.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
MAC and IP
Destination on Same Network
 There are two primary addresses
assigned to a device on an Ethernet
LAN:
• Physical address (the Ethernet MAC
address)
• Logical address (the IP address)

 As an example, PC-A sends an IP packet to

the file server on the same network. The
Layer 2 Ethernet frame contains:
• Destination MAC address
• Source MAC address
 The Layer 3 IP packet contains:
• Source IP address
• Destination IP address © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
MAC and IP
Destination on Remote Network
 When the destination IP address is on a
remote network, the destination MAC
address will be the address of the host’s
default gateway.

 In the figure, PC-A is sending an IP

packet to a web server on a remote
network.
• The destination IP address is that of the
File Server.
• The destination MAC address is that of
Ethernet interface of R1.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
Ethernet and ARP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72
Address Resolution Protocol
(ARP)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
ARP
Introduction to ARP
 When a device sends an Ethernet
frame, it contains these two
addresses:
• Destination MAC address
• Source MAC address

 To determine the destination MAC

address, the device uses ARP.

 ARP provides two basic functions:

• Resolving IPv4 addresses to MAC
addresses
• Maintaining a table of mappings
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74
ARP
ARP Functions
 Ethernet devices refer to an ARP table (or
the ARP cache) in its memory (i.e., RAM) to
find the MAC address that is mapped to the
IPv4 address.

 A device will search its ARP table for a

destination IPv4 address and a
corresponding MAC address.
• If the packet’s destination IPv4 address is
on the same network as the source IPv4
address, the device will search the ARP
table for the destination IPv4 address.
• If the destination IPv4 address is on a
different network than the source IPv4
address, the device will search the ARP
table for the IPv4 address of the default © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75

gateway.
ARP
Video Demonstration – ARP Request
 An ARP request is a broadcast frame sent
when a device needs a MAC address
associated with an IPv4 address, and it
does not have an entry for the IPv4 address
in its ARP table.

 ARP messages are encapsulated directly

within an Ethernet frame. There is no IPv4
header.

 The ARP request message includes:

• Target IPv4 address
• Target MAC address
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 76
ARP
Video Demonstration – ARP Reply
 Only the device with an IPv4 address
associated with the target IPv4 address in
the ARP request will respond with an ARP
reply.

 The ARP reply message includes:

• Sender’s IPv4 address
• Sender’s MAC address

 Entries in the ARP table are time stamped. If

a device does not receive a frame from a
particular device by the time the timestamp
expires, the entry for this device is removed
from the ARP table.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 77
ARP
Video Demonstration – ARP role in Remote Communications
 When a host creates a packet for a
destination, it compares the destination IPv4
address and its own IPv4 address to
determine if the two IPv4 addresses are
located on the same Layer 3 network.
 If the destination host is not on its same
network, the source checks its ARP table for
an entry with the IPv4 address of the default
gateway.
 If there is not an entry, it uses the ARP
process to determine a MAC address of the
default gateway.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 78
ARP
Removing Entries from an ARP Table
 Every device has an ARP cache timer that
removes ARP entries that have not been
used for a specified period of time.

 The times differ depending on the

device’s operating system. As
shown in the figure, some
Windows operating systems store
ARP cache entries for 2 minutes.

 You can also manually remove all or some

of the entries in the ARP table.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 79
ARP
ARP Tables
On a Router On a Windows Host

On a Cisco router, the show ip arp command is On a Windows 7 PC, the arp –a command is used
used to display the ARP table. to display the ARP table.

Router# show ip arp

Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.233.229 - 0000.0c59.f892 ARPA Ethernet0/0
Internet 172.16.233.218 - 0000.0c07.ac00 ARPA Ethernet0/0
Internet 172.16.168.11 - 0000.0c63.1300 ARPA Ethernet0/0
Internet 172.16.168.254 9 0000.0c36.6965 ARPA Ethernet0/0
Router#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 80
Network Layer Protocols

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 81
Network Layer in Communications
The Network Layer
• The network layer, which resides at OSI
Layer 3, provides services that allow end
devices to exchange data across a network.
• The network layer uses four processes in
order to provide end-to-end transport:
• Addressing of end devices – IP addresses must be
unique for identification purposes.
• Encapsulation – The protocol data units from the
transport layer are encapsulated by adding IP
header information including source and
destination IP addresses.
• Routing – The network layer provides services to
direct packets to other networks. Routers select
the best path for a packet to take to its destination
network.
• De-encapsulation – The destination host de-
encapsulates the packet to see if it matches its
own.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 82
Network Layer in Communications
Network Layer Protocols
• There are several network layer
protocols in existence; however,
the most commonly implemented
are:
• Internet Protocol version 4 (IPv4)
• Internet Protocol version 6 (IPv6)

Note: Legacy network layer protocols

are not discussed in this course.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 83
Characteristics of the IP Protocol
Encapsulating IP
• At the network layer, IP encapsulates
the transport layer segment by
adding an IP header for the purpose
of delivery to the destination host.
• The IP header stays the same from
the source to the destination host.
• The process of encapsulating data
layer by layer enables the services at
different layers to scale without
affecting other layers.
• Routers implement different network
layer protocols concurrently over a
network and use the network layer
packet header for routing.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 84
Characteristics of the IP Protocol
Characteristics of IP
• IP was designed as a protocol
with low overhead – it
provides only the functions
required to deliver a packet
from the source to a
destination.
• An IP packet is sent to the
destination without prior
establishment of a connection
• IP was not designed to track
and manage the flow of
packets.
• These functions, if required, are
performed by other layers –
primarily TCP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 85
Characteristics of the IP Protocol
IP - Connectionless
• IP is a connectionless
protocol:
• No dedicated end-to-end
connection is created before data
is sent.
• Very similar process as sending
someone a letter through snail
mail.
• Senders do not know whether or
not the destination is present,
reachable, or functional before
sending packets.
• This feature contributes to the low
overhead of IP.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 86
Characteristics of the IP Protocol
IP – Best Effort Delivery
 IP is a Best Effort Delivery
protocol:
• IP is considered “unreliable”
because it does not guarantee
that all packets that are sent will
be received.
• Unreliable means that IP does not
have the capability to manage and
recover from undelivered, corrupt,
or out of sequence packets.
• If packets are missing or not in the
correct order at the destination,
upper layer protocols/services
must resolve these issues.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 87
Characteristics of the IP Protocol
IP – Media Independent
• IP operates independently from the
media that carries the data at lower
layers of the protocol stack – it does
not care if the media is copper
cables, fiber optics or wireless.
• The OSI data link layer is responsible
for taking the IP packet and preparing
it for transmission over the
communications medium.
• The network layer does have a
maximum size of the PDU that can be
transported – referred to as MTU
(maximum transmission unit).
• The data link layer tells the network
layer the MTU.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 88
IPv4 Packet
IPv4 Packet Header
• An IPv4 packet header consists of the
fields containing binary numbers. These
numbers identify various settings of the IP
packet which are examined by the Layer 3
process.
• Significant fields include:
• Version – Specifies that the packet is IP version 4
• Differentiated Services or DiffServ (DS) – Used to
determine the priority of each packet on the
network.
• Time-to-Live (TTL) – Limits the lifetime of a packet
– decreased by one at each router along the way.
• Protocol – Used to identify the next level protocol.
• Source IPv4 Address – Source address of the
packet.
• Destination IPv4 Address – Address of
destination. © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 89
6.2 Routing

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 90
How a Host Routes
Host Forwarding Decision • An important role of the network
layer is to direct packets between
hosts. A host can send a packet to:
• Itself – A host can ping itself for testing
purposes using 127.0.0.1 which is referred
to as the loopback interface.
• Local host – This is a host on the same local
network as the sending host. The hosts
share the same network address.
• Remote host – This is a host on a remote
network. The hosts do not share the same
network address.
• The source IPv4 address and
subnet mask is compared with the
destination address and subnet
mask in order to determine if the
host is on the local network or
remote network.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 91
How a Host Routes
Default Gateway • The default gateway is the
network device that can route
traffic out to other networks. It
is the router that routes traffic
out of a local network.
• This occurs when the
destination host is not on the
same local network as the
sending host.
• The default gateway will know
where to send the packet using
its routing table.
• The sending host does not need
to know where to send the
packet other than to the default
gateway – or router.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 92
How a Host Routes
Using the Default Gateway
• A host’s routing table usually
includes a default gateway
address – which is the router IP
address for the network that the
host is on.
• The host receives the IPv4
address for the default gateway
from DHCP, or it is manually
configured.
• Having a default gateway
configured creates a default route
in the routing table of a host -
which is the route the computer
will send a packet to when it needs
to contact a remote network.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 93
How a Host Routes
Host Routing Tables
• On a Windows host, you can
display the routing table using:
• route print
• netstat -r
• Three sections will be
displayed:
• Interface List – Lists the Media
Access Control (MAC) address and
assigned interface number of
network interfaces on the host.
• IPv4 Route Table – Lists all known
IPv4 routes.
• IPv6 Route Table – Lists all known
IPv6 routes.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 94
Router routing Tables
• When a router receives a packet
Router Packet Forwarding Decision destined for a remote network, the
router has to look at its routing
table to determine where to
forward the packet. A router’s
routing table contains:
• Directly-connected routes – These
routes come from the active router
interfaces configured with IP
addresses.
• Remote routes – These routes come
from remote networks connected to
other routers. They are either
configured manually or learned
through a dynamic routing protocol.
• Default route – This is where the
packet is sent when a route does not
exist in the routing table.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 95
Router Routing Tables
IPv4 Router Routing Table • On a Cisco IOS router, the show ip
route command is used to display
the router’s IPv4 routing table. The
routing table shows:
• Directly connected and remote routes
• How each route was learned
• Trustworthiness and rating of the route
• When the route was last updated
• Which interface is used to reach the
destination

• A router examines an incoming

packet’s header to determine the
destination network. If there’s a
match, the packet is forwarded
using the specified information in
the routing table.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 96
Router Routing Tables
Video Demonstration – Introducing the IPv4 Routing Table
• A host has a routing table that can
be viewed with the netstat –r
command.
• The routing table includes routes to
different networks and information
about those routes. For example:
• The D to the left of the 10.1.1.0/24 route
indicates that it was learned via the EIGRP
routing protocol.
• The letter C means that the network is
directly connected.
• The default gateway of last resort is also
indicated.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 97
Router Routing Tables
Directly Connected Routing Table Entries
• When a router interface is
configured and activated, the
following two routing table
entries are created
automatically:
• C – Identifies that the network is
directly connected and the interface
is configured with an IP address and
activated.
• L – Identifies that it is a local
interface. This is the IPv4 address
of the interface on the router.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 98
Router Routing Tables • 10.1.1.0/24 identifies the
Understanding Remote Route Entries destination network.
• 90 is the administrative distance
for the corresponding network –
or the trustworthiness of the
route. The lower the number,
the more trustworthy it is.
• 2170112 – represents the metric or
value assigned to reach the
remote network. Lower values
indicate preferred routes.
• 209.165.200.226 – Next-hop or IP
address of the next router to
forward the packet.
• 00:00:05 - Route Timestamp
• The D represents the Route Source which is how the
identifies when the router was last
network was learned by the router. D identifies the
heard from.
route as an EIGRP route or (Enhanced Interior
Gateway Routing Protocol) • Serial/0/0/0 – Outgoing Interface

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 99
Router Routing Tables
Next-Hop Address • When a packet arrives at a router
destined for a remote network, it
will send the packet to the next hop
address corresponding to the
destination network address in its
routing table.
• For example, if the R1 router in the
figure to the left receives a packet
destined for a device on the
10.1.1.0/24 network, it will send it to
the next hop address of
209.165.200.226.
• Notice in the routing table, a default
gateway address is not set – if the
router receives a packet for a
network that isn’t in the routing
table, it will be dropped.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 100
Router Routing Tables
Video Demonstration – Explaining the IPv4 Routing Table
• Router R1:
• Has three directly connected routes
highlighted in yellow.
• The first two routing entries of the routing
table for networks 10.1.1.0/24 and
10.1.2.0/24 are for the remote networks
connected to the R2 router.
• R1 learned about these networks from R2
via the EIGRP dynamic routing protocol.
• Next hop router is indicated via
209.165.200.226. This is where the router
needs to forward the packet.
• The router will send the packet to the next
hop address by exiting its own Serial/0/0/0
interface.
• A connected network entry does not have a
next hop address. It will indicate which
interface to exit out of, for example,
GigabitEthernet0/0.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 101