Ode to ARP and Ethernet … the plumbing of the Internet

Introduction

Layered model
Layered model

Sometimes in life there are things that are so important and part of our every day existence, but no-one knows about them. It happens with great corporations such as Cisco Systems, where a few years ago few people actually knew about the company, but they had basically built most of the infrastructure for the Internet. So it is to ARP, the most amazing little protocol that deserves some credit for actually building the Internet too, along with Ethernet which provides the plumbing.

At one time in the computing industry it was often difficult to interconnect systems, typically because a certain vender had their own protocol and interface, which made it difficult to connect to. So, in networking, a layered approach is typically used, which allows for different hardware and software to be interconnected. This has supported a great drive for convergence and standardization, and one of the best examples of this is the seven-layered model, which is shown in the diagram above. Overall this defines the protocols which are used at each of the layer, each of which has their own function.

ARP

ARP
ARP

TCP  and IP  have made the interconnection of the world possible, but Ethernet must be given a silver medal for building up the network from the ground up. Without Ethernet we would have never have evolved organizational networks, create the Internet so quickly. Before we go on I must explain what “The Internet” actually is, so that we do no confuse it with “The Web”. Well “The Internet” is a collection of publicly registered computer systems which have registered their IP address range, and can thus be contacted within the public address space. Whereas “The Web” is a collection of Web servers, who provide Web-based content. Anyone can create “An internet”, if they want, but that will contain a private address space, whereas “The Internet”, is publicly defined addresses.

For anyone who has used a modem from home, and had to make a dial-up connection, will know how annoying this can be. But, with Ethernet, plug-in the cable, or connect through wireless, and it all works. You don’t even have to know what the physical address of the computer is. So how does it work? Well the key is ARP, as ARP allows a computer to broadcast  a message to the rest of the network, asking for the MAC (Media Access Code) address of a given network address. Thus computers can quickly determine the physical addresses of all the devices on their network segment, simply by broadcasting an ARP request.

So what if the destination is outside the network segment,, such as on the Internet? Well with this the computer sends our an ARP request for the MAC address of the gateway. The computer will normally now its gateway address, as it’s one of the key setting that we create for the network. After this the gateway will then send back it’s MAC address, and the computer is then able to communicate with it, as it knows both its network address (required in the IP packet header) and the MAC address (which is contained in the Ethernet frame). The computer will then create the data it wants to sent, and segments it up with TCP, it takes the segments and address an IP destination address with IP, and then frames it up with Ethernet. The destination IP address will be the remote node that the computer wants to communicate with, but the destination MAC address will be the gateway MAC address, and thus we have created the first link of the connection.

After this routers will guide the data packet through the Internet, until it gets to the last segment, where the last gateway node will send out an ARP request on network segment that the destination node is on, for the MAC address of the node which has the destination address contained in the IP packet — Pweh! Are you getting this? — for which, if it is on, it will respond with its MAC address, and the gateway can then deliver the data. So ARP has to be thanked for the first part and the last part of the journey. Without it we would have to register all the MAC addresses of connected computers on a large database, and have to query it every time we wanted to communicate.

Mechanics of the ARP protocol

If you would like to see examples of network protocols, there are whole lots of examples at:

http://www.asecuritysite.com/information/pcap

where you will see ARP in action. Typically it is the first part of a network connection, where a node must discover the gateway, or a node on the same network.

For example here’s the first network packet for a Web connection, where the node is sending out a broadcast to find the MAC address of the node at 192.168.75.132 (you can see that we are at 192.168.75.1):

No.     Time        Source                Destination           Protocol Info
      1 0.000000    Vmware_c0:00:08       Broadcast             ARP      Who has 192.168.75.132? 
                                                                           Tell 192.168.75.1

and then the next, the node at 192.168.75.132 responds back with its MAC address (00:0c:29:0f:71:a3):

No.     Time        Source                Destination           Protocol Info
      2 0.000339    Vmware_0f:71:a3       Vmware_c0:00:08       ARP      192.168.75.132 is at 
                                                                          00:0c:29:0f:71:a3

followed by the standard three-way handshake, were we can now communicate with the gateway, where the destination MAC is in the Ethernet destination MAC address field:

No.     Time        Source                Destination           Protocol Info
      3 0.000362    192.168.75.1          192.168.75.132        TCP      mgcp-gateway > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=2 TSV=344415 TSER=0
No.     Time        Source                Destination           Protocol Info
      4 0.000602    192.168.75.132        192.168.75.1          TCP      http > mgcp-gateway [SYN, ACK] Seq=0 Ack=1 Win=64240 Len=0 MSS=1460 WS=0 TSV=0 TSER=0
No.     Time        Source                Destination           Protocol Info
      5 0.000681    192.168.75.1          192.168.75.132        TCP      mgcp-gateway > http [ACK] Seq=1 Ack=1 Win=66608 Len=0 TSV=344415 TSER=

If you are interested in learning about network protocols, there is a presentation at:

Ethernet

IP, TCP and Ethernet
IP, TCP and Ethernet

Until recently, it seemed unlikely that Ethernet would survive as a provider of network backbones and for campus networks, and its domain would stay, in the short-term, with connections to local computers. If you are interested the diagram on the right-hand side shows the three main protocols that are involved on most of the communications on the Internet: IP, TCP and Ethernet. Each of them have information that they add to the data, so that it can be delivered correctly and within a good time period.

As a computing professor, I have seen networking standards come and go, and it seemed for a while that ATM was the solution for integrated networks, as it was the true integrator of real-time and non real-time data. This was due to Ethernet’s lack of support for real-time traffic and that it does not cope well with traffic rates that approach the maximum bandwidth of a segment (as the number of collisions increases with the amount of traffic on a segment). ATM seemed to be the logical choice as it analyses the type of data being transmitted and reserves a route for the given quality of service. It looked as if ATM would migrate down from large-scale networks to the connection of computers, telephones, and all types of analogue /digital communications equipment. But, remember, not always the best technological solution wins the battle for the market – a specialist is normally always trumped by a good all-rounder.

Ethernet is the best poker player in town. It knows all the tricks. It’s a heavyweight prize fighter. It’ll slug it out with anyone, and win. I took Token Ring on, head to head, and thrashed it. So what would you choose for your corporate network? Would it be a technology that was cheap, and could give you 10Mbps , 100Mbps for your connections to workstations and server , and, possibly, 1Gbps for your backbone . Ethernet always makes a sensible choice, as it’s cheap and it’s going to be around for a lot longer, yet. Any problems within an Ethernet network can be solved by segmenting the network, and by relocating servers . And for cable , it supports twisted-pair , coaxial and fiber. Who would have believed that you could get 1Gbps down a standard Cat-5 , twisted-pair cable. Amazing!

Ethernet also does not provide for quality of service and requires other higher-level protocols, such as IEEE 802.1p. These disadvantages are often outweighed by its simplicity, its upgradeability, its reliability and its compatibility . One way to overcome the contention problem is to provide a large enough bandwidth so that the network is not swamped by sources which burst data onto the network. For this, the gigabit Ethernet standard is likely to be the best solution for most networks.

Whatever bandwidth you want

A key method of increasing the bandwidth of a network is to replace hubs with switches, as switches allow simultaneous transmission between connected ports. Thus if the bandwidth of a single port on a switch is 100Mbps, then a multi-port switch can give a throughput of several times this. But, switches have the potential of improving the configuration of networks.

Many workers are now used to open-plan offices, where the physical environment can be changed as workgroup evolve. This is a concept which is now appearing in networking, where virtual networks are created. With this computers connect to switches. The switch then tags data frames for destination virtual networks and puts the tagged data frame onto the backbone . Other switches then read the tag, and, if the destination is connected to one of their ports, they remove the data tag, and forward the data frame to the required port. This technique is now standardized with IEEE 802.1q, an important step in getting any networking technique accepted. Imagine if whole countries were setup like this. What we would have is a programmable network, where system administrators could connect any computer to any network. Presently we are constrained by the physical location of nodes.

Virtual networks will also bring enhanced security, where it will be possible to constrain the access to sensitive data. For example a server which contains data which must be kept secret can be located in a safe physical environment and only users which a valid MAC address would be allowed access to the data.

Hats off to the IEEE who have carefully developed the basic technology, after its initial conception by DEC , Intel and the Xerox Corporation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s