Transcript
Ethernet tr ainin g Sectio Sectio n 1 – Why Deplo Deplo y Ethernet? 1.1 1.1 Backgrou nd Years ago, voice service drove the design and deployment of wide area networks throughout the world. Over the past 10 years this has changed. The desire for information across the country and across the globe has lead to a focus on next generation data networks in the wide area. Initial data deployments were at low speeds and with low reliability. Typical rates were between 9.6 kb/s and 64 kb/s running X.25. The customer, in this case, owned the data service, with the provider owning the pipe. Next generation services allowed the carrier to offer the pipe as well as the data service, offering more revenue to the carrier and more flexibility and support to the customer. The first data services were bases on the SMDS standard. Speeds were still slow, but the service was more reliable. The next step in data service is our current position. Technologies such as frame relay and ATM lead the way for customers to spread their data across the globe. Speeds are no longer limited to 64kb/s. A customer can purchase data services from 64kb/s up to 2.4Gbs and higher. Point-to-point or point-to-multi point services are available. As well as ATM and frame relay, carriers are now offering Ethernet to their customers. Why would a customer want to go to Ethernet instead of staying with their existing frame relay or ATM data services? Frame relay, a technology designed to carry data, is not widely available above a T1 (1.544Mbs). In some areas, as much as a DS3 (45Mbs) frame relay pipe can be ordered. ATM offers a wider range of speeds, T1 (1.544Mbs) to an OC-12 (622Mbs), but is not as efficient with data as frame relay. ATM was designed to carry voice, video, and data all on one pipe. This added functionality adds a lot of overhead to the data stream. Ethernet offers a range of speeds and is focused solely on data. Ethernet allows the customer to save time and money by not having to buy expensive routers to convert their LAN traffic to a WAN technology. With the wide scale carrier based deployment of Ethernet, customers will be able to buy Ethernet pipes ranging from 10 Mb/s through 1Gb/s. In the near future, the next generation of Ethernet will be available running at 10Gb/s.
1.2 Ethernet’s Capabilities The benefit of Ethernet, and its main reason to exist, is that it handles data traffic extremely well. Various technologies such as Appletalk, DECnet, TCP/IP, and IPX (Novell) are equally handled and transported by Ethernet. LAN administrators could
build a network with all of these technologies running simultaneously and Ethernet could handle the task. In today’s LAN environment, there are two main types of technologies that exist with Ethernet – IPX and IP. IPX is Novell’s technology designed mainly to manage printers, servers, and access to mainframes. This technology typically resides on a LAN and does not often traverse the wide area network. It is not often that a person in Atlanta, for example, will want to print a document in their New York office. It is more likely they will print it locally and fax it, if necessary. IP (Internet Protocol) represents the bulk to the traffic that traverses Ethernet networks. This is the addressing scheme that enables the Internet and many other technologies around the globe to work together. IP is the main driver to Ethernet’s growth. Since IP was created initially to support the Internet, it is critical to understand the history of the Internet.
1.3 1.3 Intern Intern et Histor y Today’s Internet was created in 1969 through a government-sponsored project called ARPANET (Advanced Research Projects Agency Network). The purpose of ARPANET was to test and determine the viability of packet switched networks. The first deployment of ARPANET was at four separate locations: Stanford Research Institute, the University of California at Santa Barbara, the University of California at Los Angeles, and the University of Utah. The initial tests went well and ARPANET grew. It had become obvious to the researchers that non-military as well as military personnel could benefit from a large, interconnected network. It was also clear that a more reliable set of protocols was required to handle the ever-growing network. In 1973, ARPANET added IP, TCP, UDP, and ICMP (Ping) to the list of supported protocols. This allowed traffic to be handled quickly and easily by the end stations. It also offered error correction and retransmission of lost data. In 1981, the NSF (National Science Foundation) approved funds for the Computer Science Network (CSNET). This network allowed both university and industry to share information. In 1984 ARPANET was split into two different networks – one for military and one for non-military traffic. At the same time, the NSF expanded its funding and established NSFNET. NSFNET connected six supercomputers together with high-speed lines – much faster than ARPANET. Because of this, ARPANET became obsolete, and was dismantled in the very early 1990s. In 1993 the NSF announced it would no longer provide the traditional backbone services it had it the past. It did state that it would specify several locations where users could gain access to the Internet. These sites are called NAPs (Network Access Points). The network built to replace NSFNET is referred to as the vBNS (very high speed Backbone Network Service). In 1995, NSFNET was officially turned off and vBNS took over 100% of the domestic Internet traffic (see figure below).
Today, the Internet is the maze of sites and information that we have come to use every day. Finding directions, the weather, or information on any topic, the web offers it all.
1.4 Ethern et Histor y The University of Hawaii’s ALOHA network is considered to be the ancestor of all shared media networks. In 1968, Norman Abramson pioneered the precepts of Ethernet by developing this packet radio networking system that ran at 4800bp/s and 9600bp/s. A few years later (1973), Robert Metcalfe and David Boggs at Xerox Corporation in Palo Alto, CA applied the ALHOA network principles and created the world’s first Local Area Network (LAN). Initially named ALTO ALOHA, the name was later changed to Ethernet. This first version of Ethernet ran at speeds up to 2.94Mbps. One of the first customers of Ethernet was the White House – it was used for word processing. Beyond that, this version of Ethernet was not successfully commercialized. First commercial released was by DEC, Intel and Xerox (DIX, the Gang of Three) in 1980 as Ethernet, Version 1 (commonly referred to as Ethernet DIX80). The second revision release was in 1982 as Ethernet, Version 2 (commonly referred to as Ethernet DIX82). This is the standard we know today as Ethernet, Version 2.
In 1980, the IEEE formed its Project 802 to provide a framework for the standardization of LAN technology. Novell released Novell Netware ’86 in 1983, which used a proprietary frame format based on a preliminary specification of the IEEE 802.3 specification. This is the same Novell that is used today to manage printers and servers. In 1983, the IEEE approved the IEEE 802.3 specification, which included IEEE 802.2 Logical Link Control (LLC). This made the Novell Netware proprietary format incompatible with the latest technology. In order to resolve this incompatibility, SNAP was created for the new IEEE 802.3. Now that the overall packet standards were finished, the transmission medium needed to be agreed on. In the late 1980s, SynOptics Communications developed a mechanism for transmitting 10Mbps Ethernet signals over twisted-pair cables. It was this combination of low cost transmission medium with an agreed standard that led to the wide deployment of Ethernet. The Ethernet-over-twisted-pair standard (10BASE-T) was approved by the IEEE in 1990 as the IEEE 802.3i standard and quickly became the preferred Ethernet media type.
1.5 Summary Next generation services such as managed IP and voice over IP, will require more bandwidth that is optimized for data. Ethernet is the technology that will allow customers access to higher speeds optimized for data. Since Ethernet is a mature technology, is built around a solid standard, is optimized for next generation data services, and is cheap to deploy, Ethernet demand from services providers will grow tremendously over the next decade.
Sectio n 2 - Techn olo gy Overview By understanding a few basic concepts, Ethernet and Ethernet turn-up/troubleshooting will be easily within your grasp. The following sections are focused on that goal.
2.1 OSI Mod el The ISO (International Standards Organization) designed the OSI (Open System Interconnect) model for data communications. This model, in some form, is followed by ALL data communications. Any time two or more computers pass information, they follow the OSI model. The model (shown below) is a series of basic building blocks. Each block has its own function and role in getting data from one point to another point.
•
•
•
•
LAYER 7
Application
LAYER 6
Presentation
LAYER 5
Session
LAYER 4
Transport
LAYER 3
Network
LAYER 2
Data Link
LAYER 1
Physical
Physical Layer – Layer 1 The physical layer represents the “pipe”. This is normally what BellSouth, AT&T, or any service provider offers to its customers. There are two parts to the physical layer – the physical media and the bandwidth. The physical media could be twisted pair copper, coax, or fiber. The bandwidth is a combination of signal characteristics and rates (e.g. T1 B8ZS). Data Link – Layer 2 The data link is the beginning of the data and offers the basic data framing. This layer can be provided by the carrier (e.g. frame relay) or can be provided by the customer in a point-to-point leased line environment (e.g. HDLC or PPP). Network – Layer 3 The network layer currently represents the beginning of customer traffic. This is the layer where computers speak to each other and data is addressed for end-toend communications. The addressing type for this layer is often a router or a computer. Examples of network layer protocols include IP and IPX Transport – Layer 4 At this layer, the lower layers and the application meet. The transport layer identifies the application that rides within the data packet and makes sure that all packets get from the source to the destination. This layer also specifies the connection type. There are two types of connections – connection oriented (TCP) and connectionless (UDP). Connection oriented applications require all packets to get from the source to the destination. An example of this is e-mail. If all the packets making up the e-mail don’t make it, the e-mail is unreadable. Connectionless applications are those that do not require all packets to get from source to destination. An example of this would be streaming audio. If a packet or two is missed, the computer will skip a few bars of music and keep playing.
•
Session, Presentation, and Application – Layers 5, 6, and 7 In most data communication networks today, these layers merge together into just the application. Aspects of Lotus Notes, POP3 mail, SMTP mail, and web surfing all have layers 5, 6, and 7 built into them. For purposes of this training class, we will combine these layers together into only layer 7 and refer to this as the application layer.
2.1.1 OSI MODEL ANALOGY In order to better understand the five-layer model we will work with for this training (physical, data link, network, transport, and application) we offer a parallel model built around something everyone is used to – mail delivery.
APPLICATION LAYER
The application is the letter. It is the actual piece of information sent from one location destined for another location to be read by a specific person
TRANSPORT LAYER
The final part is the name that resides on the envelope. A house can have multiple people, so can a computer have multiple applications. The name on the envelope identifies who should read the letter
NETWORK LAYER
The address put on the envelope represents the network layer. In this case, the address would be the street address, city, state, and zip code.
DATA LINK LAYER
The data link, being the basic data format, would look like the envelope that the letter is put into. The envelope identifies one letter from another.
PHYSICAL LAYER
The roads and trucks that carry the mail are analogous to the physical layer. The roads represent the copper or fiber, while the truck represents the technology (e.g. T1).
2.1.2 OSI MODEL IMPORTANCE The most important portion of the OSI model is apparent when dealing with a service issue or turn-up. Each layer builds upon the next layer – the bottom layer being the physical layer. If you look at our mail model, a closed road or broken down mail truck means no mail delivery. No matter how perfect the envelope or how well it is addressed, if the truck can’t carry the mail, it won’t get to the destination. Similarly, if the copper that carries the customer data is bad or the T1 is mis-optioned, the data at layers 2 and up will not properly get from the source to the destination.
When looking at problem circuits, some problems are easier to identify than others. If a farmer in Georgia cuts through a pair of copper, none of the data will pass across the copper. Since the failure is total and usually very obvious, it is easy to identify and solve. The more difficult problems to solve are on the marginal circuits. These types of problems tend to come and go and are difficult to identify. Many of these marginal problems will show themselves at the higher layers, even though the problem is at lower layers of the OSI model. 2.1.3 EXAMPLES OF OSI LAYER TECHNOLOGIES The following table gives examples of technologies and what layer they reside within the OSI model. It is important to remember that almost any layer 3 technology can reside on any layer 2 technology which could reside on any layer 1 technology. The layers can be
switched around depending on the network architecture (dial-up or DSL). Each layer is independent of the layer above and below. OSI LAYER
TECHNOLOGY
APPLICATION TRANSPORT NETWORK DATA LINK PHYSICAL
Lotus Notes, WWW, SMTP, POP3 TCP, UDP, SPX IP, IPX HDLC, PPP, Frame Relay, ATM, MAC QFSK (modem), T1, T3, SONET, DMT (DSL), 802.3 (Ethernet)
Using the above table, here are three specific examples of how people can surf the web. OSI LAYER
FROM HOME - MODEM
FROM HOME - DSL
FROM OFFICE
APPLICATION TRANSPORT NETWORK DATA LINK PHYSICAL
HTTP (WWW) TCP IP PPP QFSK
HTTP (WWW) TCP IP ATM DMT
HTTP (WWW) TCP IP Frame Relay T1
Notice that the end-to-end addressing scheme (layer 3 – IP) is constant no matter how you surf the web.
2.2 Ethernet 101 Now that we have completed OSI model 101, we can move onto the technology of interest, Ethernet. 2.2.1 ETHERNET 101 – PHYSICAL LAYER The physical layer for Ethernet is defined by certain electrical and bit rate specifications. The electrical specifications are based on the IEEE 802.3 Ethernet standards.
The electrical characteristics of the signal are determined by the speed at which the Ethernet runs. There are currently three standards widely deployed: 10BASE-X – This Ethernet standard runs at 10Mb/s. This is the most common type of Ethernet deployed within local area networks. This standard is almost always seen running over copper. 100BASE-X – This Ethernet standard runs at 100Mb/s. 100BASE-X is often seen on copper but is occasionally deployed over fiber to extend the range of the signal. Most new networks are built with 100BASE-X links. 1000BASE-X/Gigabit – 1000BASE-T/Gigabit Ethernet has a speed of 1.25Gb/s. The data rate is 1Gb/s, but the line coding used (8B/10B) creates a bit rate of 1.25Gb/s. This technology is most often seen running over fiber. It can be run over copper for short distances, if required. •
•
•
As the speed increases from standard to standard, the cable types change (from low grade copper to higher grade copper to fiber). This is the same for standard TDM based services, such as T1 (twisted pair), T3 (coax), and SONET (fiber).
Another important physical layer characteristic of Ethernet is full duplex or half duplex operation. A full duplex circuit is able to transmit and receive at the same time, similar to a phone where a person can speak and hear at the same time. A half duplex circuit is either speaking or listening – it is incapable of both simultaneously. 10BASE-X Ethernet is most commonly deployed in a half duplex environment. Because of its speed, being the slowest Ethernet speed, this is not a problem. As Ethernet speeds grew and the bandwidth requirements grew with them, full duplex became more critical. 100BASE-X can be seen as a full duplex or half duplex, depending on the bandwidth requirements. Gigabit Ethernet, with its high bandwidth capabilities, is almost always seen in a full duplex configuration. This particular type of Ethernet is what is driving the carrier based Ethernet deployment. 2.2.2 ETHERNET 101 – DATA LINK The data link layer for Ethernet is the same for 10BASE-X, 100BASE-X or 1000BASEX/Gigabit. This layer is referred to as the MAC layer – Media Access Control. This is the beginning of the basic data format for Ethernet.
Below is what a basic Ethernet frame looks like. There are four main parts to this particular frame – destination address, source address, control information, and the CRC. DESTINATION ADDRESS
•
•
•
•
SOURCE ADDRESS
FRAME TYPE
INFORMATION (DATA)
F C S
Source/Destination Address Field - The source and destination address fields, as their names suggest, are the fields in the data frame that identify the source and destination MAC addresses for the frame. The Source address is the device that transmitted the frame and the Destination address is the device destined to receive the frame. Frame Type – This field contains information that determines the format of the frame – either an Ethertype field for Ethernet Version II or a Length field for IEEE 802.3. Data Field – This field is the meat of the frame. This is where the upper layer information is encapsulated. FCS Field – This is the frame check sequence. The FCS is a calculation done by the equipment generating the frame on the total bits in the frame. If any of the bits change while the packet traverses the network, the FCS value will no longer be correct. The device receiving the packet at the far end will see that the frame has been corrupted during transmission and will discard the frame.
All of what has been discussed applies to 10BASE-X, 100BASE-X or 1000BASEX/Gigabit Ethernet. There is, however, one part of the Ethernet standard that is more prevalent for gigabit than for the 10BASE-X and 100BASE-X standard – Pause Control.
Pause control frames allow Ethernet elements to throttle the actual throughput of the link real time. Most elements could support full 10BASE-X and 100BASE-X rates. When gigabit Ethernet was first released, many elements could not support long durations of full bandwidth routing. Because of this, pause control standard allowed a local element to tell the far end element to slow down until the local element caught up. Although not as prevalent as a few years ago, this is still part of the Ethernet standard and can be seen in deployed networks. If we look back to the OSI model from the previous section, there are events and issues we can see that would cause FCS errors. Take a look at the OSI model for Ethernet that we have built so far… LAYERS 5/6/7
Application
LAYER 4
Transport
LAYER 3
Network
LAYER 2
MAC
LAYER 1
802.3
If the physical layer is bad, all information above will be corrupted. For an Ethernet deployment, there are several danger spots that would cause the physical layer to be bad, causing customer traffic errors – dirty fiber connections or bad media converters (electrical-to-optical or short range optical to long range optical). If a customer or a carrier element is registering bad FCS frames, a bad physical layer often causes it. 2.2.3 ETHERNET 101 – NETWORK LAYER The network layer resides within the information field of the data link layer (2.2.2). At this layer we are looking at individual computer addresses or web site addresses. Commonly used network layer protocols include IP (most common) and IPX (Novell). We will focus on IP for this section – this is the technology that almost all carriers are moving forward with to provide next generation services. Almost all potential customers are standardized on IP based networks as well.
The overall role of IP is routing of the packet from the source to the destination. It is not responsible for quality of service. It does not keep track of numbers of packets or lost packets through the network. That is the responsibility of higher layers of the OSI model. As with the MAC layer, the IP layer contains source, destination, and a FCS. Below is a picture of the IP portion of an Ethernet frame. It is more complicated than a MAC frame. For the purposes of our training, we will focus on a few of the fields below.
VERSION
IHL
TOS
IDENTIFIER TTL
TOTAL LENGTH FLAGS FRAGMENT OFFSET HEADER CHECKSUM (FCS)
PROTOCOL SOURCE ADDRESS DESTINATION ADDRESS INFORMATION (DATA) OPTIONS AND PADDING
•
•
Like the MAC frame, the IP frame includes a and a FCS/CRC check. There is a difference, however. The destination and source address are the final end point addresses, not the next addressable port. See the insert for more information about what an IP address looks like and how it relates to the Internet. The length field identifies the overall length of the information field. The overall length of the address field could range from 46 bytes to 1500 bytes. It is important to notice that the info field can have a wide range. This allows various size packets to be put into one IP frame. For example, an Internet URL request is a short connection request. The response is often a large web page. The requesting packet would be small, while the response packets would be larger to accommodate the larger amounts of data.
•
•
destination address, a source address, IP AND THE INTERNET IP addresses have four different value locations, each ranging from 0 to 255. One could look like: 212.43.52.123 The mechanism that allows a user to get from a computer to an Internet site is through the IP addressing scheme built into the internet and a the local computer. However, you don’t enter in IP address into the URL field of your browser – you enter in a web address, like Acterna’s: www.acterna.com When you enter an address in the URL field, your computer sends that URL to a DNS sever (Domain Name Server). This server converts the web address to the IP address – you just don’t see it. Acterna’s IP address on the Internet is: 157.234.223.80 In the URL field, instead of entering in www.acterna.com, enter in the IP address above – you will get to the same location.
The Information field is the next level up on the OSI model. This includes all of the upper layer information at the Transport and Application layers. Finally, the FCS finishes off the frame. The frame check sequence is a layer 3 frame check sequence. The IP FCS allows a technician to correlate layer 2 versus layer 3 FCS issues.
We can now add a layer to our OSI model for Ethernet carrier based deployments. We have the physical layer and the data link layer identified - the third layer is now IP. Here is how it looks:
LAYERS 5/6/7
Application
LAYER 4
Transport
LAYER 3
IP
LAYER 2
MAC
LAYER 1
802.3
Now that we have added the IP layer, we have another layer for events to occur at. It is obvious to see that the main goal of IP is getting packets from a beginning point (source) to the end point (destination). This is apparent from the basic IP frame format. If a user mis-addresses a packet, the packet will not arrive at the proper destination (like mis-addressing an e-mail). If the addressing scheme is flawed (e.g. DNS server is not operating properly), users will not be able to transmit their data to the destination. As discussed earlier, any errors at lower layers will corrupt the traffic above. It is critical that the physical layer and MAC layer be clean for IP to properly run. 2.2.4 ETHERNET 101 – TRANSPORT LAYER The final layer of the OSI model prior to the actual desired data is the transport layer. There are two main protocols that reside over IP and are common transport protocols in an IP network. These protocols are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
We will break this section up into two separate sections – TCP and UDP. These two protocols are very different in their roles and responsibilities and are important to distinguish. 2.2.4.1 ETHERNET 101 – TCP – C ONNECTION ORIENTED TCP has six main responsibilities. These are: 1. Basic data transfer 2. Reliability 3. Flow control 4. Multiplexing 5. Connection Management 6. Security •
THE ARPA HOST-TO-HOST MODEL When dealing with host-to-host communications, customers will often speak in the ARPA model instead of the OSI model. The chart below shows the ARPA layers vs. the OSI layers: OSI Application,
Example Protocol
ARPA
Process/ Basic data transfer and reliability - TCP, Presentation, HTTP Application being connection oriented, make sure that And Session Transport TCP/UDP Host-to-Host all data gets from the beginning to the end Network IP Internet of the network. Built into the TCP Data Link MAC Network overhead information of the TCP frame are Interface Physical Ethernet sequence numbers. These numbers keep track of all of the information sent and the order in which it arrives. If any packets do not arrive, the TCP layer knows which
packets didn’t arrive and requests those lost packets. It is this layer that allows small blips in local area networks and wide area networks to not be noticed by the user. •
•
•
Flow Control – Along with the sequence numbers discussed above, there is another portion of the header that contains a value known as a window size. As packets are sent from one end point to the other, the window size for each machine is passed. The window size gives each end the value of the buffer size of the far end. It is this way that each end knows if it is sending to much data for the far end to handle. Connection Management and Security – When two end points begin a conversation, the requesting end point requests a connection to the receiving end point. The receiving end point manages the connection and, if implemented, will attempt to confirm that the requesting end has the right to access the information. Multiplexing – We are all used to running multiple applications on our PCs at one time. Often times we are checking our e-mail and surfing one or more websites at the same time. TCP not only connects us to the other end point (web or e-mail), but it also manages which packets entering your computer are from the web or e-mail, and makes sure outbound packets are properly identified by the far end.
Now that TCP’s responsibilities have been identified, we can look at the frame and its parts. Below is a typical TCP frame: SOURCE PORT
OFFSET
RESERVED URG CHECKSUM
DESTINATION PORT SEQUENCE NUMBER ACKNOWLEDGEMENT NUMBER ACK PSH RST SYN FIN WINDOW URGENT POINTER OPTIONS AND PADDING INFORMATION (DATA)
Compared to our less featured protocols, such as MAC, the TCP frame is extremely complicated and has many different fields responsible for the various tasks described above. It is outside the scope of this training course to get into each portion of the TCP header. There are, however, a few fields that are worth discussing. •
•
•
Source / Destination Port – These are the address fields that identifies the application type Sequence/Acknowledgement Number – These are the fields that keep track of the packet sequences and which packet have and have not arrived from the far end sender. Checksum – This field, like our other checksum fields, represents the basic CRC/FCS for the frame.
2.2.4.2 ETHERNET 101 – UDP – C ONNECTIONLESS UDP is simpler protocol than TCP. UDP is designed with the following features: 1. Basic data transfer 2. Connection management Based on this reduced feature set, we can look directly at the UDP frame and get a good understanding of how it works and why it has a reduced feature set. SOURCE PORT LENGTH
DESTINATION PORT CHECKSUM
INFORMATION (DATA)
Why would we use UDP? The main use for UDP is for those applications, which do not require all the data to arrive to work. More importantly, UDP is for those applications, which cannot use the information unless it arrives in the sequence in which it was sent: VoIP, streaming video, etc. When a user logs into a streaming website, www.cnn.com for example, to watch the latest news report. CNN has many viewers with different computers, connection speeds, and link qualities. CNN can’t stop transmitting video and retransmit some packets that one user did not get. CNN doesn’t want to know anything about what their users are getting real time. UDP allows users to connect to CNN without all of the management and security that would cause the video service to fail. 2.2.4.3 ETHERNET 101 – TRANSPORT SUMMARY With the solid understanding of the transport layer, the OSI model can be re-examined as a complete set of building blocks:
LAYERS 5/6/7
Application
LAYER 4
TCP/UDP
LAYER 3
IP
LAYER 2
MAC
LAYER 1
802.3
2.2.5
ETHERNET 101 – CONNECTIONLESS?
Although Ethernet operates at specific speeds (10Mb/s, 100Mb/s, or gigabit), it is considered a “best effort” technology. There is no guarantee that any of the traffic will get from one side to the other. Traditional WAN technologies are not “best effort”. A T1, for example, runs at 1.544Mb/s at all times. Any traffic put onto the link will get to the far end. Ethernet does not offer similar guarantees. How does anything reliably run over Ethernet? The answer is TCP and UPD. It is at these layers that sequence numbers along with other portions of the overhead check, confirm, and resend any data within an application.
2.3 Common Terms and Definitio ns There are a lot of terms that get applied to all of the technology that has been taught to this point. This section will explain many of these terms within the context of an Ethernet deployment. Along with our common terms and definitions, we will go over some common customer complaints and what they mean. 2.3.1 DEFINITIONS AND TERMS Utilization – The utilization on a link is determined by comparing the packet rate to the overall bandwidth of a link. For example, a 100meg Ethernet link (100BASE-X) has an available bandwidth of 100Mb/s. If your packet rate is 40Mb/s, then the overall utilization is 40%. Utilization for data can fluctuate widely throughout the day on an operational network. Depending on who is doing what at any given moment, the utilization could jump from 0% to 100% and back to zero within a few moments. •
•
•
DENIAL OF SERVICE ATTACKS (DOS) Over the last year we have heard reports of the Whitehouse website and Yahoo! being taken down by denial of service attacks. When a user connects to a website, the first TCP packet they send has the SYN bit set to one (high). This tells the website to set aside bandwidth and a connection spot. From there on, all of the users packets have the SYN bit low because the user has been granted access. A denial of service attack occurs when a hacker gets multiple computers to keep sending requests to connect, but never actually follow up with the connection. The web site is flooded with connection requests, runs out of room, and can’t accept any legitimate requests from legitimate users. So, a denial of service attack is caused by thousands of TCP frames with the SYN bit set to one with no follow up information.
Throughput – Throughput is a measurement not unlike utilization. Throughput, however, measures the number of packets sent versus the number of packets received. It is very much a quality of service metric. If 100 packets are sent, and 90 of them arrive at the far end, the throughput of the system is 90%. Round Trip Delay / Latency – Round trip delay and latency are time measurements for a network. Round trip delay specifically addresses the time it
takes for a packet to go from one point on the network to another point and back again. Latency is the time from one point to another. Latency can be measured for a single element (router) or for an entire network path. •
•
•
•
•
•
VLAN – VLAN stands for Virtual Local Area Network. A VLAN is a way to separate traffic on a LAN into different sub groups. It is a lot like dividing up traffic onto major highways (VLANs) in order to get them closer to their destination. The destination is still the same (IP), but it is a little easier to manage the traffic from a network standpoint. An existing WAN technology would be DLCIs (frame relay) or VCCs (ATM). VLAN tagging actually adds a sub layer to the OSI model. With VLAN tagging, the model looks like this: LAYERS 4
TCP/UDP
LAYER 3
IP
LAYER 2.5
VLAN
LAYER 2
MAC
LAYER 1
802.3
Frame Counts – Frame counts are just packet counts. Each packet, as it is received, is counted. It is also labeled as a good packets (good FCS) or a bad packet (FCS error). Occasionally, packets are also counted by their size (see section 2.2.3 for size ranges). Payload – The payload of a packet is often viewed as layer 4 and up – effectively the application. Payload can also be the line between the carrier service and the customer data. For frame relay, the line is between layer 2 and 3. For a point-topoint data T1, the payload line is between layers 1 and layer 2. Frame Size – Frame size is measured from the beginning of the Ethernet packet to the end of the packet. Frame sizes range from 64 bytes to 1518 bytes. If VLAN tagging is added (layer 2.5), the maximum frame size increases to 1522 bytes. PDU – PDU stands for Protocol Data Unit. A PDU is typically layer 3 and above. CPE – CPE stands for Customer Premise Equipment. It usually refers to the customer equipment or the overall customer site. There are several CPE terms that you need to be familiar with in order to understand the customer. o
Retransmissions – Retransmissions occur when the far end does not receive all of the data it was sent. From section 2.2.4, we learned that TCP sequences packets so that lost packets would be identified and retransmitted. The customer’s router can often count these
retransmissions and express them as an error condition. It is important to remember that errors in the lower layers can corrupt the higher layers, so retransmissions can be a sign of a physical layer, data link layer, or even the network layer. o
o
•
Ping – Another common CPE term is a “ping”. A ping is a packet that is sent from a source address to a destination address and back again. This allows a user to determine if the network will allow traffic to go from one point to another. If a customer can’t “ping” the far end device, he can’t send traffic there. Trace Route – A trace route is a means for a user to trace all IP addressable devices in the network from one point to another. This allows the user to see all the points along the way of a packet’s journey. An analogy would be when FedEX scans a package as it goes through each one of its distribution centers. The user can see each point the package touched on its journey.
Ethernet Errors – There are several types of Ethernet errors that you need to be aware of in order to turn-up and troubleshoot an Ethernet service: o Runts/Undersize – These errors are generically defined as any packet less then the minimum 64 byte length and does not have a CRC/FCS value. o
o
o
o
Jabbers/Oversize – A jabber is the opposite of a runt. These are overly long packets (> 1518 bytes). Broken NIC cards/ports often cause jabbers Bad FCS – Bad FCS frames are those frames with an incorrect CRC/FCS value. These are counted when one or more of the bits in a packet have been switched (e.g. 1 to a 0). Collisions – On a half-duplex Ethernet link, each computer has to share the bandwidth with the rest of the computers. If two or more computers on the network broadcast at the same time, the packets “collide” and are unreadable. This event is known as a collision. On full-duplex links, this is a non-event because there are separate transmit and receive paths. Symbol Errors – Symbol errors represent a line coding issues at the physical layer.
Secti on 3 – Gigabit / 10BASE-X / 100BASE-X Deployment Most carriers are offering two versions of the Ethernet services to date. One of the services is based on the “transparent LAN” model. The other is based on the “addressable LAN” model.
3.1 – Deploym ent Optio ns The two deployment options, transparent and addressable, are based on the OSI layer that is required for the traffic to transverse the network.
3.1.1 – TRANSPARENT LAN (OSI LAYER 1 SERVICE) By “transparent” we mean that the LAN sites on either end of the service are tied together by a pipe, and have no idea if the Ethernet traffic is traveling 5 feet or 50 miles. Transparent service requires only that the first layer of the OSI model (physical) is properly formatted in order to pass traffic. If the electrical or optical characteristics of the signal are correct, the service will pass the data. This service is ONLY point-to-point.
Typically, this type of service is offered via a DWDM ( Dense Wave Division Multiplexing) system. Instead of a SONET card being the customer interface, the card is Ethernet (typically gigabit). Whatever the card receives is transmitted over the long haul and delivered to the far end, converted back to the appropriate wavelength for the Ethernet service. Another way for transparent LANs to work is through media converters. A media convert takes a signal – electrical or optical – and converts it into a long haul optical signal. This allows 10BASE-X or 100BASE-X to travel miles. Gigabit Ethernet, although already optical, can benefit from media converters. Normally gigabit Ethernet is available at 850nm or 1310nm – both considered short haul wavelengths. A media converter can receive the 850nm or 1310nm and convert it to 1550nm. A final option for transparent services is using a standard ADM ( Add/ Drop Multiplexer). Like the DWDM based option, the Ethernet signal is placed directly into the transport system. Unlike the DWDM option, the signal is limited by the SONET signal structure. If the SONET pipe available to the Ethernet is only an STS-12 (622Mb/s), the Ethernet is limited to an OC-12 worth of bandwidth. For 10BASE-X or 100BASE-X, this is more than enough. For gigabit Ethernet (1.25Gb/s), however, an STS-12 circuit only offers about 60% of the room required. The customer only has access to 60% of the total possible bandwidth. To overcome this, some providers are offering gigabit Ethernet encapsulated into an STS-24c or STS-48c. 3.1.2 ADDRESSABLE LAN (OSI LAYER 2 SERVICE) This type of offering has more flexibility but it is slightly more complicated to turn-up and troubleshoot. In order for this service to operate, the customer must provide some type of addressing. In OSI terms, this requires the customer to correctly address at layer 2, layer 2.5, or layer 3. By using addressing schemes, the carrier can sell the service as a point-to-multipoint service instead of just a point-to-point.
A layer 2 service (MAC layer) is the most common available today. This type of service is typically offered using an OSR ( Optical Switched Router). An OSR looks at the Ethernet packets and routes them based on their destination MAC address. An incorrect destination MAC address causes the OSR to ignore the packet. The core network for a MAC based service can be a traditional core, such as ATM. A layer 2.5 service (VLAN layer) is available with some carriers today and on the horizon for most. VLAN tagging allows the user to easily set up a point-to-multipoint network using a very simple addressing scheme. Also, the tags are very easy for the carrier to read and allow for quick and efficient routing. The core network for this
service can be traditional ATM, but requires the OSR to map different VLAN tags to the appropriate ATM circuit. A layer 3 service (IP layer) is not widely deployed today. In order for a full IP addressable service to be offered, a large IP network would need to be set up in the core, typically a POS ( Packet Over SONET) network. Without an IP core, IP addressable LANs will not come to fruition. Another layer 3 type of service is generically called managed Ethernet. When the word managed is added, the carrier owns that portion of the service. An example of a managed Ethernet service would be a VPN. Many enterprise networks currently utilize VPNs, but the VPN server is owned and operated by the enterprise customer.
3.2 Network Archi tecture For carriers, these are the different types of equipment and architecture that will be used to deploy Ethernet. Currently, both point-to-point services as well as point-to-multipoint services are available. 3.2.1 MEDIA CONVERTER DEPLOYMENT This deployment is based on a transparent service using media converters. Effectively, the carrier takes a signal and converts it to a different type of signal, without corrupted any data.
For the most part, 10BASE-X and 100BASE-X circuit are converted to an optical signal for long haul transport. Gigabit Ethernet is often converted from 850nm or 1310nm to a 1550nm signal. This signal may remain as native Ethernet over fiber from end-to-end, or it may be encapsulated in a traditional WAN service, such as SONET or ATM, while traversing the cloud. This transformation is totally transparent to the customer. 3.2.2 ROUTER /OSR POINT-TO-MULTI-POINT A router or OSR ( Optical Switched Router) type deployment offers carriers more flexibility and growth than a DWDM point-to-point Ethernet deployment. The service uses addressing schemes either at layer 2, layer 2.5, or layer 3.
Because the service requires addressing to route the packets, any turn-up of the service will require addressing on the test set. If either the technician or the customer misaddresses packets, the pipe will not pass any of the traffic, making the circuit look down at the physical layer. The problem, however, is at higher levels.
Sectio n 4 – Turn-up and trou blesho otin g of Ethernet networ ks For the purposes of this section, we will discuss turn-up and troubleshooting of a basic Ethernet service. The screen shots shown throughout this document will be using an Acterna FST-2802 Ethernet services test tool. Other Acterna products, such as the DA3400 and the DominoFE and DomnioGIG offer similar feature sets and could be used in place of the FST-2802.
4.1 Overview of turn -up and troubl eshootin g As with any service, turn-up and troubleshooting of Ethernet networks is critical to confirm that the service works prior to the hand-off. To confirm Ethernet services the technician will generate traffic and measure that traffic for various different parameters. This section covers those types of traffic that will need to be generated as well as the measurements to be made on that traffic.
4.2 Turn-up testing 4.2.1 TRAFFIC GENERATION An Ethernet service is a pipe offered to the customer to transport traffic from one point to another point. In order to confirm that the pipe is clean and will transport the customer’s traffic, the technician must generate traffic and confirm that all of the traffic traverses the network without being corrupted.
When setting up a test set to generate traffic, there are three main parameters that must be specified: utilization, frame size, and traffic profile. Utilization – This is the most critical setting. Depending on the service, the Ethernet pipe may pass 1.25Gb/s or HOW LONG TO GENERATE TRAFFIC ? less. The carrier and type of network will determine the The time required to fully test a circuit varies maximum throughput. Therefore with the speed of the circuit. Lower speeds circuits, such as a T1, have test length generating traffic at the maximum requirements of 15 to 45 minutes (ANSI line rate and confirming that the T1.510). Higher speed circuits require even traffic is not corrupted is critical longer test times. Frame Size – Different frame sizes A circuit tested for a short time period (30 can affect elements. Smaller frames seconds to just a few minutes) is not truly cause elements to work harder than proven to be error free. To have any sense that larger frames. The reason is that a circuit is going to be reliable, a test should be small frames have a smaller payload run for at least 15 full minutes error free. and less time for the element to process a frame before the next frame arrives. At high utilizations, the element may drop or corrupt some frames. Payload – The payload is the PDU portion of the frame. For the most part, this portion is irrelevant to the Ethernet service. From a customer standpoint, this is the most critical portion of the service. Because of this, the ability to edit the payload may be a requirement for some turn-ups. •
•
•
4.2.1.1 TRAFFIC RATE – CONSTANT BANDWIDTH When setting utilization, there are several different units of measure. The two main units of measure are actual bit rate (megabits per second) or percent of the total available bandwidth. Stating bandwidth in terms of percent of the total available bandwidth is the most common way. When turning up a circuit, generating traffic at the maximum rate is the only way to confirm that the circuit can pass the customer data at the guaranteed rate and without errors. Depending on how the carrier is offering the Ethernet service, the maximum bandwidth available to the end user may vary.
The maximum bandwidth test should run error free and offer the customer proof that the circuit will pass traffic appropriately. 4.2.1.2 TRAFFIC RATE – RAMP Another option for generating traffic is to step up the traffic rate over time. Setting a constant bandwidth, waiting for a short time, and then restarting the test at a higher bandwidth can accomplish this. The easier way to accomplish this is to have the test set do it for you. By stepping up the traffic at specific intervals, the service can be proven to be error free at all rates, not just at the maximum bandwidth being offered. If there are errors on the link, the step function will identify the rate at which the errors are being caused. When setting up a ramp test, there are a couple of extra parameters over the constant rate test. To begin generating any traffic, the user must enter the step rate (2%, 5%, 10%, etc). Now that you know the step size, the user needs to set the time at each step (20 seconds, 1 minute, 5 minutes, etc). The ramp test, like the constant rate test, confirms that the service works and will pass all of the customer’s traffic without errors. 4.2.1.3 TRAFFIC RATE – BURSTY Bursty traffic is a way to simulate real customer data, similar to the QRSS test pattern for a standard T1 BER ( Bit Error Rate) test. When the test set is set to bursty, the test set varies the traffic in two important ways. Firstly, the traffic utilization is adjusted around a particular rate. If the user sets the average at 50%, the utilization will fluctuate around the 50%, much like customer traffic will. The frame size (section 2.3.1) is also varied by the test set. Customer traffic has a wide variety of frame sizes due to different applications and their different requirements. By generating the different frames real time, the test set is able to emulate customer data more easily. 4.2.2 RESULTS After setting up and generating traffic, the results of the test need to be analyzed to confirm that the service will or will not work per the standard.
4.2.2.1 INTERPRETING ERRORS When generating traffic, any received errors are an indication of a problem. Errors include runts, jabbers, and bad FCS frames. Either the customer network or the carrier network will drop any errored of these frames A screen shot of the FST-2802 test pad offers visibility into the types of errors that are tracked. Any errors will be displayed
for the user to see. Errors will be displayed in two different categories – Error Stats and Summary. The summary view scans all results and picks out anything out of specification that is seen by the test unit. One important error result seen in the summary portion of the picture is the lost frames result. The FST-2802, as one of its packet generation options, can generate an Acterna test packet. This packet has a sequence number (similar to the TCP sequence number) and a time stamp. This allows the FST-2802 to do real time QoS/SLA analysis including lost packet rate and round trip delay. 4.2.2.2 INTERPRETING LINK STATISTICS Whether the link has errors or is operating nominally, there are several link statistics that the technician can use to confirm that the traffic he is sending is getting properly received by the test set. The screen shot to the left shows the link statistics that the FST-2802 collects. All of the statistics captured in the screen gives the user a complete view of how the circuit is behaving. The first six results are the ones that will be mainly used. The first three show utilization as a percent of total bandwidth, while the second three show utilization as a frame rate. Toward the bottom of the window, notice the PAUSE Frames result. The pause control frames are those frames that tell elements to slow down or speed up their transmission rate (section 2.2.2).
4.2.3 FST-2802 DETAIL INFORMATION For more information on the FST-2802, please see the FST-2802 training manual. This manual will give a full understanding of all of the features and set up choices for the FST-2802 4.2.4 SUMMARY Proving a service is operational prior to customer traffic being placed on the circuit is critical for two reasons: 1. It is EXTREMELY difficult to take down a reported marginal circuit. It is common for customers, even though the service is marginal, not to let the service be taken down for an out of service troubleshooting test. For a more traditional customer offering, like T1, there are access points for analysis that do not take the customer down. For Ethernet services, especially gigabit, there are no test points. Fiber, by design does not offer a simple way to see the information on the pipe in a monitor mode. In order monitor a live circuit an optical splitter must be inserted. 2. Larger customers often have protocol analysis tools, which most technicians do not have. The customer will have a similar issue when trying to monitor the WAN traffic.
The customer, however, owns the local Ethernet switch. The switch has the ability to “mirror” any port to another, without taking down the network. It is common, therefore, for enterprise customers to use their Ethernet switches as test points. Since the customer owns the Ethernet switches, the provider does not often have the ability to test from that point. QOS/SLA? QoS: Quality of Service SLA: Service Level Agreement Many applications that run on a customer network are not tolerant of long delays through the network. The cause of this delay through the network could be a LAN (customer) or a WAN (carrier) problem. Prior to handing off a circuit, some customers will require that the latency and packet loss / error rate be the same or better than the latency and error rate stated in the contract. The only way to prove to the customer that his circuit meets the specified requirements is to generate known traffic and measure the latency and error rate received. Performing a test like this is often called a QoS test.
By properly turning up Ethernet services, a carrier can reduce return trips to the customer site and feel confident that their service is reliable.
