View Single Post
  #4   (View Single Post)  
Old 27th August 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
Join Date: May 2008
Location: USA
Posts: 6,473
Default Chapter 3: Layer 2: Data link layer - Ethernets and Alphabets

WANs use a variety of protocols to manage traffic between links, depending on the requirements of the physical layer and its topology, and as this is between your service provider and the gateway device will not be addressed in this introduction.

LANs, too, may use different protocols. With only a few exceptions, LANs use a link layer protocol called Ethernet. Wired Ethernet is IEEE standard 802.3, and wireless Ethernet is "WiFi", IEEE standard 802.11.

Key things to know about Ethernet:
  • Every NIC is manufactured with a unique serial number - a six byte value. This is known as the Media Access Control (MAC) address and it is used by the devices on the LAN to communicate directly with each another. This field is known by other names as well, such as Ethernet Hardware Address (EHA) or sometimes "physical address".
  • Data moves between NICs in Ethernet frames. Frames are blocks of data that use the MAC addresses of the sender and recipient. The recipient may be a single device, or, the recipient may be every device on the LAN -- the message may be a broadcast.
  • IP addresses are not used in Ethernet frame addressing... only MAC addresses are used. IP addresses are part of the IP protocol; mapping between MAC addresses and IP addresses is discussed briefly in Chapter 6.
  • Ethernet permits frames to be seen by NICs that are not the intended recipients. This occurs naturally with topologies that broadcast all frames, such as WiFi, wired hubs, or coaxial cable LANs.
In normal operation, NICs will ignore traffic destined for other MAC addresses than their own address. However, they can listen in. Your BSD's tcpdump(8) program will do this. Large Ethernet switch devices include monitoring ports so that support staff may listen in to any traffic. Monitoring traffic on a LAN is easy. The implication should be clear: Wired Ethernet traffic is not necessarily private. Any packet that can reach a NIC is permitted to be observed. And encrypted WiFi bridged to a Wired LAN is only encrypted over radio, not over the wired portion of the LAN.


A device on an Ethernet LAN may send a message to another device on the LAN, or to all devices. But the frames go no further. This layer of networking is limited to a single LAN.

Last edited by jggimi; 31st August 2012 at 03:56 PM.
Reply With Quote