ccnahub.com http://www.ccnahub.

com/ip-fundamentals/understading-data-link-layer-encapsulation/
Understanding Data Link Layer Encapsulation
Understanding Data Link Layer Encapsulation Article covers the following CCNA/ICND1 Exam Topics:
Under Operation of IP Data Networks:
1. Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges, and Hubs.
2. Select the components required to meet a given network specification.
3. Predict the data flow between two hosts across a network.
Recommended Study Plan:
1. Download the ICND1v2 Exam Topics Sheet from Cisco Website.
2. Follow the Steps and the Articles under IP Networks Fundamentals by order.
3. Or start with WAN Technologies Article.
Average Time Required Studying this Article: 1 Hour
Details of Leased lines using protocol HDLC or PPP
A leased line provides a layer 1 service to deliver bits between the devices connected to the leased line. However, the
leased line itself does not define a data link layer protocol to control the data flow used on the leased line.
Today the two most common data link layer protocols to control the data flow for leased line between two routers are:
High-Level Data Link Control (HDLC)
Point-to-Point Protocol (PPP)
HDLC
All data link protocols perform a similar role: to control the correct delivery of data over a physical link of a particular
type. E.g. the Ethernet data link protocol uses a destination address field to identify the correct device that should
receive the data (a MAC address is used), and FCS field that allows the receiving device to determine whether the
data arrived correctly. HDLC provides similar functions.
When a router sends a HDLC frame, it can only go one place: to the other end of the link. If thats the case, why
HDLC still use destination address if there is only one end on the link? HDLC layer 2 field addresses used long time
ago, when the Telco offered multi-drop circuits. These circuits include more than two devices, so there was more than
one possible destination requiring an address field to identify the correct destination. Very Similar to MAC addresses
used in the destination field by Ethernet Control Protocol.
HDLC frame with its Header and Trailer
HDLC has other fields and functions similar to Ethernet. The following table shows the similarities between HDLC and
Ethernet fields.
Originally, HDLC was meant to OSI Networking Model; therefore, it had no Type Filed to carry the TCP/IP Model Type
(IPv4 or IPv6). Routers need to know the type of packet inside the frame, the TCP/IP packets type are either IPv4 or
IPv6. So, cisco routers use a cisco proprietary variation of HDLC that adds a Type filed.
Analyzing Data-Link Layer Logic used by HDLC or PPP Protocols
Routers use HDLC just like any other data link protocol used by routers: to forward HDLC or PPP Frames that carry
IP Packets to the next router, or we can say to forward frames to the next-hop. The following steps will show a general
concept of routers de-encapsulating and re-encapsulating of IP packets that were replied back from the Corporate
Servers Ethernet LAN, through the routers using Leased Line (T1), and back to the Branch Office PCs. So whats
happening at the Data-Link Layer during this communication?
Step 1: Data Link Layer at the Servers TCP/IP Stack encapsulated the IP packet and the Data provided from the
Network Layer in an Ethernet Header and Trailer with a destination MAC address of the Main-Office Router and
transmitted the frame to next-hop using Layer 1 electrical encoding.
Step 2: Main-Office Router received the Ethernet Frame through its LAN interface; applied FCS, de-encapsulated the
IP Packet from the Ethernet frame; discarded the Ethernet Header and Trailer (a). Compared the destination IP
address to its routing table and decided to route the IP packet through its serial interface to Branch-Office router (b).
Encapsulated the IP packet into a NEW HDLC frame using HDLC Header and Trailer, and transmitted the HDLC
frame to Branch-Office Router using layer 1 electrical encoding (c).
Step 3: Branch-Office router received the HDLC Frame through its serial interface; applied FCS, de-encapsulated the
IP packet from the HDLC frame; discarded the HDLC Header and Trailer (a). Compared the destination IP address to
its routing table and decided to route the IP packet through its LAN interface (b). Layer 2 at this point, encapsulated
the IP packet into NEW Ethernet Frame that has destination MAC address of the intended PC that originally
requested information from the Branch-Office, and transmitted the frame heading to winXP TCP/IP stack for further
processing (c).
Note: Routers use IP Routing when the network in question is not connected physically (directly) to its interface. In
addition, with IPv4 and as long as the Ethernet Network in question is physically connected to the Routers LAN
Interface it uses MAC addresses with the help of Address Resolution Protocol (ARP) to forward or transmit the
Ethernet Frame through its LAN interface to any TCP/IP Network device inside the LAN.
Bottom line, leased line with HDLC or PPP protocol creates a WAN link between two routers so they can route IP
Packets back and forth, servicing the devices on each one LAN. The leased line itself provides the physical means to
convert frames to bits and transmit the bits through Layer 1 using electrical encoding in both directions. The HDLC or
PPP frames provide the means to encapsulate the Network Layers IP Packet correctly that suits the medium used
so that it crosses the link between routers.
The IP Packet is the delegate Crystal Vase, and Data-Link Protocols exist to move it from hop to hop without
changing its properties. Therefore, Ethernet, HDLC, PPP, Frame Relay, ATM, and much more, are all Data-Link
Protocols to forward and handle the most important part of the TCP/IP communication IP Packets from hop to hop.
Leased lines have many benefits that have led to their relatively long life in the WAN marketplace. These lines are
convenience for the customer, widely available, with high quality, and give the customer private line between 2
routers, but if the Line is physically leased and not virtually leased (Frame-Relay). However, they do have some
negatives as well compared to newer WAN technologies, including a higher cost and typically lead times to get the
service installed.
Note: that similar rate quality can be achieved through an Ethernet Fiber WAN connection ( EoMPLS), and the privacy
can be achieved through IPSec VPN, L2TP, or SSL VPN between 2 locations, which again much cheaper of using a
dedicated physical Leased line.
Leased Line using Point-to-Point Protocol (PPP)
PPP defined in the 1990s, was designed with Routers, TCP/IP, and other Network Layer Protocols requirements in
mind, plus many more advanced features. The following is a Concept of PPP several functions that are useful on a
leased line to connect two Routers successfully.
PPP list of functions:
Definition of a Header and Trailer: that allows delivery of a Data frame over the Link. (Similar to other Data-Link
Protocols such Ethernet Header and Trailer)
Support for both Synchronous and Asynchronous link rates. (Symmetric or Asymmetric rates good to for both:
Home and Business users).
A protocol Type field in the header: allowing multiple Layer 3 protocols to pass over the same link such IPv4 and
IPv6.
Built-in Authentication tools: Password Authentication Protocol (PAP) and Challenge Handshake Authentication
Protocol (CHAP)
Control protocols for each higher-layer protocol that rides over PPP: allowing easier integration and support of
those protocols.
PPP Frame
PPP defines a Protocol Type field. The protocol type field identifies the type of packet inside the frame, either IPv4 or
IPv6. The following shows a PPP frame.
PPP Control Protocols for both Layer 2 and Layer 3 communications
Link Control Protocol (LCP) as Layer 2 Control Protocol: This one protocol has several different individual
functions; each focused on the Data-Link Layer 2 itself, ignoring the layer 3 protocols sent across the link such IPv4
or IPv6.
LCP: The PPP LCP implements the control functions that work the same regardless of the Layer 3 protocols used.
The following table, summarizes the functions of LCP (Layer 2 control protocol), LCP feature names, and describe
the features briefly.
Please Note: PPP defines a set of layer 2 control protocols that perform various link control functions. The idea of
these extra protocols works a little like how Ethernet includes additional protocols like STP. Ethernet Has Headers
and Trailers to deliver frames, plus it defines overhead protocols like STP to help make the frame forwarding process
work better by preventing frame looping through STP. Likewise, PPP defines the frame format as shown in upper
PPP header figure, plus it defines other protocols (similar to Ethernet) to help manage and control the serial link.
Network Control Protocols (NCP) as Layer 3 Control protocol: Has to deal with 2 IP Protocols: IPv4 and IPv6.
So because at Layer 3 there are 2 IP Network Protocols used to route packets: IPv4 and IPv6, therefore, there will be
a special NCP for each one of them.
The PPP NCPs: associated only to deal with Layer 3. The Following Network Control Protocols used to Control Layer
3 Network Protocols when PPP is being used through the leased line connection:
IPCP: controls IPv4
IPv6CP: Controls IPv6
CDPCP: Controls Cisco Discovery Protocol (CDP)
PPP Authentication
WAN authentication is most often needed when dial lines are used. However, the configuration of the authentication
features remains the same whether a leased line or dial line is used.
PPP defines two authentication protocols: PAP and CHAP. Both protocols require the exchange of messages
between devices, but with different details. PAP uses Clear Text password which is unacceptable. CHAP instead
uses a one-way hash algorithm, called message digest 5 (MD5), with input to the algorithm being a password that
never crosses the link plus a shared random number. CHAP process also uses a hash value only one time so an
attacker cannot just make a copy of the hashed value and use it at later time. To make that work, the CHAP at R1
creates a challenge and send the first CHAP message plus a random number added to challenge value. R2 receives
the challenged message plus the random number, adds it, runs the hash algorithm using the just-learned number
from R1 against the locally stored password, and sends the hash results back to R1 that originally sent the challenge
(Hash Value plus Random Number).
R1 runs the same hash algorithm again using the same random number against the password stored locally; if the
R2s result match, the passwords must match. And therefore, R1 and R2 allow access to each other. Later, the next
time the authentication process occurs, the authenticating router generates and uses a different random number.
Note: the CHAP challenge must be set on both routers in order to work and the password never exchanged, rather,
the hash value of the password plus a random number for initial connection.
Finally, why Data-Link Layer has to deal with different type of Layer 2 protocols to Forward Frames?
Data-link layer defines set of functions based on variety of Layer 2 protocols that a connection can use based on the
type of cable used. Since we use different types of cables across the internet, each cable carries different properties
and encode differently than the other. Therefore, from the point of data link framing perspective, it would be
impossible to Frame IP packets using a Universal Data-Link Protocol that works with all types of cables.
Please Note: the Network Layer in the other end, encapsulates Segments into IP Packets using a Universal and
Logical Protocol called IP Protocol and since its virtual, logical, and not Physically Burned-in Addresses, it can be
used across all the type of networks regardless what type of cabling being used, therefore, we have ONLY 2 ways of
encapsulation at the Network Layer, either IPv4 or IPv6 that can be used across the Internet regardless of the what
type of cable at the Data Link layer is being used. But at Data Link Layer, there is no logical Addressing, rather,
Burned-in Addresses such Ethernet MAC Addresses because Ethernet UTP Cables are being used, or PPP, HDLC,
or Frame Relay Hardware Addressing because PPP, HDLC, or Frame Relay cables are being used.
And since Data-Link Layer deals straight with the physical layer that might be different technology on each Hop, Data-
Link Layer must use different types of protocols (Or be able to speak each cable language) for reframing IP packets
across different types of cables while the IP packets still in the routing process. Examples:
Ethernet Protocol will be called for framing when UTP cables or Ethernet standards are used.
PPP or HDLC Protocol will be called for framing when serial leased line cabling through Telco PSTN is used.
Frame Relay Protocol will be called for framing when the connection uses Frame Relay switching for WAN or internet
connection.
Remember, each cable technology on the way of routing IP Packets speaks different language of how to
handle the frames that carry logical IP packets, therefore, Data-Link Layer must determine which language or
Data-Link Protocol must be used for reframing the Logical IP Packet based on media used to deliver the IP
packet to its final destination.
Next: Understanding EoMPLS WAN Technology
Go to top
About Imad Daou
He is the founder of CCNA HUB, a CCNA Training HUB to help CCNA students get certified. Imad has more than 10
years of IT experience as Field Service and Consulting Engineer. A+, Network+, Server+, Security+, Storage+, HP,
Dell, and IBM Hardware Certified. He's a Professional SMB IT Consultant.
Facebook Twitter Linkedin Google
Copyright secured by Digiprove 2013 Imad DaouSome Rights Reserved
Original content here is published under these license terms: X
License
Type:
Attribution, Share Alike
License
Summary:
You may copy this content, create derivative work from it, and re-publish it, provided you include an
overt attribution to the author(s) and the re-publication must itself be under the terms of this license or
similar.
License
URL:
http://creativecommons.org/licenses/by-sa/3.0/