Data Link Layer Encapsulation Across Network Devices

ccnahub.com/ip-fundamentals/understanding-data-link-layer-encapsulation/

Understanding Data Link Layer Encapsulation Article covers the following CCNA/ICND1 Exam Topics:
Under Operation of IP Data Networks:
1. Recognize the purpose and functions of various network devices such as Routers, Switches, Bridges, and
Hubs.
2. Select the components required to meet a given network specification.
3. Predict the data flow between two hosts across a network.
Recommended Study Plan:
1. Download the ICND1v2 Exam Topics Sheet from Cisco Website.
2. Follow the Steps and the Articles under IP Networking Fundamentals by order.
3. Or start with Understanding WAN Technologies Article.
Average Time Required Studying this Article: 1 Hour
Table of Contents [show]
1 Data Link Layer
2 Leased Lines Data Link Layer Protocols
3 Analyzing Data-Link Layer Logic used by HDLC or PPP Protocols
4 Leased Line using Point-to-Point Protocol (PPP)
5 PPP Control Protocols for both Layer 2 and Layer 3 communications
6 PPP Authentication

Data Link Layer

Data-link layer defines set of functions based on variety of Layer 2 protocols that a connection can use based on
the type of cable used. Since we use different types of cables across the internet, each cable carries different
properties and encode differently than the other. Therefore, from the point of data link framing perspective, it
would be impossible to Frame IP packets using a Universal Data-Link Protocol that works with all types of
cables.
Please Note: the Network Layer in the other end, encapsulates Segments into IP Packets using a Universal
and Logical Protocol called IP Protocol and since its virtual, logical, and not Physically Burned-in Addresses, it
can be used across all the type of networks regardless what type of cabling being used, therefore, we have
ONLY 2 ways of encapsulation at the Network Layer, either IPv4 or IPv6 that can be used across the Internet

1/6

regardless of the what type of cable at the Data Link layer is being used. But at the Data Link Layer, there is no
logical Addressing, rather, Burned-in Addresses such Ethernet MAC Addresses, PPP, HDLC, or Frame Relay
Hardware Addressing.
And since Data-Link Layer deals straight with the physical layer that might be different technology on each Hop,
Data-Link Layer must use different types of protocols (Or be able to speak each cable language) to reframe IP
packets across different types of cables while the IP packets are being routed from device to device.
Examples:
1. Ethernet Protocol will be called for framing if the Network device uses UTP copper RJ45 cables.
2. PPP or HDLC Protocol will be called for framing when serial leased line cabling through Telco PSTN is used.
3. Frame Relay Protocol will be called for framing when the connection uses Frame Relay switching for WAN or
internet connection.

Leased Lines Data Link Layer Protocols

A leased line provides a layer 1 service to deliver bits between the devices connected to the leased line.
However, the leased line itself does not define a data link layer protocol to control the data flow used on the
leased line.
Today the two most common data link layer protocols to control the data flow for leased line between two routers
are:
High-Level Data Link Control (HDLC)
Point-to-Point Protocol (PPP)
HDLC
All data link protocols perform a similar role: to control the correct delivery of data over a physical link of a
particular type. E.g. the Ethernet data link protocol uses a destination address field to identify the correct device
that should receive the data (a MAC address is used), and FCS field that allows the receiving device to
determine whether the data arrived correctly. HDLC provides similar functions.
When a router sends a HDLC frame, it can only go one place: to the other end of the link. If thats the case, why
HDLC still use destination address if there is only one end on the link? HDLC layer 2 field addresses used long
time ago, when the Telco offered multi-drop circuits. These circuits include more than two devices, so there was
more than one possible destination requiring an address field to identify the correct destination. Very Similar to
MAC addresses used in the destination field by Ethernet Control Protocol.
HDLC frame with its Header and Trailer
HDLC has other fields and functions similar to Ethernet. The following table shows the similarities between
HDLC and Ethernet fields.

2/6

Originally, HDLC was meant to OSI Networking Model; therefore, it had no Type Filed to carry the TCP/IP Model
Type (IPv4 or IPv6). Routers need to know the type of packet inside the frame, the TCP/IP packets type are
either IPv4 or IPv6. So, cisco routers use a cisco proprietary variation of HDLC that adds a Type filed.

Analyzing Data-Link Layer Logic used by HDLC or PPP Protocols

Routers use HDLC just like any other data link protocol used by routers: to forward HDLC or PPP Frames that
carry IP Packets to the next router, or we can say to forward frames to the next-hop. The following steps will
show a general concept of routers de-encapsulating and re-encapsulating of IP packets that were replied back
from the Corporate Servers Ethernet LAN, through the routers using Leased Line (T1), and back to the Branch
Office PCs. So whats happening at the Data-Link Layer during this communication?

Step 1: Data Link Layer at the Servers TCP/IP Stack encapsulated the IP packet and the Data provided from the
Network Layer in an Ethernet Header and Trailer with a destination MAC address of the Main-Office Router and
transmitted the frame to next-hop using Layer 1 electrical encoding.

3/6

Step 2: Main-Office Router received the Ethernet Frame through its LAN interface; applied FCS, deencapsulated the IP Packet from the Ethernet frame; discarded the Ethernet Header and Trailer (a). Compared
the destination IP address to its routing table and decided to route the IP packet through its serial interface to
Branch-Office router (b). Encapsulated the IP packet into a NEW HDLC frame using HDLC Header and Trailer,
and transmitted the HDLC frame to Branch-Office Router using layer 1 electrical encoding (c).
Step 3: Branch-Office router received the HDLC Frame through its serial interface; applied FCS, deencapsulated the IP packet from the HDLC frame; discarded the HDLC Header and Trailer (a). Compared the
destination IP address to its routing table and decided to route the IP packet through its LAN interface (b). Layer
2 at this point, encapsulated the IP packet into NEW Ethernet Frame that has destination MAC address of the
intended PC that originally requested information from the Branch-Office, and transmitted the frame heading to
winXP TCP/IP stack for further processing (c).
Note: Routers use IP Routing when the network in question is not connected physically (directly) to its interface.
In addition, with IPv4 and as long as the Ethernet Network in question is physically connected to the Routers
LAN Interface it uses MAC addresses with the help of Address Resolution Protocol (ARP) to forward or
transmit the Ethernet Frame through its LAN interface to any TCP/IP Network device inside the LAN.
Bottom line, leased line with HDLC or PPP protocol creates a WAN link between two routers so they can route
IP Packets back and forth, servicing the devices on each one LAN. The leased line itself provides the physical
means to convert frames to bits and transmit the bits through Layer 1 using electrical encoding in both
directions. The HDLC or PPP frames provide the means to encapsulate the Network Layers IP Packet correctly
that suits the medium used so that it crosses the link between routers.
The IP Packet is the delegate Crystal Vase, and Data-Link Protocols exist to move it from hop to hop without
changing its properties. Therefore, Ethernet, HDLC, PPP, Frame Relay, ATM, and much more, are all Data-Link
Protocols to forward and handle the most important part of the TCP/IP communication IP Packets from hop to
hop.
Leased lines have many benefits that have led to their relatively long life in the WAN marketplace. These lines
are convenience for the customer, widely available, with high quality, and give the customer private line between
2 routers, but if the Line is physically leased and not virtually leased (Frame-Relay). However, they do have
some negatives as well compared to newer WAN technologies, including a higher cost and typically lead times
to get the service installed.
Note: that similar rate quality can be achieved through an Ethernet Fiber WAN connection ( EoMPLS), and the
privacy can be achieved through IPSec VPN, L2TP, or SSL VPN between 2 locations, which again much
cheaper of using a dedicated physical Leased line.

Leased Line using Point-to-Point Protocol (PPP)

PPP defined in the 1990s, was designed with Routers, TCP/IP, and other Network Layer Protocols
requirements in mind, plus many more advanced features. The following is a Concept of PPP several functions
that are useful on a leased line to connect two Routers successfully.
PPP list of functions:
Definition of a Header and Trailer: that allows delivery of a Data frame over the Link. (Similar to other DataLink Protocols such Ethernet Header and Trailer)
Support for both Synchronous and Asynchronous link rates . (Symmetric or Asymmetric rates good to for
both: Home and Business users).
A protocol Type field in the header: allowing multiple Layer 3 protocols to pass over the same link such IPv4
and IPv6.

4/6

Built-in Authentication tools: Password Authentication Protocol (PAP) and Challenge Handshake
Authentication Protocol (CHAP)
Control protocols for each higher-layer protocol that rides over PPP: allowing easier integration and
support of those protocols.
PPP Frame
PPP defines a Protocol Type field. The protocol type field identifies the type of packet inside the frame, either
IPv4 or IPv6. The following shows a PPP frame.

PPP Control Protocols for both Layer 2 and Layer 3 communications

Link Control Protocol (LCP) as Layer 2 Control Protocol: This one protocol has several different individual
functions; each focused on the Data-Link Layer 2 itself, ignoring the layer 3 protocols sent across the link such
IPv4 or IPv6.
LCP: The PPP LCP implements the control functions that work the same regardless of the Layer 3 protocols
used. The following table, summarizes the functions of LCP (Layer 2 control protocol), LCP feature names, and
describe the features briefly.

Please Note: PPP defines a set of layer 2 control protocols that perform various link control functions. The idea
of these extra protocols works a little like how Ethernet includes additional protocols like STP. Ethernet Has
Headers and Trailers to deliver frames, plus it defines overhead protocols like STP to help make the frame
forwarding process work better by preventing frame looping through STP. Likewise, PPP defines the frame
format as shown in upper PPP header figure, plus it defines other protocols (similar to Ethernet) to help manage
and control the serial link.
Network Control Protocols (NCP) as Layer 3 Control protocol: Has to deal with 2 IP Protocols: IPv4 and

5/6

IPv6. So because at Layer 3 there are 2 IP Network Protocols used to route packets: IPv4 and IPv6, therefore,
there will be a special NCP for each one of them.
The PPP NCPs: associated only to deal with Layer 3. The Following Network Control Protocols used to Control
Layer 3 Network Protocols when PPP is being used through the leased line connection:
IPCP: controls IPv4
IPv6CP: Controls IPv6
CDPCP: Controls Cisco Discovery Protocol (CDP)

PPP Authentication
WAN authentication is most often needed when dial lines are used. However, the configuration of the
authentication features remains the same whether a leased line or dial line is used.
PPP defines two authentication protocols: PAP and CHAP. Both protocols require the exchange of messages
between devices, but with different details. PAP uses Clear Text password which is unacceptable. CHAP
instead uses a one-way hash algorithm, called message digest 5 (MD5), with input to the algorithm being a
password that never crosses the link plus a shared random number. CHAP process also uses a hash value only
one time so an attacker cannot just make a copy of the hashed value and use it at later time. To make that work,
the CHAP at R1 creates a challenge and send the first CHAP message plus a random number added to
challenge value. R2 receives the challenged message plus the random number, adds it, runs the hash algorithm
using the just-learned number from R1 against the locally stored password, and sends the hash results back to
R1 that originally sent the challenge (Hash Value plus Random Number).
R1 runs the same hash algorithm again using the same random number against the password stored locally; if
the R2s result match, the passwords must match. And therefore, R1 and R2 allow access to each other. Later,
the next time the authentication process occurs, the authenticating router generates and uses a different random
number.
Note: the CHAP challenge must be set on both routers in order to work and the password never exchanged,
rather, the hash value of the password plus a random number for initial connection.
Remember, each cable technology on the way of routing IP Packets speaks different language of how to
handle the frames that carry logical IP packets, therefore, Data-Link Layer must determine which
language or Data-Link Protocol must be used for reframing the Logical IP Packet based on media used
to deliver the IP packet to its final destination.
Next: Understanding EoMPLS WAN Technology
Go to top

About Imad Daou

CCNA HUB Founder, Imad has been in IT field since 1998. Currently holding A+, Network+, Server+, Security+,
and Storage+. HP, Dell, and IBM Hardware Certified.
Facebook Twitter Linkedin Google
Copyright 2015 CCNA HUB. All rights reserved.

6/6