A glossary of networking terms
This list of networking related terms is updated on an ongoing basis. For any questions or comments on any of the terms listed here, please use the comments section at the bottom of the page.
IEEE 802.1Q is a standard that defines how traffic for multiple VLANs can be carried on a single physical ethernet link. This is accomplished by modifying the Ethernet header to include a VLAN ID tag.
To encapsulate an ethernet frame with a VLAN ID tag, a 32-bit field is added to the ethernet header before the EtherType field in the header.
The first 16 bits in the 32-bit field represent the Tag Protocol Identifier. This is set to hexadecimal 8100 (0x8100) to identify it as a VLAN tagged frame.
The next 4 bits are used for Quality of Service and to prioritize (or drop in the presence of congestion) different types of traffic.
The last 12 bits of the 32-bit field represent the VLAN to which the frame belongs. This VLAN ID can be any value between 1 and 4094.
802.1Q (also referred to as dot1q) encapsulation occurs when an Ethernet frame exits a Layer 2 interface that is operating in Trunk Mode. The frame is modified to include the dot1q tag to identify the VLAN to which it belongs. When this frame enters a Layer 2 interface on the receiving device (that must also be operating in Trunk Mode), the dot1q tag is inspected by the receiving device in order to determine which VLAN the frame belongs to. The exception is the Native VLAN configured for the trunk link. Frames belonging to the native VLAN exit the trunk interface untagged.
802.1Q encapsulation is covered in detail in Course 5 (VLANs and Trunks).
Access port (on a switch)
A Layer 2 interface on most enterprise-grade switches can be configured either as an access port (default for most L2 interfaces) or a trunk port. In access mode, the interface is assigned to a single VLAN. Ethernet frames entering a Layer 2 interface that is set to access mode should not be tagged with a dot1q VLAN ID tag. When frames exit a Layer 2 interface set to access mode, the frames will not be tagged with an 802.1Q VLAN ID tag.
Access ports are covered in Course 5 (VLANs and Trunks).
Address Resolution Protocol (ARP)
Address Resolution Protocol is a protocol used by devices to determine the hardware / physical / link-layer address for a given network layer address. In most cases this translates to discovering the MAC Address for a given IP Address.
In an Ethernet-based network, ARP is implemented using 2 message types: ARP Request and ARP Response.
An ethernet frame containing an ARP Request Message has the Destination MAC Address set to FF:FF:FF:FF:FF:FF (the broadcast MAC address). This frame is forwarded to all nodes on the physical segment. The ARP Request Message contains a "Target IP Address" field which specifies the IP Address for which the corresponding MAC Address is being requested.
When a device receives an ARP Request Message, if the "Target IP Address" specified in the ARP Request Message matches the IP Address of the receiving device, the device responds with an ARP Response Message. The ARP Response Message will include the IP Address of the device in the "Sender IP Address" field, and the MAC Address of the device in the "Sender MAC Address" field. The ARP Response Message is encapsulated in a unicast Ethernet frame with the Destination MAC Address set to the MAC Address of the device that had sent the original ARP Request Message.
Address Resolution Protocol is covered in detail in Course 3 (Routing Basics).
Broadcast traffic is traffic that is intended for every single host on a network segment. This is accomplished by setting the Destination MAC Address in the Layer 2 header to the Broadcast MAC Address (FF:FF:FF:FF:FF:FF).
At the IP (Network) Layer, the Destination IP Address in the Layer 3 (IP) header can be set to either 255.255.255.255 (as in the case of bootp broadcast messages such as DHCP Discover) or the appropriate Broadcast IP Address for the subnet (for example 192.168.0.255 for the subnet 192.168.0.0/24).
When a switch recieves a broadcast frame, it forwards the frame out of all connected interfaces (except the interface on which the frame entered the switch).
Broadcast traffic is covered in Course 1 (Switching Basics)
Related terms: Unicast traffic
Gratuitous ARP messages are used to detect potential IP Address conflicts in a network segment. Gratuitous ARP Messages could be one of 2 types.
Gratuitous ARP Request
This is an ARP Request Message where the "Target IP Address" field is set to the IP Address of the device sending the Request. If the device receives an ARP Response Message in response to this message, it means that there is another device on the network segment that is configured with the same IP Address.
Gratuitous ARP Response
This is an unsolicited ARP Response Message (i.e. it is an ARP Response Message for which no ARP Request Message had been sent). The Destination MAC Address of the Ethernet frame encapsulating this ARP Response Message is set to FF:FF:FF:FF:FF:FF (the broadcast MAC Address) to ensure that this message reaches all hosts on the network segment. Some devices will send out an unsolicited ARP Response Message (with the "Target IP Address" field in the Message set to its own IP Address) after an interface on the device has been manually configured with an IP Address. (Most Cisco routers exhibit this behavior.) If another device on the network is configured with the same IP address, it will detect an IP Address conflict when it receives this (unsolicited) Gratuitous ARP Response Message.
Either (or both) of the messages may be used to detect IP Address conflicts in a network.
Gratuitous ARP is covered in Course 3 (Routing Basics).
Internet Control Message Protocol (ICMP)
ICMP is a messaging protocol used by network troubleshooting tools (such as Ping and Traceroute) in order to monitor and troubleshoot bi-directional connectivity between devices on a network. It works by sending Control Messages encapsulated in an IP Header.
The 2 most commonly-used control messages are Echo Request and Echo Reply. To test connectivity between 2 hosts - host A and host B, host A sends an Echo Request message to the known IP Address of host B. If host B receives the Echo Request message, it responds with an Echo Reply message. If host A receives an Echo Reply message from host B, we know that host A and host B can communicate with each other bi-directionally.
ICMP is introduced and covered in detail in Course 3 (Routing Basics). It is used extensively in subsequent courses.
Native VLAN is a term applicable to trunk links. A trunk allows us to transport traffic for multiple VLANs over a single physical link. Each frame that traverses the trunk is tagged with a VLAN ID as specified in the IEEE 802.1Q standard.
One of the VLANs carried on a trunk link can be configured as the native VLAN for the link. When a trunk is configured with a native VLAN, frames belonging to that VLAN traverse the link untagged.
Proxy ARP is a feature seen on Layer 3 devices (routers). When proxy ARP is enabled on a router interface, the router may respond to ARP Request messages on behalf of other hosts. A router will send out a Proxy ARP request if all of the following conditions are met:
- A router knows how to route traffic to a particular host
- It receives an ARP Request message for the IP Address of this particular host
- The ARP Request message arrives on an interface different from the interface out of which it will route traffic to this host
- Proxy ARP is enabled on the interface on which the router receives this ARP Request message.
When all of the above conditions are met, the router responds to the ARP Request message with an ARP Response message that includes the MAC Address of the interface on which it received the ARP Request message.
This feature was originally specified to accomodate hosts that did not provide the ability to configure a Gateway IP address to forward traffic destined for a separate network segment. To allow these devices to communicate with devices on a separate network segment, the default gateway for these devices could implement Proxy ARP.
Proxy ARP, and Proxy ARP opearation on Cisco routers is covered extensively in Course 4 (Static Routes).
Trunk port (on a switch)
A Layer 2 interface on most enterprise-grade switches can be configured either as an access port (default for most L2 interfaces) or a trunk port. When an L2 interface is set to trunk mode, the interface may be assigned to multiple VLANs. In order to identify the VLAN to which a frame belongs, the frame is tagged with an 802.1Q tag indicating the VLAN to which the frame belongs.
All frames (except frames belonging to the native vlan for the trunk) are tagged with a dot1q VLAN ID tag when they exit a trunk interface. Likewise, all frames entering a trunk interface (except frames belonging to the native vlan for the trunk) must be tagged with a VLAN ID tag so that it can forwarded to the correct VLAN on the receiving device.
Trunk ports are covered in Course 5 (VLANs and Trunks).
Unicast traffic is traffic that is intended for a single host in a computer network. The Destination MAC Address in the Layer 2 header of a frame carrying unicast traffic will be a unicast MAC Address. Likewise, the Destination IP Address in the Layer 3 (IP) header of a packet carrying unicast traffic will be a unicast IP Address.
Unicast traffic is covered in Course 1 (Switching Basics)
Related terms: Broadcast traffic
Virtual Local Area Network (VLAN)
Virtual Local Area Networks, or VLANs are defined on switches in order to create multiple virtual switches within a physical switch. Most enterprise grade switches support the ability to create VLANs. The ability to create VLANs on a switch provides the following benefits:
- save costs by splitting up a single switch into multiple virtual switches;
- segregate traffic by keeping traffic on separate VLANs; and
- reduce broadcast traffic by creating smaller network segments and using inter-VLAN routing to route traffic between the different segments.
VLANs and trunking are covered in detail in Course 5 (VLANs and Trunks).