Ethernet Frame Header

Ethernet Frame Header
Networking

In computer networking, an Ethernet frame is a data link layer protocol data unit and uses the underlying Ethernet physical layer transport mechanisms. In other words, a data unit on an Ethernet link transports an Ethernet frame as its payload.

An Ethernet frame is preceded by a preamble and start frame delimiter - SFD, which are both part of the Ethernet packet at the physical layer . Each Ethernet frame starts with an Ethernet header, which contains destination and source MAC addresses as its first two fields. The middle section of the frame is payload data including any headers for other protocols (for example, Internet Protocol) carried in the frame. The frame ends with a frame check sequence - FCS, which is a 32-bit cyclic redundancy check used to detect any in-transit corruption of data.

Structure

A data packet on the wire and the frame as its payload consist of binary data. Ethernet transmits data with the most-significant octet (byte) first; within each octet, however, the least-significant bit is transmitted first.

The internal structure of an Ethernet frame is specified in IEEE 802.3. The image below shows the complete Ethernet packet and the frame inside, as transmitted, for the payload size up to the MTU of 1500 octets. Some implementations of Gigabit Ethernet and other higher-speed variants of Ethernet support larger frames, known as jumbo frames.

Ethernet II Frame Ethernet II Frame

Ethernet II Frame Notes

  1. An ethernet frame has a minimum size of 64 bytes and a maximum size of 1 518 bytes (octets). Any frames smaller than the 64 byte minimum is interpreted by receivers as a collision. The Ethernet frame payload may not exceed 1 500 bytes.

  2. The minimum payload size is 42 bytes when an 802.1q tag is present, or 46 bytes if 802.1q tags are not used.

  3. The Maximum Transmission Unit - MTU value governs the size of the payload, and nearly all IP over Ethernet implementations use Ethernet V2, which specifies an MTU value of 1 500 bytes (octets).

  4. When the payload is not large enough to produce a frame of 64 bytes in length, padding is added accordingly.

  5. Some components of the frame at OSI Layer 1 are usually stripped by hardware adapters, do not count towards the frame size, and are not usually visible to packet sniffing software. Almost no ethernet adapters supply the preamble and SFD. Some adapters may supply the CRC/FCS. Wireshark attempts to guess whether an Ethernet packet has an FCS and, if it thinks it does, handles it as such. See here for more information.

  6. Any Ethernet frame less than 64 bytes on the wire is considered by the receiving station to be a collision fragment or runt frame, and is automatically discarded. Note that frames smaller than 64 bytes do not cause collisions, but are just interpreted as such.

  7. The Preamble, SFD and Interframe Gap do not count as part of the frame. They are support structure for the Ethernet protocol itself.

  8. 802.1q tag is composed of four smaller fields: Tag protocol identifier (TPID, 16 bits), Priority code point (PCP, 3 bits), Drop eligible indicator flag (DEI, 1 bit, formerly CFI), VLAN identifier (VID, 12 bits). Ignoring VXLAN, This is why network devices do not carry more than 4 096 vlans (2^12). See here for more information.

Summary

Description Value Explanation
Basic frame size 64 bytes upto 1 518 bytes 1 538 bytes on the wire
Q-tagged (802.1q) frame size 64 bytes upto 1 522 bytes 1 542 bytes on the wire
Envelope frame size 64 bytes upto 2 000 bytes
Maximum frame payload 1 500 bytes
Minimum frame payload 46 bytes
Minimum frame payload with 802.Q tag 42 bytes

L2 Fragmentation

Layer 2 does not do any fragmentation (except MLPPP L2 protocol). It is up to Layer 3 to pass data to Layer 2 in a packet/frame size that will already match Layer 2's MTU. In fact, the reason Layer 3 does fragmentation in the first place is is because of the limitations of the Layer 2 Protocol.

IP doesn't care if the packet size is 1500 bytes of 9999 bytes, it just knows what its underlying Layer 2 protocol can handle. The Packet Length field in the IP header is a 16 bit value, which means IP can create a packet as big as 65535 (216 = 65535) bytes if necessary, but only if the underlying Layer 2 fabric can support it.

Now specifically speaking for "Layer 2 protocols" like CDP, STP, VTP, (etc...), those by design send very small sized frames that should never need to be broken up into smaller frames.

Sources

  • Preamble and Start of frame delimiter (SFD). See here
  • Frame check sequence (32‑bit CRC). See here
  • Interpacket gap, See here and here

SUBSCRIBE FOR NEW ARTICLES

@
comments powered by Disqus