The Wikipedia page on Ethernet
CSMA/CD - Carrier Sense, Multiple Access with Collision Detection
Listen, if no one else talking, then you can begin to talk.
As you talk you listen to what you hear on the wire. If someone else talked at the same time as you (collision) then stop and wait a random time and then try again.
Collisions are ok (On half duplex Ethernet), just part of the CSMA/CD algorithm.
Ethernet II PRE[8] DST[6] SRC[6] TY[2] payload[1500] FCS[4] 8+1518 802.3 PRE[8] DST[6] SRC[6] LEN[2] DSAP[1] SSAP[1] CONT[1] payload[1497] FCS[4] 8+1518
Preamble (at beginning) and FCS(at end) are not usually displayed by Ethernet analyzer programs (like wireshark)
Max payload size for standard Ethernet is 1500 octets. Min payload size 46 octets. Modern ethernet can use what are called jumbo frames, which can be larger.
802.3 frames have length in the 13th and 14th octet. The length will be less than 0x0600 (IE less then 1536 octets)
Ethernet II frames have type in the 13th and 14th octet, the type code will always be more than 0x0600. If the payload is an IP packet the type code will be 0x0800. If the packet is ARP packet the type code will be 0x0806.
The MTU is the maximum transmission unit of a media. For standard Ethernet it is 1518 octets. 6 octets of destination address, 6 octets of source address, 2 octets of type/len, up to 1500 octets for payload, and 4 octets of CRC so the MTU is 1518.
For half duplex Ethernet limits to distance can be signal attenuation (loss of strength / clarity) or timing of collision detection. All stations on the network need to be able to detect a collision within the first 512 bits (64 bytes) of the frame. For 10 Mbit Ethernet and most cat 5 copper media the propagation delay will limit you to 2.5 Kilometers for the collision domain. Repeaters will add delay to that as well. Of course for 100Mbit Ethernet your collision timing space is going to be 10 times smaller. Most 100Mbps is run full duplex. Full duplex is the only option for 1G and 10G ethernet.
Multicast (multiple destinations). The address address has bit one of first byte set. IE 01:XX:XX:XX:XX:XX. IE first byte of address is an odd number. Note that since Ethernet transmits least significant bit first, the very first bit received will tell of if this is a unicast (=0) or multicast (=1) frame.
Broadcast (all stations) address FF:FF:FF:FF:FF:FF (all ones). Really a special case of multicast.
The first 3 bytes of a source Ethernet address are manufacturer code. You can find these at http://www.cavebear.com/archive/cavebear/Ethernet/ or http://standards-oui.ieee.org/oui.txt
Repeaters and Hubs are two names for the same thing. A device that electrically repeats a Ethernet signal. Usually it has multiple "ports" of a single media (10 base 2, or more frequently 10 base T).
It might also have ports of multiple media types, IE a 10 Base T repeater with a 10 base 2 port, or a AUI port.
Since it electrically repeats the signal (and any collisions) it simply extends the collision domain. Signals on any physical segment of the network tied together with repeaters can "collide" with others. Collisions are not bad things for half duplex ethernet. The detection of collisions and retransmission is the media access control algorithm of half duplex ethernet.
Compare a switch to a repeater/hub. The repeater works at layer 1 (physical layer). All stations connected to a repeater are in the same collision domain. IE if more than one station connected to a repeater tries to transmit, they signals (and frames) will collide. On the other hand each station connected to a switch can be in it's own collision domain.
Compare a switch to "router" (IE Layer 3 device). Switch doesn't change source or destination Ethernet address. It doesn't recalculate CRC. It forwards frame untouched. Router accepts frame, discards layer 2 information. May forward frame based on layer 3 information. If it does forward it based on Layer 3 information it will have a new layer 2 (Ethernet) source address.
If you connect a switch to a single station you can set the port on the switch and the station to full duplex
If you connect a switch to a repeater you have to set the port on the switch (and the ports on each station connected to the repeater) to half duplex. All the stations connected to the repeater are in the same collision domain.
Full duplex can only be used when there is only one station on the switch port. In this case there is no possibility for collision.
Two types of 100mbit repeaters class 1 and class 2. Class 2 is faster (lower signal propagation delay) then class 1 Media for all ports on class 2 is the same (all TX or all FX) With twisted pair and class 1 repeaters you can only have one repeater on a segment With twisted pair and class 2 you can have two repeaters station <-100m-> repeater <-5m-> repeater <-100m-> station max
Switches learn about which stations are on which ports. When they receive a frame the make note of the source address and build a table associating that source address with a port. Now when they receive a frame destined to that address they will only send it out the port that the destination is on. These tables time out. Broadcast (and except under certain circumstances multicast) packets are always sent to all stations.
The behavior of basic switches/bridges is defined in the IEEE 802.1d which is available at the IEEE explore website
A good links about the "Learning Bridge Algorithm" are: here The Wikipedia page is here.
These multi speed switches can lead to saturation of slower segments. IE frames can be lost/dropped if 100Mbit/sec of data tries to go out a 10Mbit/sec port. Or if 1G of data want to go out a 100M port. Also frames can be lost/dropped if two stations send more than 100Mbps to a 100Mbps port at the same time. In each case above the switch will buffer as much as it can, but when the buffer fills it will start to drop packets. This is called "tail drop" as once a buffer is full new packets (the tail of the conversation) will be dropped. This can be modified by 802.1q priorities. (see below)
802.1q allows you to run multiple broadcast domains between switches. The Ethernet frame is labeled with type 0x8100 and 4 bytes are added which after the type field which contain a vlan tag and the original Ethernet type. The vlan tag is 16 bits. 3 bits are "priority" 0-7 where 0 is lowest and 7 is highest. followed by a bit called the CFI which is always 0 (for Ethernet) and then 12 bits which specify a vlan number 0-4095. Vlans 0 and 4095 are "reserved" so really only 4094 assignable.
Jumbo frames are Ethernet with a payload of larger than 1500 octets. There is no IEEE standard, but most vendors Ethernet cards and switches that support jumbo frames inter-operate just fine. They can only be used in full duplex Ethernet and help increase throughput by reducing the CPU time overhead to process each frame. 9000 octets is the preferred max payload on high performance networks. All stations within a broadcast domain must agree on the MTU of jumbo frames.