The Encapsulated Data Flow Process

This section discusses the stages of data flow through a network that interconnects remote end systems and segments using Cisco routers and switches. This discussion includes the topic of encapsulation and decapsulation (or de-encapsulation), along with the different forwarding/filtering performed by routers and switches. Figure 3-1 shows end system Host A and end system Host B communicating on a network. The encapsulated data flow process has four stages. In Figure 3-1, Stages 1 through 4 point to different components of the network. The stages are as follows:

■ Stage 1—Encapsulation

■ Stage 3—Forwarding/Filtering

■ Stage 4—Decapsulation

Figure 3-1 The Process of Encapsulated Data Flow on a Simple Connection

End System: Host A

End System: Host A Gateway: 00AA00AA00AA

Analyzing the Stages of Encapsulation, Transmission, Forwarding/Filtering, and

Decapsulation When Data Is Sent from an Application in End System Host A to an Application in End System Host B Gateway: 00AA00AA00AA

Stage 1: E


Stage 2: Transmission


00BB00BB00BB 00000C102311


00BB00BB00BB 00000C102311

Lighting Truss Guy Wire

Stage 4: Decapsulation

' Gateway: 00BB00BB00BB

Stage 3: Forwarding/Filtering

Stage 3: Forwarding/Filtering

Stage 4: Decapsulation

' Gateway: 00BB00BB00BB

A description for each stage is provided next.

Stage 1 is encapsulation. First, you must convert the data into segments. At times, data is too large to be sent as one piece. For example, a file transfer might require the file to be broken into several pieces and sent as such. Each segment encapsulates some data, but it also has a header that identifies the sending application on one device (source) and the receiving application on its counterpart device (destination). The sending and receiving applications are usually identified using source and destination port numbers. Next, you add a header that includes network address information to each segment, effectively converting each segment into a packet (packet encapsulates segment). From there, you encapsulate each packet into a frame. The frame header includes physical addressing information (frame encapsulates packet). Finally, you are ready to transmit the frame as bits.

In Figure 3-1, end system Host A (using the TCP/IP protocol suite) takes data from an application and encapsulates the data as several pieces, as needed, in several segments. The segments are then encapsulated in packets with Host A's IP address as the source and Host B's IP address as the destination. Because Host A, comparing its IP address and subnet mask to the destination IP address, realizes that the destination IP address is a remote host, Host A must encapsulate the IP packet in a frame with the MAC address of Host A's default gateway (MAC address of as the destination MAC address. If Host A does not have the MAC address associated to in its ARP table, it must send an ARP request (which is a broadcast) to request and receive it. As a result, the packets sent will have (Host A's IP address) as their source IP address and (Host B's IP address) as their destination IP address. Those packets will be encapsulated in frames whose source MAC address will be 00AA00AA00AA (Host A's fictional MAC address), and their destination address will be 00000C104511 (Router R's Ethernet 1 MAC address). The frames that encapsulate IP packets—which encapsulate TCP or UDP (or other payload types such as RTP) segments, which in turn encapsulate application data—are ready for transmission into the media (transmission over a physical network).

NOTE Even though most people use the term packet as the Layer 3 protocol data unit (PDU), the true Layer 3 PDU is a datagram. A packet is a fragment of a datagram that was fragmented due to insufficient MTU at a particular network segment. However, unless a datagram is segmented, a packet and a datagram are identical.

Stage 2 of the encapsulated data flow process is about passing the data over the physical medium as bits. Stage 3 is about how the intermediate network devices (routers, switches, hubs, and so on) change or alter and forward or filter (not forward) the data. When data reaches a network device, the device removes data control information as needed. Standard Layer 2 switches read physical addressing information (destination MAC address) and forward frames to a port or an interface based on the content of the dynamic content-addressable memory (DCAM) table. Routers, firewalls, and multilayer switches, generally speaking, read network addressing information (destination IP addresses) and forward packets to an interface based on the content of the IP routing table. Stages 2 and 3 alternate until the data flows through all devices that are necessary to reach the interface of the target end system.

In Figure 3-1, the frames that are leaving Host A (encapsulating packets that are destined to Host B) have 00AA00AA00AA as their source MAC address and 00000C104511 as their destination MAC address because Host A transmits them into the media. As frames enter Switch A via port 2/2, Switch A looks up their destination MAC address in its DCAM. Previously in its DCAM, Switch A learned and stored 00000C104511 and mapped it to port 2/1. Therefore, those frames are only forwarded to port 2/1. (If the MAC address were not present in Switch A's DCAM, the switch would flood them to all other ports that belong to the same VLAN as port 2/2.)

The frames now leave Switch A's port 2/1 (Transmission stage) and enter Router R's Ethernet 1 interface. Because the destination MAC address of the frames matches Router R's Ethernet 1 MAC address, Router R will decapsulate packets from inside the frames (reducing their TTL and recomputing their CRC). Because the destination IP address of those packets is not one of Router R's IP addresses, Router R will attempt to forward the packets based on its IP routing table. Router R's IP process (after doing lookups on its routing table) finds out that it is directly connected to the network to which the IP packets are destined; therefore, it forwards the packets out of its Ethernet 0 interface.

The packets need to be encapsulated in Ethernet frames. The source MAC address of those frames will be 00000C102311 (Ethernet 0's MAC address), and the destination MAC address of the frames can be discovered using ARP (by sending an ARP request and receiving an ARP reply) on Ethernet 0 (unless they are already present in Router R's ARP table). The frames will have 00000C102311 as their source MAC address and 00BB00BB00BB as their destination MAC address, and they will be transmitted to the media connected to the Ethernet 0 interface of Router R (Transmission stage, once again). Those frames subsequently enter Switch B's 2/1 port. After a lookup in its DCAM, Switch B decides that it must forward the frame out of its port 2/2 only. The frames are transmitted to the media connecting to Switch B's 2/2 port. The frames have 00000C102311 as their source MAC address (Router R's Ethernet 1 MAC address) and 00BB00BB00BB as their destination MAC address (Host B's Ethernet network interface card's MAC address). These frames encapsulate packets that were sent from Host A (which means their source IP address is and are destined to Host B (which means their destination IP address is

Stage 4 is called the Decapsulation stage. In Figure 3-1, Stage 4 points to end system Host B, meaning that end system Host B receives the data from the physical medium, removes the data control information, and converts the data as needed for use with the target application. In Figure 3-1, after frames enter Host B's network interface card, the network interface card discovers that the frames' destination MAC address matches the MAC address. The network interface card generates an interrupt to the CPU and the frame is copied from the network interface card's buffer to the main memory of Host A. Each frame's packet is decapsulated (the frame header and check sequence are removed), each packet's segment is decapsulated (the packet header and cyclic redundancy check are removed), and the data encapsulated in each segment is decapsulated and passed to the destination application based on the destination port number of the segments.

Was this article helpful?

0 0


  • meaza
    How data flows in encapsulation?
    1 year ago

Post a comment