Ethernet frame structure / Ethernet frame fields

Ethernet frame structure
6.1.6 This page will describe the frame structure of Ethernet networks.


At the data link layer the frame structure is nearly identical for all speeds of Ethernet from 10 Mbps to 10,000 Mbps. However, at the physical layer almost all versions of Ethernet are very different. Each speed has a distinct set of architecture design rules.

In the version of Ethernet that was developed by DIX prior to the adoption of the IEEE 802.3 version of Ethernet, the Preamble and Start-of-Frame (SOF) Delimiter were combined into a single field. The binary pattern was identical. The field labeled Length/Type was only listed as Length in the early IEEE versions and only as Type in the DIX version. These two uses of the field were officially combined in a later IEEE version since both uses were common.

The Ethernet II Type field is incorporated into the current 802.3 frame definition. When a node receives a frame it must examine the Length/Type field to determine which higher-layer protocol is present. If the two-octet value is equal to or greater than 0x0600 hexadecimal, 1536 decimal, then the contents of the Data Field are decoded according to the protocol indicated.

The next page will discuss the information included in a frame.
Ethernet frame fields
6.1.7 This page defines the fields that are used in a frame.


Some of the fields permitted or required in an 802.3 Ethernet frame are as follows:

• Preamble
• SOF Delimiter
• Destination Address
• Source Address
• Length/Type
• Header and Data
• FCS
• Extension

The preamble is an alternating pattern of ones and zeros used to time synchronization in 10 Mbps and slower implementations of Ethernet. Faster versions of Ethernet are synchronous so this timing information is unnecessary but retained for compatibility.

A SOF delimiter consists of a one-octet field that marks the end of the timing information and contains the bit sequence 10101011.

The destination address can be unicast, multicast, or broadcast.

The Source Address field contains the MAC source address. The source address is generally the unicast address of the Ethernet node that transmitted the frame. However, many virtual protocols use and sometimes share a specific source MAC address to identify the virtual entity.

The Length/Type field supports two different uses. If the value is less than 1536 decimal, 0x600 hexadecimal, then the value indicates length. The length interpretation is used when the LLC layer provides the protocol identification. The type value indicates which upper-layer protocol will receive the data after the Ethernet process is complete. The length indicates the number of bytes of data that follows this field.

The Data field and padding if necessary, may be of any length that does not cause the frame to exceed the maximum frame size. The maximum transmission unit (MTU) for Ethernet is 1500 octets, so the data should not exceed that size. The content of this field is unspecified. An unspecified amount of data is inserted immediately after the user data when there is not enough user data for the frame to meet the minimum frame length. This extra data is called a pad. Ethernet requires each frame to be between 64 and 1518 octets.

A FCS contains a 4-byte CRC value that is created by the device that sends data and is recalculated by the destination device to check for damaged frames. The corruption of a single bit anywhere from the start of the Destination Address through the end of the FCS field will cause the checksum to be different. Therefore, the coverage of the FCS includes itself. It is not possible to distinguish between corruption of the FCS and corruption of any other field used in the calculation.

This page concludes this lesson. The next lesson will discuss the functions of an Ethernet network. The first page will introduce the concept of MAC.