WEBVTT

00:04.789 --> 00:09.130
>> Even though the OSI
model is a top-down model,

00:09.130 --> 00:11.230
meaning when a sending computers

00:11.230 --> 00:13.600
sends a request to a
receiving computer,

00:13.600 --> 00:16.240
the process starts at the
application layer and

00:16.240 --> 00:19.360
travels downward through
the other six layers.

00:19.360 --> 00:20.830
It's easiest to understand

00:20.830 --> 00:22.614
>> networking from the bottom up

00:22.614 --> 00:24.294
>> because the simpler devices

00:24.294 --> 00:26.980
are at the bottom
of the OSI model.

00:26.980 --> 00:30.145
We're actually going to
start in the reverse order.

00:30.145 --> 00:34.210
We'll start with Layer 1 and
discuss the physical layer.

00:34.210 --> 00:39.134
The physical layer is made
up of "Dumb devices."

00:39.134 --> 00:41.255
Meaning those devices
don't know where

00:41.255 --> 00:43.795
data is going and
they don't care.

00:43.795 --> 00:46.600
They don't direct
traffic or airwaves.

00:46.600 --> 00:50.050
It just simply physical
connectivity to the network.

00:50.050 --> 00:52.570
When we talk about that,
think about cable.

00:52.570 --> 00:55.135
Cable doesn't know
where data is going,

00:55.135 --> 00:57.925
and cable doesn't know
what type of data it is.

00:57.925 --> 01:01.940
Cable just provides a pathway
conduit for the signal.

01:01.940 --> 01:06.520
Connectors like your
RJ45 or BNC connectors,

01:06.520 --> 01:09.820
just provide that
connectivity to the network.

01:09.820 --> 01:11.995
I'll also mention hubs here,

01:11.995 --> 01:13.375
because at one point in time,

01:13.375 --> 01:14.650
hubs were not even powered,

01:14.650 --> 01:17.290
they were just racks that
you plugged into and

01:17.290 --> 01:20.780
that metal rack provided a
pathway for signals to travel.

01:20.780 --> 01:23.410
Hubs, even the
ones we use today,

01:23.410 --> 01:26.415
powered hubs, just
amplify the signal.

01:26.415 --> 01:29.360
There is no direction
or error detection,

01:29.360 --> 01:32.410
just a pathway for
signals to travel.

01:32.410 --> 01:36.305
As we go up the OSI model,
we gain intelligence.

01:36.305 --> 01:38.420
The next layer up is Layer 2,

01:38.420 --> 01:40.475
which is the data link layer.

01:40.475 --> 01:43.130
The data link layer
is the only layer of

01:43.130 --> 01:45.800
the OSI model that
has two sublayers.

01:45.800 --> 01:48.095
Those sublayers are
made up of the first,

01:48.095 --> 01:52.550
which is LLC, and that stands
for logical link control.

01:52.550 --> 01:55.925
That layer is responsible
for error detection.

01:55.925 --> 01:58.190
We won't say much
about LLC that's

01:58.190 --> 02:00.275
not relevant to
the net plus exam.

02:00.275 --> 02:03.275
What we do want to focus
on is the second sublayer,

02:03.275 --> 02:05.940
which is the MAC sublayer.

02:06.170 --> 02:10.680
MAC stands for media
access control.

02:10.680 --> 02:14.915
We have MAC addressing and
we also have media access,

02:14.915 --> 02:17.965
which is which system gets
to communicate and when?

02:17.965 --> 02:20.690
With MAC addresses, the
first thing we want

02:20.690 --> 02:23.585
to look at is the
MAC address itself.

02:23.585 --> 02:25.190
A MAC address is

02:25.190 --> 02:28.355
a 48-bit address expressed
in a hexadecimal.

02:28.355 --> 02:29.780
I have this circled for you

02:29.780 --> 02:32.065
here on our example on the left.

02:32.065 --> 02:35.505
Hexadecimal separated
by dashes or hyphens,

02:35.505 --> 02:37.900
they have a 48-bit address.

02:37.900 --> 02:39.980
The first 24-bits are specific

02:39.980 --> 02:42.410
to the manufacturer
of the device.

02:42.410 --> 02:45.080
If we all had three
com network cards

02:45.080 --> 02:47.555
or something from the
same manufacturer,

02:47.555 --> 02:48.980
it wouldn't be unheard of if

02:48.980 --> 02:50.750
the first 24-bits are the same

02:50.750 --> 02:52.970
for my MAC address as yours.

02:52.970 --> 02:54.950
Now of course, manufacturers are

02:54.950 --> 02:57.095
given a wide range of addresses,

02:57.095 --> 02:59.880
but it wouldn't be impossible.

03:00.380 --> 03:03.350
The last 24-bits are unique to

03:03.350 --> 03:07.055
the host and unique to the
network interface card.

03:07.055 --> 03:09.350
Even if we do have
the same first

03:09.350 --> 03:12.875
24-bits our host address
will be different.

03:12.875 --> 03:16.535
This is called the physical
address or hardware address,

03:16.535 --> 03:18.800
but it's a MAC address.

03:18.800 --> 03:20.630
How it's referred to will really

03:20.630 --> 03:22.850
depend on the operating system.

03:22.850 --> 03:25.010
Ultimately, what we're
talking about is

03:25.010 --> 03:27.560
the hardware address
and the network card.

03:27.560 --> 03:29.900
The screenshot that I
have here on the left was

03:29.900 --> 03:32.390
used by a command
called the IP config,

03:32.390 --> 03:35.150
which shows not just
IP configuration,

03:35.150 --> 03:37.205
but also shows MAC address.

03:37.205 --> 03:39.590
MAC addresses are
very different from

03:39.590 --> 03:42.415
IP addresses.
Definitely know that.

03:42.415 --> 03:45.680
IF config is a similar
command that Unix

03:45.680 --> 03:49.770
uses and folks that
use Unix will use.

03:49.850 --> 03:53.655
Ultimately, these
show the MAC address.

03:53.655 --> 03:55.640
I do want to take one
more minute to stress

03:55.640 --> 03:57.715
the importance of a MAC address.

03:57.715 --> 03:59.360
When traffic is on the network

03:59.360 --> 04:02.705
an individual NIC network
interface controller

04:02.705 --> 04:04.700
is going to examine the packet

04:04.700 --> 04:06.940
and look for its
own MAC address.

04:06.940 --> 04:10.130
If the packet is destined
for my MAC address,

04:10.130 --> 04:12.755
my network card pulls
out off the network.

04:12.755 --> 04:15.340
If it's not, it leaves it here.

04:15.340 --> 04:17.810
What's critical for
a host receiving

04:17.810 --> 04:20.060
data is the systems MAC address.

04:20.060 --> 04:22.850
What that also means is
that as ascending host,

04:22.850 --> 04:25.745
I'm going to have to learn
the client's MAC address.

04:25.745 --> 04:28.355
The way that happens is
with a protocol called

04:28.355 --> 04:31.350
ARP, Address
Resolution Protocol.

04:31.350 --> 04:33.975
What ARP does, it's
broadcast space.

04:33.975 --> 04:36.360
Essentially it sounds at
a broadcast that says,

04:36.360 --> 04:38.400
"Hey, is anybody 192,

04:38.400 --> 04:40.880
168, 11" and that device,

04:40.880 --> 04:42.550
we'll come back and
say, "That's me,

04:42.550 --> 04:44.180
here's my MAC address."

04:44.180 --> 04:46.430
What you can see on
the left is that I add

04:46.430 --> 04:50.165
the information to what we
refer to as our ARP cache.

04:50.165 --> 04:52.355
Anytime you hear the term cache,

04:52.355 --> 04:54.140
cache is always a
place where we store

04:54.140 --> 04:56.555
things that we think we're
going to need again.

04:56.555 --> 04:59.465
Once my computer learns
the MAC address,

04:59.465 --> 05:01.325
the specific IP address,

05:01.325 --> 05:03.085
it will store that in cache.

05:03.085 --> 05:06.400
The next time we need
to go to 192,168,

05:06.400 --> 05:09.095
11, I don't have
to broadcast out,

05:09.095 --> 05:10.600
it's already there in my cache.

05:10.600 --> 05:12.940
Cache is very helpful.

05:12.940 --> 05:15.260
Later we'll talk about
some security issues

05:15.260 --> 05:16.865
that might be
associated with cache.

05:16.865 --> 05:18.440
But cache also really

05:18.440 --> 05:21.450
does speed things up and
make things quicker.

05:21.730 --> 05:24.380
Now, I'll also mention when we

05:24.380 --> 05:26.465
talk about media access control,

05:26.465 --> 05:28.430
who gets time on the cable.

05:28.430 --> 05:30.470
Quite honestly,
we can't even say

05:30.470 --> 05:32.945
cable because there's
wireless access.

05:32.945 --> 05:35.630
Air traffic across the airwaves.

05:35.630 --> 05:37.280
One of the main types of

05:37.280 --> 05:38.750
networking technology that we

05:38.750 --> 05:40.670
use today is called Ethernet.

05:40.670 --> 05:44.345
It falls in IEEE standard 802.3.

05:44.345 --> 05:45.860
If you want to remember that

05:45.860 --> 05:47.840
Ethernet has three E's in it,

05:47.840 --> 05:51.770
so 802.3 is Ethernet.

05:51.770 --> 05:56.630
Ethernet uses a media access
method called CSMA CD,

05:56.630 --> 05:59.750
that stands for Carrier
Sense Multiple Access

05:59.750 --> 06:02.555
with Collision Detection.
That's a mouthful.

06:02.555 --> 06:05.360
Carrier Sense
Multiple Access with

06:05.360 --> 06:07.130
Collision Detection but it

06:07.130 --> 06:10.045
actually is exactly
what it sounds like.

06:10.045 --> 06:13.445
If a network card has
data to transmit,

06:13.445 --> 06:16.055
it senses the cable
carrier sense.

06:16.055 --> 06:18.470
The trick with that is
the two systems could be

06:18.470 --> 06:21.110
sensing the cable at
the exact same time.

06:21.110 --> 06:24.635
Multiple access, they both
throw their data out there.

06:24.635 --> 06:27.050
But if two hosts
put their data on

06:27.050 --> 06:29.735
the cable at the same
time, we have a collision.

06:29.735 --> 06:33.140
The network card is able to
detect that collision back

06:33.140 --> 06:34.910
off and perform an algorithm

06:34.910 --> 06:37.435
to determine whether
they can retransmit.

06:37.435 --> 06:39.860
CSMA CD,

06:39.860 --> 06:43.595
Carrier Sense Multiple Access
with Collision Detection,

06:43.595 --> 06:47.040
expect collisions in an
Ethernet environment.

06:47.140 --> 06:50.210
Another media access
method that we don't see

06:50.210 --> 06:52.640
very much today
is token passing.

06:52.640 --> 06:55.430
If you're familiar with the
old token ring networks

06:55.430 --> 06:58.135
that were around in the
90s and early 2000s,

06:58.135 --> 06:59.330
basically, there was

06:59.330 --> 07:01.790
a 24-bit control
frame on the network.

07:01.790 --> 07:04.940
It would move from
host to host to host.

07:04.940 --> 07:06.920
If a system wanted
to communicate,

07:06.920 --> 07:08.450
it would capture the token,

07:08.450 --> 07:10.490
then put its message out there.

07:10.490 --> 07:11.840
There was only one token

07:11.840 --> 07:13.640
and you couldn't
transmit without it.

07:13.640 --> 07:15.350
We actually had no collisions

07:15.350 --> 07:17.015
in a token passing environment.

07:17.015 --> 07:18.785
That was one of its benefits.

07:18.785 --> 07:21.410
But token ring, which
was the technology that

07:21.410 --> 07:24.215
use token passing,
was proprietary.

07:24.215 --> 07:25.805
It was from IBM.

07:25.805 --> 07:28.640
It was expensive, it was
difficult to work with,

07:28.640 --> 07:31.430
and we were bound to
IPM as in vendors.

07:31.430 --> 07:34.205
Ethernet really won out there.

07:34.205 --> 07:37.160
There's also another
media access method

07:37.160 --> 07:39.275
that wireless
communication uses.

07:39.275 --> 07:41.845
That's the 802.11.

07:41.845 --> 07:45.335
802.11 is CSMA CA,

07:45.335 --> 07:49.160
Carrier Sense Multiple Access
with Collision Avoidance.

07:49.160 --> 07:52.010
Essentially what
wireless systems do is

07:52.010 --> 07:53.180
it's still senses whether or

07:53.180 --> 07:54.970
not anybody is communicating.

07:54.970 --> 07:58.100
Multiple systems can sense
that at the same time.

07:58.100 --> 07:59.840
But instead of sending
that data out,

07:59.840 --> 08:02.090
they send an intent message
that essentially says,

08:02.090 --> 08:04.130
"Hey, I'm getting ready to send.

08:04.130 --> 08:05.690
Is that cool with everybody?"

08:05.690 --> 08:07.430
If there are no
other hosts coming

08:07.430 --> 08:09.020
back saying I'm sending two,

08:09.020 --> 08:12.820
then the wireless device
transmits this information.

08:12.820 --> 08:14.690
We don't have collisions in

08:14.690 --> 08:17.300
a token environment or in
a wireless environment.

08:17.300 --> 08:20.240
We deal in Ethernet and
whatever a big challenge is,

08:20.240 --> 08:21.440
is going to be, how we're

08:21.440 --> 08:24.030
going to address
those collisions.

08:24.310 --> 08:27.590
This is just a quick summary
of the different types of

08:27.590 --> 08:31.565
media access methods in
the IEEE over to the left.

08:31.565 --> 08:33.640
I think it's a good
summary to have.

08:33.640 --> 08:36.615
Remember, 802.3 is Ethernet,

08:36.615 --> 08:39.810
CSMA CD, we expect collisions.

08:39.810 --> 08:41.985
802.5 is token ring.

08:41.985 --> 08:44.645
Token passing there
will be no collisions.

08:44.645 --> 08:46.310
One thing I'll mention, you can

08:46.310 --> 08:47.810
remember that token ring is

08:47.810 --> 08:51.350
802.5 because there are
five letters in token,

08:51.350 --> 08:53.950
then we have wireless 802.11,

08:53.950 --> 08:56.090
no collisions here
because we transmit

08:56.090 --> 08:58.715
our intent in 802.12.

08:58.715 --> 09:01.100
I didn't mention this isn't
something that I would

09:01.100 --> 09:03.770
anticipate using or
seen on the exam.

09:03.770 --> 09:05.420
I just have it here because this

09:05.420 --> 09:07.205
was used at one point in time.

09:07.205 --> 09:10.220
It's pulling where there
is a specific survey that

09:10.220 --> 09:11.600
pulls network devices to

09:11.600 --> 09:13.535
determine if they
want to communicate.

09:13.535 --> 09:15.140
That's not really an environment

09:15.140 --> 09:16.895
designed for speed
or performance,

09:16.895 --> 09:19.620
it is really fallen
by the wayside.