OSI Layers 1 and 2

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 50 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:04
>> Even though the OSI model is a top-down model,
00:04
meaning when a sending computers
00:04
sends a request to a receiving computer,
00:04
the process starts at the application layer and
00:04
travels downward through the other six layers.
00:04
It's easiest to understand
00:04
>> networking from the bottom up
00:04
>> because the simpler devices
00:04
are at the bottom of the OSI model.
00:04
We're actually going to start in the reverse order.
00:04
We'll start with Layer 1 and discuss the physical layer.
00:04
The physical layer is made up of "Dumb devices."
00:04
Meaning those devices don't know where
00:04
data is going and they don't care.
00:04
They don't direct traffic or airwaves.
00:04
It just simply physical connectivity to the network.
00:04
When we talk about that, think about cable.
00:04
Cable doesn't know where data is going,
00:04
and cable doesn't know what type of data it is.
00:04
Cable just provides a pathway conduit for the signal.
00:04
Connectors like your RJ45 or BNC connectors,
00:04
just provide that connectivity to the network.
00:04
I'll also mention hubs here,
00:04
because at one point in time,
00:04
hubs were not even powered,
00:04
they were just racks that you plugged into and
00:04
that metal rack provided a pathway for signals to travel.
00:04
Hubs, even the ones we use today,
00:04
powered hubs, just amplify the signal.
00:04
There is no direction or error detection,
00:04
just a pathway for signals to travel.
00:04
As we go up the OSI model, we gain intelligence.
00:04
The next layer up is Layer 2,
00:04
which is the data link layer.
00:04
The data link layer is the only layer of
00:04
the OSI model that has two sublayers.
00:04
Those sublayers are made up of the first,
00:04
which is LLC, and that stands for logical link control.
00:04
That layer is responsible for error detection.
00:04
We won't say much about LLC that's
00:04
not relevant to the net plus exam.
00:04
What we do want to focus on is the second sublayer,
00:04
which is the MAC sublayer.
00:04
MAC stands for media access control.
00:04
We have MAC addressing and we also have media access,
00:04
which is which system gets to communicate and when?
00:04
With MAC addresses, the first thing we want
00:04
to look at is the MAC address itself.
00:04
A MAC address is
00:04
a 48-bit address expressed in a hexadecimal.
00:04
I have this circled for you
00:04
here on our example on the left.
00:04
Hexadecimal separated by dashes or hyphens,
00:04
they have a 48-bit address.
00:04
The first 24-bits are specific
00:04
to the manufacturer of the device.
00:04
If we all had three com network cards
00:04
or something from the same manufacturer,
00:04
it wouldn't be unheard of if
00:04
the first 24-bits are the same
00:04
for my MAC address as yours.
00:04
Now of course, manufacturers are
00:04
given a wide range of addresses,
00:04
but it wouldn't be impossible.
00:04
The last 24-bits are unique to
00:04
the host and unique to the network interface card.
00:04
Even if we do have the same first
00:04
24-bits our host address will be different.
00:04
This is called the physical address or hardware address,
00:04
but it's a MAC address.
00:04
How it's referred to will really
00:04
depend on the operating system.
00:04
Ultimately, what we're talking about is
00:04
the hardware address and the network card.
00:04
The screenshot that I have here on the left was
00:04
used by a command called the IP config,
00:04
which shows not just IP configuration,
00:04
but also shows MAC address.
00:04
MAC addresses are very different from
00:04
IP addresses. Definitely know that.
00:04
IF config is a similar command that Unix
00:04
uses and folks that use Unix will use.
00:04
Ultimately, these show the MAC address.
00:04
I do want to take one more minute to stress
00:04
the importance of a MAC address.
00:04
When traffic is on the network
00:04
an individual NIC network interface controller
00:04
is going to examine the packet
00:04
and look for its own MAC address.
00:04
If the packet is destined for my MAC address,
00:04
my network card pulls out off the network.
00:04
If it's not, it leaves it here.
00:04
What's critical for a host receiving
00:04
data is the systems MAC address.
00:04
What that also means is that as ascending host,
00:04
I'm going to have to learn the client's MAC address.
00:04
The way that happens is with a protocol called
00:04
ARP, Address Resolution Protocol.
00:04
What ARP does, it's broadcast space.
00:04
Essentially it sounds at a broadcast that says,
00:04
"Hey, is anybody 192,
00:04
168, 11" and that device,
00:04
we'll come back and say, "That's me,
00:04
here's my MAC address."
00:04
What you can see on the left is that I add
00:04
the information to what we refer to as our ARP cache.
00:04
Anytime you hear the term cache,
00:04
cache is always a place where we store
00:04
things that we think we're going to need again.
00:04
Once my computer learns the MAC address,
00:04
the specific IP address,
00:04
it will store that in cache.
00:04
The next time we need to go to 192,168,
00:04
11, I don't have to broadcast out,
00:04
it's already there in my cache.
00:04
Cache is very helpful.
00:04
Later we'll talk about some security issues
00:04
that might be associated with cache.
00:04
But cache also really
00:04
does speed things up and make things quicker.
00:04
Now, I'll also mention when we
00:04
talk about media access control,
00:04
who gets time on the cable.
00:04
Quite honestly, we can't even say
00:04
cable because there's wireless access.
00:04
Air traffic across the airwaves.
00:04
One of the main types of
00:04
networking technology that we
00:04
use today is called Ethernet.
00:04
It falls in IEEE standard 802.3.
00:04
If you want to remember that
00:04
Ethernet has three E's in it,
00:04
so 802.3 is Ethernet.
00:04
Ethernet uses a media access method called CSMA CD,
00:04
that stands for Carrier Sense Multiple Access
00:04
with Collision Detection. That's a mouthful.
00:04
Carrier Sense Multiple Access with
00:04
Collision Detection but it
00:04
actually is exactly what it sounds like.
00:04
If a network card has data to transmit,
00:04
it senses the cable carrier sense.
00:04
The trick with that is the two systems could be
00:04
sensing the cable at the exact same time.
00:04
Multiple access, they both throw their data out there.
00:04
But if two hosts put their data on
00:04
the cable at the same time, we have a collision.
00:04
The network card is able to detect that collision back
00:04
off and perform an algorithm
00:04
to determine whether they can retransmit.
00:04
CSMA CD,
00:04
Carrier Sense Multiple Access with Collision Detection,
00:04
expect collisions in an Ethernet environment.
00:04
Another media access method that we don't see
00:04
very much today is token passing.
00:04
If you're familiar with the old token ring networks
00:04
that were around in the 90s and early 2000s,
00:04
basically, there was
00:04
a 24-bit control frame on the network.
00:04
It would move from host to host to host.
00:04
If a system wanted to communicate,
00:04
it would capture the token,
00:04
then put its message out there.
00:04
There was only one token
00:04
and you couldn't transmit without it.
00:04
We actually had no collisions
00:04
in a token passing environment.
00:04
That was one of its benefits.
00:04
But token ring, which was the technology that
00:04
use token passing, was proprietary.
00:04
It was from IBM.
00:04
It was expensive, it was difficult to work with,
00:04
and we were bound to IPM as in vendors.
00:04
Ethernet really won out there.
00:04
There's also another media access method
00:04
that wireless communication uses.
00:04
That's the 802.11.
00:04
802.11 is CSMA CA,
00:04
Carrier Sense Multiple Access with Collision Avoidance.
00:04
Essentially what wireless systems do is
00:04
it's still senses whether or
00:04
not anybody is communicating.
00:04
Multiple systems can sense that at the same time.
00:04
But instead of sending that data out,
00:04
they send an intent message that essentially says,
00:04
"Hey, I'm getting ready to send.
00:04
Is that cool with everybody?"
00:04
If there are no other hosts coming
00:04
back saying I'm sending two,
00:04
then the wireless device transmits this information.
00:04
We don't have collisions in
00:04
a token environment or in a wireless environment.
00:04
We deal in Ethernet and whatever a big challenge is,
00:04
is going to be, how we're
00:04
going to address those collisions.
00:04
This is just a quick summary of the different types of
00:04
media access methods in the IEEE over to the left.
00:04
I think it's a good summary to have.
00:04
Remember, 802.3 is Ethernet,
00:04
CSMA CD, we expect collisions.
00:04
802.5 is token ring.
00:04
Token passing there will be no collisions.
00:04
One thing I'll mention, you can
00:04
remember that token ring is
00:04
802.5 because there are five letters in token,
00:04
then we have wireless 802.11,
00:04
no collisions here because we transmit
00:04
our intent in 802.12.
00:04
I didn't mention this isn't something that I would
00:04
anticipate using or seen on the exam.
00:04
I just have it here because this
00:04
was used at one point in time.
00:04
It's pulling where there is a specific survey that
00:04
pulls network devices to
00:04
determine if they want to communicate.
00:04
That's not really an environment
00:04
designed for speed or performance,
00:04
it is really fallen by the wayside.
Up Next