OSI Layers 3 and 4
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:04
>> As we continue our journey up the OSI reference model,
00:04
we're up to Layer 3, the network layer.
00:04
At this layer we have IP addressing.
00:04
IP addressing is a huge part of networking.
00:04
As a matter of fact, in our entire next chapter,
00:04
Chapter 2, is going to cover
00:04
IP addressing and all the little ins and outs.
00:04
For now, we're going to think of
00:04
IP addresses like a mailing address.
00:04
If I want to locate you from anywhere in the world,
00:04
then I can use your mailing address.
00:04
It's very similar with IP addressing.
00:04
IP addresses are at Layer 3 routers that use
00:04
IP addresses to determine where
00:04
traffic goes are layer 3 devices as well.
00:04
I don't want to give you a spoiler
00:04
from a later discussion,
00:04
but Layer 3 switches are also Layer 3.
00:04
So IP routers and Layer 3 switches make up layer 3.
00:04
I also want to add that any
00:04
protocols beginning with the letter I,
00:04
except IMAP, mail protocol are layer 3.
00:04
IP, ICMP, IGRP,
00:04
IGMP, IPSec, and on and on are Layer 3.
00:04
This is not a personal challenge for someone to go out
00:04
and find the I protocol that operates at Layer 5.
00:04
Just for our purposes,
00:04
the protocols that start with
00:04
I are here at the network layer.
00:04
Now again, with IP, there's logical addressing.
00:04
We talked about MAC addressing and how it is physical,
00:04
its burned to the network card,
00:04
and because of the fact that it's
00:04
bound to the network card,
00:04
if you take your laptop home,
00:04
your MAC address won't change.
00:04
But the logical address is going to reference
00:04
your system based on wherever you are in the planet,
00:04
because it's a full and complete address
00:04
that changes based on your location.
00:04
Logical addressing is going to be really important.
00:04
That's what IP does.
00:04
We've got IP version 4, IPv4,
00:04
which is what most of us are currently on,
00:04
and IPV6, which is coming soon.
00:04
Granted, we've hertz coming soon for the last 15 years,
00:04
but I'm sure that eventually it's coming soon.
00:04
Some tools that we use to examine
00:04
our IP configurations are ipconfig and ifconfig,
00:04
which stands for interface config
00:04
in Unix and Linux environment.
00:04
There are some other tools we can use,
00:04
but those are the big ones right now.
00:04
Ping, ICMP,
00:04
Internet Control Message Protocol is
00:04
the protocol behind ping and echoing utilities.
00:04
The way these echoing utilities work
00:04
is a message is sent out and there's a reply back.
00:04
It's like when you throw a rock at
00:04
a wall because there's a wall there,
00:04
the rock bounces back.
00:04
That's what ping does.
00:04
Ping is often used to test basic physical connectivity.
00:04
If I ping you, I don't have to worry about if
00:04
the cable is broken or if the connectors are bad.
00:04
We've got basic connectivity.
00:04
Ping is a really,
00:04
really useful tool, but it's
00:04
also one that is incredibly exploited.
00:04
It's not ping so much as it is the ICMP protocol.
00:04
That's also used virtual call tracer,
00:04
which is within Windows.
00:04
Unix has the same tool
00:04
traceroute with Linux and Unix systems.
00:04
The job those two tools do
00:04
is it chases hops through routers.
00:04
For instance, I'm going to ping
00:04
a local computer, one of my network.
00:04
If I can reach it, great.
00:04
Then I'm going to ping a remote computer,
00:04
which means one on the other side of a router.
00:04
If I can't reach that remote host,
00:04
I might use traceroute so I
00:04
can see the message leaves for me,
00:04
goes to Router 1, goes to Router 2,
00:04
then all of a sudden it doesn't
00:04
look like it's going to pass Router 3.
00:04
That gives me an idea that Router 3 is the problem.
00:04
It's good we're making sure
00:04
>> that all your pass throughout
00:04
>> the routes are up and working as they should be.
00:04
Now, we're going to come back and talk some
00:04
more about other Layer 3 protocols.
00:04
But let's go ahead and move on to Layer 4 for now.
00:04
Layer 4 is like the pony express of all the layers.
00:04
This is all about end-to-end transport
00:04
of data all the way through.
00:04
There are two protocols
00:04
particularly that work at Layer 4 for us.
00:04
They are TCP and UDP.
00:04
It's important to understand the difference
00:04
>> between these two
00:04
>> because they're very different protocols.
00:04
>> TCP is connection oriented, reliable,
00:04
but also slow, whereas UDP is connectionless,
00:04
unreliable, but it's fast.
00:04
When we talk about TCP versus UDP,
00:04
these are the alternatives.
00:04
On the upper layer protocols,
00:04
and by that I mean application layer protocols,
00:04
and that the other protocols and
00:04
services above that layer,
00:04
they will piggy-back on either TCP or UDP.
00:04
To give you an example,
00:04
let's say I'm an administrative assistant
00:04
and Bob gets a call.
00:04
I pick up the phone paging and say,
00:04
"Bob, you have a call-on Line 1."
00:04
Well, I did my job, is quick and easy.
00:04
I have no idea if Bob got the message,
00:04
but I don't care because it's lunchtime,
00:04
and I've got things to do. That's UDP.
00:04
The message is out there, I've done my part.
00:04
Whereas with TCP,
00:04
>> TCP uses a process called handshaking.
00:04
>> The first step of the handshake
00:04
is a send packet for synchronize.
00:04
Basically says that I'm going to send you something.
00:04
SYN-ACK says, okay,
00:04
I got what you sent and then ACK, we're good.
00:04
So it's that back,
00:04
forth, SYN-ACK, ACK.
00:04
Now that is obviously going to
00:04
take more time to have that handshake.
00:04
But we get reliable delivery that is
00:04
referred to as a three-way handshake.
00:04
This isn't something that you and I would use.
00:04
This would be something that a software developer
00:04
would build into an application.
00:04
If they're building a network application,
00:04
they can choose to use either TCP or UDP.
00:04
UDP is going to give them speed.
00:04
But the stuff that UDP doesn't do would
00:04
then have to be built into
00:04
the program through other ways.
00:04
What that means is if I choose the speed of UDP,
00:04
I'm going to have to do more coding as a developer.
00:04
Whereas if instead I take
00:04
advantage of what's there with TCP,
00:04
that saves me some work.
00:04
It really depends on whether it's
00:04
speed or reliability that I want.
00:04
UDP is used for things like media streaming, VoIP,
00:04
Internet relay, chat,
00:04
things that have to be in near real time. That's UDP.
00:04
I will also mention ports.
00:04
When we talk about port numbers,
00:04
we're referring to numbers
00:04
associated with the upper layer protocols.
00:04
For instance, we'll talk about how IP traffic
00:04
or IP addressing helps find your systems network,
00:04
and then once we're on your network,
00:04
we use ARP to find your MAC address, and that's great.
00:04
But once the data gets to your system in your computer,
00:04
how does your system know what to do with that data?
00:04
How does your system say, "oh,
00:04
this is traffic from my web server.
00:04
This is mail or is this that or the other?"
00:04
The answer to that is in the header of
00:04
a data segment is a little numeric stamp.
00:04
Certain numbers are relegated
00:04
to certain types of software.
00:04
For instance, there's traffic with
00:04
the destination port at port 80.
00:04
Your system knows that that's web traffic.
00:04
We'll talk a lot more about ports in just a bit,
00:04
but again, this is just to give you an idea.
00:04
So there's your handshake.
00:04
The UDP, there's no handshake.
00:04
Again, TCP has
00:04
the three-way handshake that's very important.
00:04
That's the SYN, SYN-ACK, ACK.
00:04
Though it's slower, it guarantees delivery.
00:04
Then of course, handshakes
00:04
having been so important at one point in time,
00:04
2020 has killed a need for that now.
00:04
So TCP may be out of business.
Up Next
Similar Content
