OSI Model Layers 3 and 4
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
9 hours 49 minutes
as we continue our journey of the OSI reference model were up to layer three, the network layer
At this layer we have IP addressing
I p address scene is a huge part of networking.
As a matter of fact, in our entire next chapter, Chapter two is going to cover I p address sing and all the little ins and outs.
For now, we're going to think of I P addresses like a mailing address.
If I want to locate you from anywhere in the world, then I can use your mailing address.
It's very similar with the I P address. Ng
I P addresses are at Layer three
routers that use I P addresses to determine where traffic goes earlier three devices as well.
I don't want to give you a spoiler from a later discussion, but layer three speeches are also layer three,
so I p routers and layer three switches makeup layer three.
I also want to add that any protocols beginning with the letter I accept IMAP Mail Protocol or layer three
i p I C M P I G R P i G M P, I. P sec and on and on and on our layer three.
This is not a personal challenge for someone to go out and find the I Protocol that operates at Layer five just for our purposes. The protocols that start with the i R. Here at the network layer
with my P there is logical addressing.
You talked about Mac address scene and how it is physical, its burden to the network card and because of the fact that it's bound to the network card. If you take your laptop home, your Mac address won't change.
But the logical address is going to reference your system based on wherever you are in the planet, because it's a full and complete address that changes based on your location.
So logical addressing is going to be really important,
and that's what it does.
We've got I p Version four i p p. Four, which is what most of us are currently on, and i p v six, which is coming soon.
Granted, we've heard it's coming soon for the last 15 years, but I'm sure that eventually it's coming soon.
Some tools that we use to examine our I p configurations R i p con fig and I F conflict, which stands for Interface Con Fig in UNIX and Linux environment.
There are some other tools we can use, but those are the big ones right now.
Ping icmp Internet control messaging protocol is the protocol behind Ping and echoing utilities.
The way these echoing utilities work is a message is sent out and there's a reply back.
So it's kind of like when you throw a rock at a wall because there's a wall there. The rock bounces back. That's what Ping does.
Ping is often used to test basic physical connectivity.
If I paying you, I don't have to worry about if the cable's broken or if the connectors are bad. We've got basic connectivity.
Ping is a really, really useful tool, but it's also one that is incredibly exploited.
It's not Ping so much as it is the ICMP protocol.
It's not paying so much as it is the ICMP protocol
that's also used for a tool called Tracer, which is within Windows. UNIX has the same tool trace route with Lennox and UNIX systems.
The job those two tools do is it chases, hops through routers, for instance. I'm going to ping a local computer, one of my network. If I can reach it, great,
then I'm going to ping a remote computer, which means one on the other side of a router.
If I can't reach that remote host, I might use trace route so I can see the message. Leaves from me, goes to Router one goes to Router two. Then all of a sudden it doesn't look like it's going to pass Router three.
That gives me an idea that Router three is the problem.
So it's good when making sure that all your paths throughout the routes are up and working as they should be.
Now we're going to come back and talk some more about other Layer three protocols, but let's go ahead and move on to layer four. For now,
Layer four is kind of like the pony express of all the layers. This is all about end to end transport of data all the way through.
There are two protocols, particularly that work at later, for for us
they are TCP and UDP.
It's important to understand the difference between these two because they're very different protocols.
TCP is connection oriented,
reliable but also slow, whereas UDP is connection lists unreliable, but it's fast.
So when we talk about TCP versus UDP, these are the alternatives
on the upper layer protocols, and by that I mean application layer protocols and the other protocols and services up at that layer. They will piggyback on either TCP or UDP
to give you an example. Let's say I'm an administrative assistant and Bob gets a call.
I pick up the phone, page him and say, Bob, you have a call on line one? Well, I did my job.
It's quick and easy. I have no idea if Bob got the message, but I don't care because it's lunchtime and I've got things to do.
The message is out there. I've done my part,
whereas with TCP
TCP uses a process called handshaking.
The first step of the handshake is a send packet for synchronize
basically says that I'm going to send you something.
Syntax says, Okay, I got what you sent, and then AC, we're good.
So it's that back forth syn ack ack.
Now that is obviously going to take more time to have that handshake, but we get reliable delivery that is referred to as a three way handshake.
This isn't something that you and I would use.
This would be something that a software developer would build into an application.
So if they're building a network application, they can choose to use either TCP or UDP.
UDP is going to give them speed,
but the stuff that UDP doesn't do would then have to be built into the program through other ways.
So what that means is, if I choose the speed of UDP, I'm going to have to do more coding as a developer,
whereas if instead I take advantage of what's there with TCP that saves me some work.
So it really depends on whether it's speed or reliability that I want.
UDP is used for things like media streaming, VoIP, Internet relay chat, things that have to be in near real time.
I will also mention ports when we talk about port Numbers were referring to numbers associated with the upper layer protocols.
For instance, we'll talk about how I p Traffic or I P address ng helps find your systems network,
and then once we're on your network, we use AARP. Define your Mac address, and that's great.
But once the data gets to your system and your computer, how does your system know what to do with that data?
How does your system say, Oh, this is traffic from my Web server. This is male, or is this that or the other?
The answer to that is in the hunter of a data segment is a little numeric stamp.
Certain numbers are relegated to certain types of software.
For instance, there's traffic with a destination port of Port 80. Your system knows that that's Web traffic.
We'll talk a lot more about ports in just a bit, but again, this is just to give you an idea.
So there's your handshake,
the UDP. There's no handshake again. TCP has the three way handshake. That's very important.
That's the Syn Syn ack ack,
though its lower it guarantees delivery
and then, of course, handshakes. Having been so important at one point in time, 2020 is killed. The need for that now so TCP may be out of business