Network Models

0:00<v ->Hello and welcome.</v>

0:01My name is Keith Barker

0:03and if we take something fairly complex,

0:05let's say for example a car.

0:06A car has lots of elements that have to work together.

0:09You know, we drive a car,

0:10we put the key in, or we hit the button,

0:12however you start your car, there's energy from fuel

0:15or electricity or something, there's a transmission,

0:16there's a motor, and all those components

0:18have to work together.

0:19Now, how do we better understand a car?

0:22Well, one option is say, boom, it's magic, there's a car.

0:25But a better approach would be to break it down into easy

0:28to understand chunks

0:30or pieces for each of the components that work together.

0:32Now, you might be saying,

0:33"Well Keith, how does that apply to networking?"

0:35Well, in a computer network today, we have lots

0:38of moving parts that have to operate together.

0:40So instead of just saying,

0:41whoa, boom, it's magic, there's the network.

0:43What we can do is we can break it apart

0:45into individual chunks that are easy to understand

0:47and understand how they work together.

0:49And one method of doing that

0:51is by using the concept of a model.

0:53So in this set of videos, what you and I get to do

0:55are gonna take a look

0:56at some traditional models for networking

0:58to better understand the individual components.

1:00And then we'll take a closer look

1:02at the actual TCPIP protocol stack,

1:04which is what we use today on our computer networks.

1:08So that, my friend, is what this set of videos

1:09and content is all about.

1:10And I look forward to the journey together.

0:00<v ->Let's start off by doing something that's done millions</v>

0:02and millions of times every single day.

0:04And that is, from a computer, access some resource

0:08out on the public internet.

0:10And as a warmup for that, this is a representation

0:12of a network which we are going to dig in deeper

0:15and deeper as we go through this content together.

0:17And so right here, this represents a computer.

0:19And let's imagine that you and I, us,

0:20we're sitting at this computer

0:22and we want to access a web server on the internet.

0:26And let's imagine we wanna go to

0:27www.cbtnuggets.com.

0:32So this activity is not new to us.

0:34We access websites every single day.

0:36So as we start off, let's do

0:37that right now here on computer one.

0:39And here we go.

0:41This represents this computer right here, computer one.

0:44So we'll go ahead and open up a browser,

0:45it's gonna use Firefox.

0:47And let's go to www.cbtnuggets.com and press enter.

0:53Alright, and we are there.

0:55So from the user perspective, all we did was go

0:57to a website, but behind the scenes there's a lot of detail

1:01that happened both here at the computer, computer one

1:03and on the network to actually make sure we could connect

1:06to that website and get the information that we wanted.

1:09And so one way of breaking down all the components that had

1:11to happen between computer one

1:13and accessing the website is by using a model,

1:17which is a logical representation of each

1:20of the components involved in that process.

1:22And regarding networking, one of the oldest

1:25and most referred to models

1:26that's out there is called the OSI

1:28or the Open System Interconnect Model.

1:31And to connect this model to that computer

1:33that we were just had a moment ago, let's go ahead

1:34and draw the computer right here.

1:36And this PC represents just a network device.

1:38It could be running Windows

1:39or some flavor of Linux or MacOS.

1:42Could be a mobile device,

1:43but some device that's connected to the network.

1:45So you and I are sitting at this computer,

1:47we put in a browser, www.cbtnuggets.com.

1:51And then logically in the background, that computer along

1:54with its connection to the network, did everything

1:56that was required to get us access to cbtnuggets.com

1:59and the response came back.

2:01So to help describe the logical components that have

2:03to happen for that to work, we can use a model

2:06and this OSI reference model is just like an idea.

2:10Don't think of it as real

2:11because it's just a logical representation of the elements

2:14that have to happen for this PC to go ahead

2:17and connect to cbtnuggets.com.

2:19So lemme go ahead and draw cbtnuggets.com

2:23with a www in front.

2:26So the moment that we type in www.cbtnuggets.com in our

2:29browser, we're asking for some type of a service

2:32and lemme go ahead and put that right here

2:33and I'll jot it down as service

2:35or application that we're after.

2:37So on our current networks today, there's lots

2:38of different types of services

2:40or applications that we might use.

2:41For example, we might wanna do some web browsing

2:44or we might want to go ahead and do some printing

2:46or we may want to upload or download files

2:48and those could all be referred to as services

2:51or applications that we are going to use.

2:53So whenever you think about the application layer, think

2:56of some type of service or app, the functionality that

2:58you want.

2:59And that's logically being

3:00provided by this layer seven of the OSA reference model,

3:03the application layer.

3:05Now one of the challenges is

3:06that not every device is the same.

3:08For example, different operating systems may have different

3:10ways of representing or coding data.

3:13And that was especially true you know, 20

3:14or 30 years ago when we had lots of proprietary systems.

3:17And so in the OSI reference model,

3:19they made another function that could be responsible

3:22for how data is encoded or how a data is compressed

3:26or if there's some other special treatment

3:27of that data based on the operating system

3:29that we're using on that computer.

3:31So this next layer is responsible

3:33for handling those differences

3:35and that's referred to as the presentation layer.

3:38Lemme just jump to the right of that encoding or compression

3:41and possibly some encryption.

3:43And again, this is just a model that's representing an idea

3:46of where that could be handled.

3:48And all of this was triggered by you

3:49and I sitting at the computer just doing a web

3:51request in the background.

3:52Logically these different functions based on the

3:55model are done for us.

3:57So the user is blissfully unaware that any

4:00of this is happening or needs to happen,

4:02but it's very helpful as a network engineer

4:04and a network technician

4:05to understand the logic behind the scenes.

4:07Now another element that's important to be aware of is

4:09that a PC, a computer could be connected to cbtnuggets.com,

4:13it could be connected to cisco.com, it could be connected

4:16to paloalto.com simultaneously.

4:18And we need some way of managing

4:20and handling all those unique sessions.

4:22And so there's yet another logical layer that's responsible

4:26for managing all those sessions.

4:28And that is called, da da da da, the session layer

4:31of this OSI model.

4:33And let me show you an example of that.

4:35So here we have one browser tab open to cbtnuggets.com

4:39and let's open up another one to paloaltonetworks.com.

4:42So we have a session to CBT Nuggets.

4:44We have a session to Palo Alto Networks

4:46and let's open up another one to YouTube.

4:48So we'll open up a new tab. So now that's open.

4:50We have three different sessions going on.

4:52We have one to CBT Nuggets, one

4:54to Palo Alto Networks, one to YouTube.

4:56And it's the session layer logically in the OSI reference

4:59model that would be responsible

5:01for the managing of those sessions.

5:03So we'll make a note of that as well.

5:05And so I colored those in green

5:06because they represent the top three layers in this

5:09OSI reference model.

5:11So that's layer seven, layer six, and layer five.

5:14And another way of thinking about these top three layers is

5:16thinking of them like that, the senior management team

5:18or the application service delivery team

5:21that's making it possible for the user, you

5:23and I to go to that website.

5:25Now here's their challenge.

5:26If we want this PC to really go to that website, we need

5:29to make sure that the traffic is sent from this computer

5:32over the network to that site.

5:34And to facilitate moving that request from this PC over

5:37to the actual website, we are gonna continue down

5:40in this reference model.

5:42And the next layer is right here.

5:43It's layer four, the transport layer,

5:45which in this model is referenced as layer four.

5:48And just like at the application layer,

5:49we have various applications

5:51or services that could be presented at the transport layer.

5:53There are various transport protocols.

5:56Now think of when I say the word protocol,

5:58it's just a set of rules

5:59or a method of doing something.

6:01And so at the transport layer protocol,

6:02we have some protocols that they care.

6:05And when I say they care, they care about making sure

6:07that the information from this computer,

6:10the one we're just at actually gets

6:11to the website and that it responds.

6:13And then we have some other protocols at layer four here

6:15that don't care so much.

6:17So we have some protocols that do care

6:19to make sure that it got delivered.

6:21And we also have some protocols at layer four

6:23that don't care.

6:24So lemme give you an example of each of these.

6:26If we were using a layer four transport protocol

6:29that did care or does care about making sure

6:31that data gets there reliably, it could do this,

6:34it could send out a request from our PC

6:37to the website saying, hey, are you willing to communicate

6:41for this type of service?

6:42And then if it gets a response back that says yes,

6:45our computer can say great love to do it.

6:47And then they can keep track

6:48and actually make sure with acknowledgements to make sure

6:51that when this PC sends something to the server

6:53and when the server sends something back to the PC

6:55that it's acknowledged like a a little return receipt

6:58that says, yep, I got that data, thank you very much,

7:00nothing was dropped or missed.

7:02So that's an example of a protocol at the transport

7:05layer that does care.

7:06A typical example of that would be a protocol called TCP.

7:09We'll take a closer look at

7:10that when we look at the TCPAP protocol stack.

7:13So in contrast to that, if we took a look at a protocol

7:15that doesn't care about reliability, it would just,

7:18it wouldn't bother doing the, hey, are you there?

7:20Are you willing to communicate?

7:21It wouldn't send acknowledgements,

7:23it would just send the data and hope for the best.

7:25And an example of that in the protocols that we use today,

7:28an example of that would be user datagram protocol or UDP.

7:32And again, we'll take a closer look at

7:33that in another video coming up.

7:35And the question may come up, well, how do we control

7:37for using TCP or UDP or some other protocol at layer four?

7:41And the answer is we don't.

7:43We don't actually get to control that.

7:44What we do, you and I is we sit at our computers

7:47and we make requests for example, for websites

7:49or other services and then based on the type of application

7:53that we're requesting behind the scenes,

7:55they are predetermined

7:57to use a specific protocol at layer four to make it happen.

8:00So the end user doesn't really have any idea about these

8:03details that are happening behind the scenes,

8:04but check it out, as you

8:06and I go through this content together, we are going

8:08to better understand those pieces.

8:10And one of the benefits of that is that if something breaks

8:13or isn't working correctly, we can more accurately go in

8:16with troubleshooting and solve the problem.

8:18So let me clear this up a little bit.

8:20Now, to actually get our request delivered over

8:22to cbtnuggets.com or to whatever website

8:25or resource we're going to, our computer needs

8:28to put on the correct address for that website.

8:31And when I think of addresses, I think of like a street,

8:33we're all familiar with streets of some type.

8:35And let's imagine we have a street here

8:37and let's say that is Elm Street.

8:39And then on Elm Street we have some houses so

8:42that (laughs) I'm gonna call those out,

8:44so you know that they're actual houses,

8:45they could be apartments, buildings, condos, et cetera.

8:48And let's say this is house number 100, house number 102,

8:52house number 104.

8:54And the other side of the street, depending on

8:56how the city planners laid it out, here we have 101

9:00and 103, et cetera.

9:02So let's imagine that cbtnuggets.com lives on a specific

9:07street like Elm Street and it has a specific house number.

9:10Well, in computer networks they refer to this

9:12as a network address,

9:14but it's very similar to a street and house number.

9:17And if our PC is going to successfully connect

9:19to cbtnuggets.com, our computer needs to include the street

9:23and house number in computer terms

9:25that we called a network address of cbtnuggets.com.

9:28So to include that information

9:30that's done logically here at layer three in the

9:33OSI reference model.

9:35So let me clear this up a little bit

9:36and let's draw layer three here

9:38and I will color that blue like our model is

9:41and we'll label that network layer.

9:44So at the network layer, the address, think

9:46of it like a street address

9:48and house number, which are part of the address.

9:51So by adding this information, when this PC eventually sends

9:54that traffic on the network, the network can look at

9:57that street name and the house number

9:59and forward it correctly.

10:01So at layer three in the OSI reference model,

10:03it's responsible for adding the information

10:06regarding the street name and the house number.

10:09And in computer terms that'd be referred to

10:10as the IP address.

10:12And IP is an acronym for internet protocol

10:14and that's the common protocol

10:15that we use all over the world today.

10:17Now one other challenge, lemme go ahead

10:18and put a street back up here.

10:20So here's some houses on that street, I'll go ahead

10:23and put two for simplicity.

10:25And this is house 100 and this is house 102.

10:28As we just mentioned, the network layer is responsible

10:31for adding that information about the

10:32street name and the house number.

10:34However, there is something

10:35that happens quite often in communities

10:37and I have it in the current place I live

10:39and that is there's a shared mailbox location

10:42for all the houses on that street.

10:44And that mailbox has many different slots,

10:46let's say at slot one and two and three and four and five

10:50and six and seven and eight to support eight houses.

10:53So the mail person delivers the mail

10:55and they put it in the correct slot based on the house.

10:57So in addition to having the street name

10:59and house number, we also need the ability to identify

11:03what I like to call a mailbox slot number.

11:05So perhaps house 100 has mailbox slot number five,

11:08or perhaps it has mailbox slot number four,

11:10we'll take a look at how a computer learns that.

11:13But for now, we just wanna be aware

11:15that in the OSI reference model,

11:16there is a specific layer just to add that information

11:19and it's called the data link layer.

11:21It's right here, that's layer two.

11:23So we'll go ahead and color code that appropriately

11:26and we'll call that data link layer.

11:28And I'll specify here that we're adding information

11:31regarding the mailbox.

11:32Also regarding sending and receiving,

11:34we also have the concept of envelopes.

11:37And not every envelope is the same.

11:38You know, for example, for using a postal service

11:41from your country, perhaps they have one type of envelope,

11:44or if we're using a custom service like FedEx or UPS

11:47or something else, perhaps they have a

11:48different type of envelope.

11:50So at layer two, the day link there, she's responsible for

11:52choosing the correct envelope

11:54and also including the correct mailbox number.

11:56Now in computer networks, that's referred to as a layer

11:58two address.

12:00And again, we're gonna have more details on each

12:02of these layers as we proceed together.

12:04So a few moments ago when we went

12:06to cbtnuggets.com from our browser,

12:08logically all these components happened

12:10and the actual request was sent over the network.

12:13And that's where we get down to layer one,

12:15which is the physical layer.

12:17The the physical layer is actually about sending the bits,

12:20the individual data into the network so

12:23that the network can forward over the routers and switches

12:25and other devices that are there

12:26and send it over to cbtnuggets.com

12:28who can then respond back to us.

12:30So that is layer one, the physical layer,

12:33I call it the get up and go the actual

12:35forwarding of the traffic.

12:37So lemme color code that as well

12:38to match our OSI reference model here.

12:41And we'll call that the physical layer.

12:43And so here in the description of the physical layer,

12:44I'm just gonna call it, send it already.

12:49So there's been a whole bunch of logical stuff in this

12:51computer that's been done and we need to go ahead

12:53and now send it into the network

12:55so it can make it on its way towards the final destination.

12:58And here's a really cool benefit about this type

13:01of modular approach, this layered approach is

13:03that if we take a look at the application layer

13:05and its friends, that presentation

13:07and session layer, if we take a look at a customer who's

13:09trying to go to a website,

13:11the application layer doesn't really care about

13:13what type of network you're using.

13:15Is it going over a wide area network?

13:16Is it going over a local area network

13:19or is it using Bluetooth

13:20or ethernet or some other technology?

13:22It's separated, it's subtract, so it doesn't actually care.

13:25And that way we can mix and match different networks

13:27and still have the same type

13:29of services, including web browsing

13:31and printing and file services.

13:33So let me go ahead and clean up a little bit of this

13:36and let me share with you a few techniques that you can use

13:38to help memorize or commit to memory if you want

13:41to the seven layers of this OSI reference model.

13:45So one option for remembering these seven layers

13:47of the OSI reference model is to use some kind

13:49of pneumonic device.

13:51So let's go ahead and start with layer one.

13:52Lemme share with you.

13:53One is please do not throw

13:58sausage pizza away.

14:03And that's if you wanna go from the bottom up,

14:05please do not throw sausage pizza away.

14:07Or if you wanna start from the top down at layer seven

14:09and go down to layer one.

14:11One of the common ways that people remember this is use the

14:13phrase all people seem to

14:18need data processing.

14:21So if you wanna memorize it from the bottom up

14:23or from the top down, if that can help you,

14:26I would encourage you to do exactly that.

14:28And when I was first learning this,

14:29which was over 30 years ago, back in the 1980s,

14:33when I learned it, I thought, okay, now show me, somebody,

14:35show me where is this being used?

14:37Where is this seven layer approach being used?

14:39The answer is we don't actually use it as far

14:42as a production network with real protocols,

14:45but we, what we do use is something

14:46called internet protocol.

14:47And there are several correlations

14:49to this OSA reference model.

14:51And so in the next segment what I'd like to do is walk you

14:54through the simplified

14:55and real protocol stack that we use today in the world

14:58of IP networking.

15:00So I'll see you my friend in a moment for that.

0:00<v ->Now the OSI reference model is a great starting point</v>

0:02for understanding some basic functionality

0:04that happens when like a user goes out to a website

0:07and some of the logic that has to happen.

0:09Now here's the challenge,

0:12and I wish somebody back in the eighties

0:13when I first got involved with networking

0:15was very direct with me about this and they weren't.

0:17But here's the deal.

0:18We don't use in production, the OSI reference model

0:23because it's just a model, it's not a real protocol.

0:26So what we can do though, is we can use a real protocol

0:29like the TCP/IP protocol suite,

0:32and we can compare and contrast that

0:34with the OSI reference model

0:36because many of those same functions from the model,

0:39from the OSI reference model also exist

0:41in the real IP protocols that we use today.

0:44So this represents here the actual OSI reference model,

0:47which I'm gonna put here as an idea.

0:49And then this represents the TCP/IP protocol stack,

0:53which is real that we use today.

0:56Now I've got some great news.

0:58All the functionality from the application layer

1:00and presentation layer and session layer,

1:02they just combined into one big chunk

1:05that's now called the application layer.

1:06So if you see documentation and is talking about layer seven

1:10or application layer, what they're really referring to

1:13is this green section here in the TCP/IP protocol stack.

1:16And we may ask what are some examples

1:18of application layer services that we may use?

1:20And they would include things like web browsing.

1:23It may include things such as file services

1:25or printing, which would be example of print services

1:29or streaming services and the list goes on.

1:31There's a very long list of various applications

1:34or services that we might wanna use from our computer,

1:37from our pc.

1:38So right outta the gate,

1:39the actual real protocol stack called TCP/IP

1:42just has one layer here called the application layer

1:45that represents layer seven, six, and five

1:47from the OSI reference model.

1:48Also more good news at layer four, the transport layer,

1:52that's identical to the functionality

1:54in the OSI reference model.

1:55But in the world of TCP/IP,

1:56we actually have real protocols that implement that,

1:58including protocols like TCP,

2:00which is considered to be a reliable protocol.

2:03It does sequencing and acknowledgements,

2:05making sure that the PC and the site,

2:08the website we're going to

2:09to make sure we're not dropping any data.

2:11And if we are using TCP and we drop some data,

2:15we can go ahead and resend it to make sure

2:17that both parties get all the data

2:18that was expected from each other.

2:20Also, the TCP/IP protocol stack have an example

2:23of a protocol that doesn't care about reliability,

2:25and that would be UDP, User Datagram Protocol.

2:28And these are actual implementations or protocols

2:30that are really used that represent the functionality

2:33of the transport layer.

2:34And as we go down this TCP/IP protocol stack,

2:36we have the internet layer,

2:38which corresponds to layer three, the network layer.

2:40And that provides the responsibility

2:41of adding the addresses, for example, the street

2:45and house number,

2:46which in an IP network would be referred to

2:48as the IP address.

2:49And then for these bottom two of the OSI reference model,

2:52those are combined into one called the network access layer.

2:55So anything dealing with the type of envelope to use,

2:58or including the mailbox slot number

3:01or the actual physical sending of the data,

3:02that's all lumped together in the grouping called

3:05network access in the TCP/IP protocol suite.

3:08And now for the kicker, I'm gonna share with you something

3:10that I wish somebody had shared with me back in the 1980s

3:13when I was first working with this.

3:15And that is this, even though we are literally using

3:17the TCP/IP protocol suite, we mix and mash a little bit

3:21some of the terminology from the OSI reference model

3:24with the actual TCP/IP protocol stack or suite of protocols

3:27that we use today.

3:29And that works out to look like this right here.

3:32So the application layer,

3:34we have application layer services,

3:36which include web browsing, streaming, file services,

3:40print services, things that a user at their computer

3:43wants to go ahead and consume or get over the network.

3:46At layer four, it's transport all the way across the board.

3:50And then when we get done to layer three,

3:51that's when we start borrowing some of the terminology.

3:53So even though the TCP/IP protocol stack,

3:55this suite of protocols is referring to this layer,

3:58layer three as internet, we actually borrow the name

4:02and we call it network.

4:03And then as we continue to go down,

4:04even though we're literally using the TCP/IP protocol stack,

4:07we have logically broken up these bottom two layers

4:10to use the same numbers for layers two and layer one

4:12and the same names as the OSI reference model.

4:15So this actual is kind of a hybrid approach,

4:18which boils down to this.

4:19We're using the literal TCP/IP protocol stack,

4:21but we're borrowing some of the numbers

4:23and names from the OSI reference model,

4:26just to be clear when we're describing

4:28and working with the protocol.

4:29So this my friend, is a representation

4:32of the protocol stack we use with IP today,

4:35which has borrowed some numbers

4:36and names from the OSI reference model,

4:38but it is literally the protocols

4:41that we use today on the internet.

4:42So what you and I get to do in the upcoming content here

4:45is we are gonna take some specific time

4:46on each of these layers in the TCP/IP protocol suite,

4:51including the application layer, transport layer,

4:53network layer, and data link to reinforce both the concepts

4:56and also give you some concrete examples of what they do.

5:00So in the very next clip,

5:01we'll focus our attention at the application layer

5:03of the TCP/IP protocol suite.

0:00<v ->I'd like you to think about</v>

0:01you and I getting on a computer

0:02and then accessing some resource.

0:04Now, resource is just a generic term for something we want.

0:07Maybe it's a streaming service,

0:09maybe it's a gaming service,

0:10maybe it's TikTok, maybe it's...

0:12You know, we wanna download a file.

0:13Whatever it is,

0:14behind the scenes in the TCP/IP protocol stack,

0:17there's an application layer service

0:19that's making that possible.

0:21So in this video, I'd like to chat with you

0:23about the specifics of the application layer

0:26in the TCP/IP protocol stack.

0:29So to put this in context,

0:30let's go ahead and draw us at this computer.

0:33I'll call it a PC, but it could be a mobile device,

0:35it could be Linux, it could be macOS, it could be Windows.

0:38So you and I sitting at that computer,

0:40when we make a request for a resource, behind the scenes,

0:42what the computer's really doing

0:44is leveraging some type of application layer service.

0:47And let's look at some examples

0:48of the very common application layer services.

0:50One, solves the problem when you and I went on this computer

0:53just a few videos ago,

0:54when we went to www.cbtnuggets.com,

0:59behind the scenes, this computer had to figure out,

1:01"Oh, that's a name. What is the IP address?"

1:04Like the street and house address behind that name?

1:07And that was done in the background for us

1:09by using a service called DNS.

1:13And DNS is a three letter acronym for Domain Name System.

1:16Sometimes it's referred to as Domain Name Service.

1:19And at the end of the day,

1:20DNS is all about taking a name that we put in,

1:23like www.cbtnuggets.com,

1:26and then figuring out behind the scenes

1:28what the actual IP address,

1:30like the street and house name is for that website.

1:33And also in the TCP/IP protocol stack,

1:34we just call this big green section right here,

1:36we just call it the application layer.

1:38Now some vendors might call it Layer Seven still,

1:40based on the OSI reference model.

1:42But generally speaking,

1:43we're just gonna call it the application layer services

1:45and DNS is one of those services.

1:48And I've got a little confession to make,

1:49that'll be a lot of fun and that's this.

1:51Earlier when we went to cbtnuggets.com,

1:54I put a little device on the network

1:56to capture the request and the traffic

1:59so we can actually see in measurable terms

2:01this application layer service called DNS

2:03go out and make a request asking about the IP address

2:07behind the name, www.cbtnuggets.com.

2:11So what we're looking at right here

2:12is a protocol analyzer output

2:14that has basically all that traffic

2:16that was going from the PC out to the network.

2:19I used a tool to capture that

2:20so we can see exactly the details of what's going on.

2:22So to filter out some of this output,

2:24so currently we have over 7,000 packets, which is a lot.

2:28I'm gonna type in DNS and press Enter.

2:31And that filter will then only show us DNS,

2:34which is an application layer service only that traffic.

2:37So there's a ton of DNS, domain name system requests

2:40that were happening from that computer.

2:42And what I'm gonna do is I'm gonna scroll down

2:43and find the exact one where our computer

2:46was trying to figure out the actual address

2:49behind www.cbnuggets.com.

2:52And there it is right there.

2:54So although there's a lot of output,

2:56the focus I wanna have here for you and I

2:58is that DNS is one of the many application layer services

3:03that we could use.

3:04So here in the output, it shows domain name system.

3:07If we go down to the query and expand that.

3:09Here, it's showing that the computer was asking

3:11about www.cbtnuggets.com.

3:13And it also shows here that in a subsequent packet, 4101,

3:18here is the response

3:20that came back from the DNS server saying,

3:22"Hey, you're looking for this name?

3:24Scroll down, here's the answer."

3:26And it turns out that there's multiple addresses

3:29that are used for cbtnuggets.com.

3:32And then our computer could go ahead

3:33and use one of these IP addresses

3:35for the future requests to that website.

3:38So DNS, the Domain Name System is one example

3:41of an application layer service that's extremely common.

3:44So in parentheses,

3:45they're gonna put name to address

3:48because that's the function

3:49that this DNS application layer service provides

3:52to a computer is resolving a name

3:53like www.cbtnuggets.com to an actual address.

3:58Another very common service is gonna be the service of HTTP,

4:02which is an acronym for the actual protocol

4:04that's quite often used when we're doing web browsing.

4:07And there's another flavor of that called HTTPS,

4:11and think of the S as secure.

4:13And HTTPS can do the same thing,

4:15but it can do it with security.

4:17So that way any of our conversations,

4:19if we're using HTTPS, between our computer and cbtnuggets,

4:22or some other website, if we're using HTTPS,

4:25it's protected and encrypted.

4:26And if somebody's eavesdropping on that session,

4:29they won't be able to tell

4:30what we're actually carrying inside of it

4:31because it's encrypted.

4:33Also, another common name or reference for HTTPS services,

4:36is SSL, which stands for Secure Sockets Layer.

4:40And a long time ago, that was literally true.

4:42We're using Secure Sockets layer,

4:44when somebody typed in HTTPS, it was using SSL.

4:47But since then, they've come up with new standards

4:49like TLS v1.x,

4:52that stands for Transport Layer Security.

4:54We'll talk more about that later.

4:56And the point I wanna drive home here

4:57is that these are all examples

4:58of application layer services.

5:00And also even if somebody's using like TLS v1.x

5:04or the computer's using TLS 1.x,

5:06a lot of times individuals and apps

5:07will still refer to it as SSL,

5:09because that's like the grandfather

5:11of that type of secure web browsing functionality.

5:13And if we take a moment

5:14and go back to our PC just for a second,

5:16and we look at one of these tabs we have open,

5:18we have a little lock here.

5:19Here says the connection is secure.

5:21And it's also showing right here that we're using HTTPS.

5:24So even though I didn't go to HTTPS,

5:27it redirected me to the secure flavor of web services.

5:31And because I captured all that traffic

5:32from that PC going out to this website,

5:34we could also see that detail in the packet captures

5:38in the protocol analyzer.

5:39And the protocol analyzer that I'm demonstrating here

5:42is called Wireshark.

5:44So here in Wireshark,

5:45if we took off the DNS and we typed in SSL

5:49and press Enter.

5:50Here, it's showing us all the traffic

5:51that is under the umbrella of SSL,

5:53which would be SSL, which is really old,

5:55or some flavor of TLS, Transport Layer Security.

5:58So if we just grabbed one of these

5:59and expanded this.

6:00Here, we can see that the application layer service

6:02is transport layer security.

6:04And here in the details it's showing us

6:06that it's HTTP over transport layer security,

6:09which makes our web browsing secure.

6:10And the cool thing about this encrypted data

6:12is that only our local computer

6:14and the website that we're going to

6:15can make any sense of that encrypted data.

6:17Anybody who eavesdrops in the middle

6:19is not gonna know what the data means

6:21because an attacker or an eavesdropper in the middle

6:24doesn't have the keys involved to decrypt that information.

6:27And let's also find, if we can see another example of HTTP,

6:30which is not encrypted. (mouse clicks)

6:31So I'll type in HTTP for another filter.

6:34And let's go ahead and let's look at this one right here.

6:36Packet 1,242.

6:38So this is showing us an application layer service of HTTP,

6:41the hypertext transfer protocol,

6:43which is often used for web browsing,

6:45but it's not encrypted.

6:47It doesn't do any encryption or decryption of the payload,

6:50so if anybody intercepts this packet on the internet,

6:53they would be able to look at the payload

6:54and see exactly what it is.

6:56So for application layer services,

6:57the three we looked at were DNS, Domain Name System,

7:00which allows a computer to figure out

7:01the actual address behind a name.

7:04So for me, this is a lot like 20 or 30 years ago

7:06using a phone book,

7:07where you're looking up a name

7:09and you want the actual address

7:10or the phone number associated with that name.

7:13And DNS is what does that for us on the internet,

7:15resolving names to the actual IP addresses

7:17behind those names.

7:18And then HTTP, which is often used for web browsing.

7:21And HTTPS also commonly referred to as SSL,

7:26which behind the scenes could be using SSL or TLS

7:29that's used for secure web browsing.

7:31And again, to bring this back home,

7:32the way we triggered any of those

7:34is that you and I sat at a computer,

7:36and in the browser, we simply asked for some resources.

7:39And then behind the scenes,

7:41it used the appropriate application layer service

7:43to deliver that.

7:44Now, there's something interesting

7:45and common between all of these application layer services,

7:48and that is they need to actually send that request,

7:51whether it's a name resolution request,

7:53or web services or secure web services,

7:55they need to pass it down to the next element

7:58in the protocol stack.

7:59And the reason it's called stack

8:00is because it's a collection of protocols

8:02that work together,

8:03a set of rules that work together.

8:04So we talk about the TCP/IP protocol stack.

8:07We can also refer to that as the TCP/IP protocol team.

8:10(chuckles) A team of protocols working together.

8:13So DNS, HTTP or HTTPS,

8:15they need some help from another member of their team.

8:18And that's gonna come from one or more protocols

8:20that are operating at Layer Four.

8:21And so in the very next video,

8:22I'd like to continue this discussion with you

8:24and take a closer look

8:26at some of the protocols at Layer Four

8:28that these application layer services are going to rely on

8:31for those applications to actually function.

8:33So I'll see you in the next video for exactly that.

0:00<v ->One of the elements that really helped me</v>

0:01in learning and working with protocol stacks and models

0:04in general is to use the idea of a set of cups.

0:07So here's a set of cups

0:08and I've also labeled each of these.

0:10So if we have a application layer service like DNS

0:12for name resolution or HTTP for web browsing

0:16or HTTPS/ that stands for secure web browsing,

0:19all by itself, this is not enough to make it happen.

0:22It needs to hand it down to the next partner

0:24or next player on the team in the protocol stack.

0:27In the case of IPV4, the next player is

0:30this bad boy right here, which is the transport layer.

0:33And in this video, we're gonna focus

0:35on several common protocols

0:36that operate at the transport layer.

0:38And let's start off with the two most dominant protocols

0:42at Layer 4 in the TCP/IP protocol stack

0:44and they are TCP and UDP.

0:47I also wanna make sure it's very clear

0:48that those aren't the only two protocols

0:51but those are the two that we're gonna see most of the time.

0:54TCP stands for transmission control protocol.

0:58UDP stands for user datagram protocol.

1:00But in reality, nobody cares

1:02because we just use the acronyms TCP and UDP.

1:05And TCP is the protocol that cares

1:08and wants to make sure that any data that's sent

1:10from the PC that's going over

1:12to the CBT Nuggets website actually makes it.

1:15And UDP is the Layer 4 protocol that doesn't care.

1:19And here's another important aspect regarding

1:22which protocol Layer 4 we're gonna use.

1:23You and me, we don't get to choose that,

1:26it's based on the application.

1:27So when they wrote these application layer services

1:30like HTTP and HTTPS and DNS

1:33those applications are gonna call upon

1:35in our computer's little brain,

1:37they're gonna call upon the appropriate Layer 4 protocol

1:40that they were designed to work with.

1:42So let's continue on

1:42with these three application layer services

1:44and let's take a look at some of their defaults.

1:46A DNS request, a plain-Jane DNS request

1:49and this computer is asking, you know,

1:51what is the IP address behind CBTNuggets.com

1:54DNS, the application layer services uses

1:56that Layer 4, it uses UDP.

1:59And what that means is that DNS as it uses UDP

2:02it's not going to behind the scenes check

2:05and verify and make sure that the server is willing

2:08to talk to us or anything else.

2:10It just sends the request and hopes for the best.

2:12Now, that may be pretty cruel and very undesirable

2:15however, from the PC's perspective, it doesn't have

2:18a lot of overhead as it does a DNS request.

2:21And what does the computer behind the scenes do

2:23if it makes a request and says,

2:24"Hey what is the IP address behind www.CBTNuggets.com?"

2:28If it doesn't get an answer, it'll ask again, no big deal.

2:31We don't really need to have a reliable

2:33connection oriented session, it can just make the request.

2:36And that's why the native version of DNS is designed

2:39to use UDP at Layer 4.

2:41In fact, let's take a look at the protocol analyzer.

2:44We'll take a look at a DNS request

2:45and we can see that it uses UDP at Layer 4.

2:49So here's our protocol analyzer once again.

2:51I'll go ahead and put a filter back on for DNS.

2:53And let's go back and find

2:54that request for CBTNuggets.com.

2:57So here is a request.

2:59I dunno if this is the exact same one

3:00but this definitely a DNS request

3:02where this computer at this IP address is asking

3:05a DNS server at this IP address,

3:07"Hey, what is the IP address at www.CBTNuggets.com?"

3:11So here are the details.

3:11It's showing us Domain Name System, a query,

3:14which is a fancy way of saying a request.

3:16And the Layer 4 protocol that it's using

3:18behind the scenes is UDP, user datagram protocol.

3:22And in the Layer 4 header, there's not a lot of information

3:25and that's because it doesn't have to worry

3:27about synchronizing or verifying with the other side

3:30regarding this request.

3:32So that's one of the benefits

3:33of UDP is its very low overhead.

3:35Now, on the other hand, if we use

3:37an application layer service like HTTP

3:39or HTTPS, those application layer services call

3:42upon the Layer 4 protocol of TCP

3:45for our transmission control protocol.

3:47And TCP is the protocol that does care.

3:49So if this PC is communicating with www.CBTNuggets.com

3:53and in reality, the IP address

3:54behind CBTNuggets.com, it's gonna be using

3:57with HTTP or HTTPS, it's gonna be using TCP.

4:00And it's going to check and say,

4:02"Hey, are you willing to talk?"

4:03And the server says, "You betcha."

4:04And this guy says, "Okay, great."

4:06And then periodically, they're gonna send acknowledgments

4:08effectively receipts saying,

4:10"Yep, I got the data.

4:11"I got the data, everything's good."

4:12And at Layer 4, we refer to those chunks of data

4:15with the UDP or TCP headers,

4:17we refer to those as segments.

4:19So a TCP, if it doesn't get an acknowledgment

4:22it can go ahead and resend a segment of data,

4:25the one that wasn't received by the other party,

4:27just to make sure that both parties receive

4:29all the data that they're expected to from each other.

4:31And one might ask, "Well, why don't we

4:33"just use TCP for everything at Layer 4?"

4:35And the answer is overhead,

4:37because there's a lot or acknowledgements

4:39and receipts and handshakes that go on

4:41just to confirm the data's going back and forth.

4:43So not every application is gonna use TCP,

4:46DNS being a good example

4:47of an application layer service that's using UDP.

4:50So, to go ahead and reinforce the idea about TCP,

4:53let's take a look at one of our HTTP

4:55or HTTPS sessions with a protocol analyzer

4:57and we can actually see in measurable terms that

5:00that is indeed the transport layer service being used

5:02and we can also see, compared to UDP,

5:04that there's a lot of additional overhead

5:07that TCP uses to provide that reliability

5:10and the acknowledgement of the data going back and forth

5:12between our computer and the website.

5:15So back at the protocol analyzer, let's go ahead

5:17and do a search for HTTP, press Enter.

5:19And let's go ahead and grab this one as an example.

5:22So here's the application layer service, HTTP,

5:25and then at Layer 4, here we have TCP,

5:27transmission control protocol.

5:29If we expand that, prepare yourself.

5:31Let me go ahead and scroll this up a little bit

5:33so we can see a little better.

5:34Check out this overhead in this header.

5:36Compared to UDP, there's a ton

5:38of additional information here

5:39and that's because it's keeping track.

5:42It's sending sequence numbers and acknowledgement numbers

5:45to verify that each segment of data at Layer 4

5:49that it got received by the other side.

5:51So TCP is connection oriented, it cares, it's reliable

5:55while UDP, on the other hand at Layer 4, is unreliable.

5:58And again, depending on the application you're using

6:00they'll choose their appropriate

6:02or predefined transport layer protocol.

6:05And one other element regarding TCP I'd like

6:06to chat with you about is when a computer wants

6:09to talk to a server, for example, with HTTP

6:11and they're going to use TCP.

6:13They do this little dance called a three-way handshake.

6:17Effectively, it's like the PC saying,

6:19"Hey server, are you willing to talk to me?"

6:21And the server says, "You betcha."

6:22And then the server says, "Great, fantastic,"

6:24and then they can start their session.

6:26And TCP is going to always include that three-way handshake

6:29just as a way of making sure that the PC

6:31and the server are both willing

6:33to set up a TCP reliable session.

6:36So as an example of that, with this packet 1242 selected

6:39I'm gonna go ahead and remove this filter

6:41by clicking the little X up here.

6:43So there's our 1242 that we were just looking at

6:45but look at right before that happened.

6:47Right before that, we have the three-way handshake

6:49where this is the PC sending what's called a send request

6:52a synchronization request to the server,

6:55the server's sending back an acknowledgement saying,

6:56"Yep, I'm willing to do that with you,"

6:58and it's own synchronization request,

7:00they call that a SYN-ACK,

7:01and then the third packet from the client

7:03back to the server with a final acknowledgement.

7:06So this is a very classic three-way handshake

7:09and this is a unique attribute of the Layer 4 protocol TCP.

7:12So UDP doesn't do this.

7:14Other Layer 4 protocols don't do this.

7:16But the connection oriented and reliable Layer 4 protocol

7:20of TCP does do this TCP three-way handshake

7:24just to make sure that the client and the server are

7:26both ready, willing, and able

7:28to have a reliable connection oriented session using TCP.

7:32And another tid-bit that I feel is very important

7:34to introduce right now, we'll talk more about it later, is

7:37the idea of port numbers.

7:39Because these applications like HTTP and HTTPS,

7:43if we have a request going to a web server,

7:46how does it know if it's supposed to be HTTP or HTTPS?

7:49How does it know if it's a DNS request?

7:51The answer is, it's a combination of the Layer 4 protocol

7:55whether it's UDP or TCP,

7:56and the port number that's included in that header.

8:00So in the UDP and TCP headers, there's going

8:02to include a port number.

8:03So there's some well-known ports.

8:05For example, in the TCP header, if it's traffic going

8:08to a port of 80, TCP 80, that's the well-known

8:11or expected port for HTTP services.

8:14Or in the TCP header, if the port is 443,

8:17that's the well-known port for SSL/TLS.

8:20Or with UDP, if the port number is 53,

8:24that's the well-known UDP port number for a DNS request.

8:28And that way when a server receives a request

8:30based on the protocol and the port number involved,

8:33it can then know for sure

8:34what's being asked of that server.

8:36I also should mention, hopefully

8:38that service is available on that device,

8:40because if we make a UDP request

8:42on port 53, a DNS request, going to some server

8:45that's not a DNS server, it's simply gonna say,

8:48"Forget that, I'm not listening to that request."

8:50So we need to make sure

8:52that we're using application layer services,

8:54they're gonna be using their expected Layer 4 protocols,

8:57and the well-known ports for those application services.

9:01And all that's done for us in the background on the PC

9:04as it formulates a request out to a server.

9:06And to reinforce that, let's go back to the protocol capture

9:09and let's take a look at the TCP and UDP headers

9:13and verify the ports involved in conjunction

9:16with those Layer 4 protocols.

9:17And because I have this currently up, let's take a look

9:20at this HTTP request.

9:22So here in the TCP header, the destination port is 80.

9:26That's the well-known port for HTTP services.

9:29If we put a filter in place for SSL

9:32and we looked at traffic going from our computer

9:34to a web server that's running TLS or SSL,

9:37here we have a destination port of 443.

9:40That's the well-known port for HTTPS services.

9:43And if we did a final request for seeing just DNS requests,

9:47here's a DNS request going

9:49from our computer out to a DNS server.

9:51And the well-known port for DNS services is 53,

9:55specifically, UDP port 53.

9:58So as we progress, we've taken a look

10:00at application layer services which are then gonna call

10:02upon Layer 4 protocols based

10:05on those application layer services.

10:06And then as we move down the TCP/IP protocol stack,

10:09we next have the network layer, which is responsible

10:12for ID-ing the address.

10:12So if we're going to CBTNuggets.com, we would've done DNS

10:16to find out the address for CBTNuggets.com

10:18and then as we make a request to go out

10:20to that website, it'd be Layer 3

10:22of the TCP/IP protocol stack that would adding

10:24that IP information to each and every packet.

10:26So as we continue down the TCP/IP protocol stack,

10:29in the next segment, we'll take a look

10:31at the network layer, specifically.

10:33So I'll see you in a moment just for that.

0:00♪ Down dooby doo down down ♪

0:02<v ->I'm talking about going down the protocol stack</v>

0:04from the application layer,

0:05who then leverages the transport layer.

0:07It adds its information for that layer for our protocol.

0:10And in this video I'd like to chat with you

0:11about layer three, which is the network layer

0:14of the TCP/IP protocol stack.

0:17So in the background,

0:17I accidentally closed the capture I had,

0:20so I had to reopen a new capture and send some more traffic.

0:22So as an example of layer three,

0:24let's take a look at this DNS request

0:26coming from the computer.

0:27So the application layer service is DNS,

0:30and up here in the output

0:31it shows us making a request for youtube.com.

0:33At layer four, that DNS request is using UDP,

0:36and at layer three, which is the network layer.

0:40Let me go ahead and scroll up a little bit here.

0:41This is showing that at layer three, the network layer,

0:44that it added the information of the IP addresses.

0:47So this IP address of the source

0:49is the IP address of our client computer,

0:51the one you and I are sitting at, the 10.1.10.150,

0:54and the destination IP address is 8.8.8.8,

0:57which is the IP address of a DNS server provided by Google.

1:00So in this network layer information,

1:02this layer three information,

1:04the primary components are the addresses,

1:06the source IP address, and the destination IP address.

1:10And while there are some other components

1:11here in this layer three information,

1:13the source and destination IP addresses

1:15are the two primary elements.

1:17So here at layer three, we have the address information,

1:21both a source address and the destination address.

1:24And in the case of an IP network,

1:26that would be the IP addresses.

1:28So think of the IP addresses

1:29as like the street and house number

1:32regarding where it's from, the PC in our case,

1:34and where it's going to.

1:35So if our PC has the address of 10.1.10.150,

1:40that information would be included

1:41in the layer three header information.

1:44That'd be 10.1.10.150.

1:48And if's the DNS request is going to a Google DNS server,

1:51the destination address that would be added is 8.8.8.8.

1:55And so the application layer service

1:57has then handed over control to the transport layer,

2:00which added its information,

2:01which it now hands over to layer three,

2:03which adds its information.

2:04So when we've included the layer three information

2:06which has, as a payload, the application layer service,

2:09the transport layer protocol information,

2:11and now the layer three information,

2:13we can call that grouping of information,

2:14we can call that a packet.

2:16So segments refer to the application layer services

2:19and the layer four header information,

2:20while packets are referring to the application layer service

2:23plus the layer four information,

2:25and added onto it the layer three information,

2:28specifically the IP addresses

2:29for the source and the destination.

2:32And again, for IP addresses, for right now,

2:34think of it like the street name and house number

2:37for the source and also the destination.

2:39So again, with an IP address,

2:40think of it like a combination of the street

2:43and the house number on that street.

2:45Now what our computer's added for us

2:47in the layer three header,

2:48the source and destination IP addresses,

2:50those can be referred to as layer three addresses.

2:52They can also be referred to as logical addresses.

2:55And when we get down

2:56to spitting that traffic out onto the network,

2:58it's routers that are looking

3:00at that layer three information,

3:02specifically IP addressing information

3:04as they make their routing decisions,

3:06forwarding it across a network.

3:09So that's why over to the right of the network layer,

3:11I've drawn a little icon for a router

3:14because the router uses that information, the IP addresses

3:16to make the routing decisions and forwarding a packet

3:19in the direction of where it needs to go.

3:20And this process of handing it down to the next layer,

3:24in the case of DNS, the application layer service,

3:26handing it down to UDP, who adds its information,

3:28who hands it down to layer three, who adds the information

3:31about the source and destination IP addresses,

3:33that process is called encapsulation.

3:36Also, some great news,

3:37we can now demystify why this whole thing,

3:39this IP protocol stack is called the TCP/IP protocol stack.

3:43They just took names of two protocols,

3:45one protocol from layer four, TCP,

3:48and one protocol from layer three, IP,

3:51which is the internet protocol,

3:52and they just call the protocol stack that.

3:54So whether you call it the IP protocol stack

3:56or the TCP/IP protocol stack,

3:58what they're referring to is this combination of protocols

4:01in the TCP/IP protocol suite, or TCP/IP protocol stack

4:04that work together

4:05to allow communications from a device like our computer

4:08out to a website like cbtnuggets.com.

4:11And we also have a couple flavors of TCP/IP.

4:13There's one for IP version four,

4:15which is the most dominant one and has been for decades.

4:18And there's a new one called IP version six.

4:20And I've got great news, this logical flow

4:23from the application layer down to the transport,

4:25down to the network.

4:26This logical concept works the same for IPv4

4:30as well as IPv6.

4:31And in the next video,

4:32I'd like to chat with you about layer two

4:34and give you some specific examples

4:36about what is added there

4:38as it gets handed down to that next layer

4:40in the TCP/IP protocol suite.

4:42I'll see you in that video in just a moment.

0:00<v ->So, it's time that we take a closer look at layer two</v>

0:03in the TCP/IP protocol stack.

0:05It's getting exciting

0:06because we're almost ready for this computer

0:08to actually send the actual information on the network,

0:11and let's talk about the network for a moment.

0:12Let's imagine this computer is connected to the network

0:15and it's got a router that's gonna be able to route packets

0:18to other routers who can finally route it

0:20to the website cbtnuggets.com.

0:23So, we'll call this router one,

0:24router two, and router three.

0:26And routers are considered a layer three device

0:29because they're making their forwarding decision

0:31based on layer three information,

0:32specifically IP addressing, but the question is,

0:35if this PC needs to reach out to this website,

0:38cbtnuggets.com,

0:40this PC needs a little help from this router, router one,

0:44as its default gateway,

0:45and to do that, this PC is gonna need to know,

0:48what is the mailbox number

0:50from our analogy with the OSI reference model?

0:53Now, in the world of IP networks,

0:55this mailbox number is really called a MAC address

0:58on an ethernet network, and this MAC address,

1:00the MAC stands for media access control,

1:02it's the actual address that's burned in

1:04from the manufacturer on the network interface card

1:06on the router.

1:07So, every network interface card:

1:09this PC, the server at cbtnuggets,

1:12and everybody else who's connected to the network

1:14have a unique MAC address, a layer two address.

1:18Think of it like a mailbox number

1:19that's being used and added at layer two

1:22so that frame of data can be forwarded

1:24to the next device in the path.

1:26So the question is, how in the world did this PC,

1:28how does it know what the layer two address is

1:31or the MAC address is of its default gateway?

1:34And the answer is, it's gonna use a little protocol

1:35called ARP: address resolution protocol,

1:39and it's basically gonna ask.

1:40The PC's gonna say, "Wow, I need your layer two address,

1:43Mr. Default Gateway. I know what your IP address."

1:45Let's say the address was 10.1.10.1 for the default gateway,

1:50and so what it can do is simply send using ARP

1:52a request saying, "Hey, whoever has this IP address,

1:5610.1.10.1, can you send me a response

1:59and tell me what your layer two address is,

2:00what your MAC address is?

2:01Because I need to include that for my web request

2:03going to cbtnuggets so I can send future frames of data

2:06at layer two to you.

2:08So, let me give you an example of exactly that,

2:11using the protocol analyzer once again

2:13to take a look at this ARP request

2:15where this PC is asking about the layer two address

2:19of its default gateway.

2:20And here it is. Here's the request from our computer.

2:22So, it's an address resolution protocol request.

2:25So in this ARP request,

2:26this is our computer 10.1.10.150

2:29and it's asking, saying,

2:30"Hey, everybody on this local network,

2:32if you've got the IP address of 10.1.10.1,"

2:35which is the default gateway for that client,

2:38"Go ahead and respond back

2:39with what your layer two address is."

2:41And here's the response.

2:42This response is coming back from 10.1.10.1

2:46and it says, "Hey, here's my MAC address."

2:48So, now that MAC address can be used at layer two

2:52when the PC needs to send any traffic

2:54to its default gateway at layer two,

2:56so it can be forwarded and routed

2:58out to the final destination.

2:59So, let's just take a look

3:00at the last four digits here: 80:0a,

3:04and lemme take off the filter

3:06and we can just take a look at any traffic that's going out.

3:08For example, let's go ahead and grab some SSL traffic.

3:11So, this SSL traffic right here

3:12going from our computer at 10.1.10.150

3:15going to this IP address, 104.16.248.249,

3:19that's the layer three information.

3:21So, if we open up the internet protocol,

3:23there's the source and destination address,

3:25but if we look at layer two,

3:26it's included as a source the computer's local MAC address,

3:31and the destination is the layer two address

3:34of the default gateway,

3:35and that way the network between the client

3:37and its default gateway can make forwarding decisions

3:40based on that layer two information

3:42to make sure that the right device on the network gets it.

3:45In this case, it would be the default gateway.

3:46And there's the last four digits, 80:0a,

3:49for the default gateway's layer two address.

3:52So, if we clean this up a little bit,

3:54at layer two, we're adding the source layer two address.

3:57Also on ethernet networks, that'd be called the MAC address.

4:00And also the destination layer two address.

4:04And the devices that are gonna use

4:05that layer two address information for forwarding

4:08are known as switches.

4:10So, routers are forwarding based on IP addresses,

4:13and switches are gonna be forwarding

4:15based on the layer two information.

4:17And the typical network, we'll see this:

4:19We'll have a PC that's connected to a switch.

4:22Also, they're often called a layer two switch,

4:24just for clarification.

4:25And that switch may go to another switch.

4:27Call that switch one, call that switch two.

4:30And then finally, let's say it's connected to a router,

4:32and then that router has connectivity, maybe,

4:34through other switches to other routers.

4:36There's R two, and then onto other destinations beyond.

4:40So, based on this PC sending information at layer two,

4:43these switches can forward that

4:45to the right layer two address on that local network,

4:48and then the router, looking at layer three information,

4:50can then make a routing decision,

4:52forwarding it onto the next router

4:54towards the final destination, which is our web server.

4:57And again, the magic of learning those layer two addresses

5:00is by using a protocol called ARP:

5:02address resolution protocol.

5:04So, if we're referring to data all the way up to this point,

5:07which includes the application layer services

5:09plus the additional information or the header information

5:12for the layer four protocol,

5:14plus the additional information from layer three,

5:16which includes the IP addresses,

5:17plus the additional information,

5:19which includes the layer two information,

5:21in the case of ethernet networks,

5:23that'd be the source and destination MAC addresses

5:25on the local network segment;

5:27that could be referred to as a frame of data.

5:30So, the terminology of saying,

5:31"Switches are making forwarding decisions based on frames,

5:35frames of data, including layer two,

5:37and routers are making forwarding decisions

5:40based on packets in the layer three header,

5:42those would all be accurate statements.

5:44And then finally, that traffic is sent

5:46as a string of bits at the physical layer

5:49as the PC delivers that information to the network,

5:52and then the respective device's switches and routers

5:55forward those frames and packets respectively

5:58with the intention of getting the segments delivered

6:00to the appropriate party.

6:02And what I would love to do in one final video,

6:04is let me summarize this process of encapsulation,

6:07where we're taking, you know, application layer services,

6:10and then including layer four information,

6:12including layer three information,

6:14including layer two information,

6:15and let me go ahead and reinforce that with the use of CUPS,

6:19and we'll do that in the next video.

0:00<v ->So these are the cups we're gonna use</v>

0:01to represent the encapsulation process

0:03from beginning to end.

0:05So let's start off by imagining we're making a DNS request,

0:07or our computer is in the background.

0:09We went to www.cbtnuggets.com, pressed enter,

0:13and in the background our computer said,

0:14"Ooh, I need to know the IP address behind that."

0:16So behind the scenes, the application layer service

0:19of DNS is being used.

0:20Now that DNS request that's asking for the IP address

0:24behind cbtnuggets.com,

0:26that's gonna be encapsulated into a UDP header

0:29because that's the layer four transport protocol

0:31that's configured to be used

0:33with the application layer service of DNS.

0:35And once UDP adds its information,

0:38including the ports involved for that DNS request,

0:40that would be then encapsulated

0:42into an IP header at layer three.

0:43And that IP header is going to include

0:45information about the source

0:46and destination IP addresses that routers can use

0:49to make forwarding decisions.

0:50And then that gets further encapsulated

0:52into a layer two header,

0:54which would include, on the local network,

0:55the source, layer two address, the MAC address,

0:58and the destination layer to address on that local network,

1:00which, in most cases, is gonna be the layer

1:02to address of the default gateway.

1:04And then, of course, to make that actually work,

1:05the actual data would have to be spit onto the network,

1:08or sent onto the network, by the network interface card.

1:10And that would be the layer one function

1:12in the TCP/IP protocol stack, that physical layer.

1:15And this process of taking an application layer service

1:18and encapsulating it into a layer four protocol,

1:20and then the layer three protocol,

1:21et cetera, all the way down,

1:22that's referred to as encapsulation.

1:24And the other side of that coin

1:26is when it gets received as a server,

1:28let's imagine it's a DNS request.

1:30When the server receives that, it says, "Okay, great.

1:32Hey, this is destined to my layer 2 address.

1:34I better pay attention to it."

1:35It's like reading a book that's really good.

1:37And so it says, "Boo, that's for me."

1:38And then it looks at the destinational IP address.

1:40And if the server says, "Well, that's my IP address,"

1:43it's still interested, so it continues reading.

1:45And then it takes a look at the UDP header,

1:47in the case of a DNS request.

1:48If it's going to UDP Port 53

1:51and the server's a DNS server,

1:52it's expecting to have requests come in on that port,

1:54the DNS server says, "Oh, it's a DNS request."

1:57And then it actually takes a look at that DNS request,

2:00and then hopefully it's gonna respond to it.

2:02So that process of receiving all that data

2:04and peeling back the layers,

2:06that's referred to as de-encapsulation.

2:09So as we send traffic out,

2:10it gets encapsulated using all the layers

2:12of the protocol stack.

2:13And then as we receive the data,

2:15we de-encapsulate to take a look at the details

2:18in each of those layers.

2:19And not every device on the network

2:20is gonna look at all the layers.

2:22For example, a layer two switch is only caring

2:24and looking at the layer two information.

2:26And a router operating at layer three

2:28is really only paying attention

2:30to the layer three information.

2:31It's really the endpoints,

2:32the client and the server,

2:33or the two endpoints of a conversation.

2:35They're gonna do the full encapsulation

2:37and de-encapsulation of the full protocol stack.

2:40So thanks for joining me in this set of videos

2:42regarding the OSI reference model,

2:44encapsulation and de-encapsulation, and TCP/IP.

2:47And I look forward to seeing you, my friend,

2:49in the very next set of videos.