Terms of Use For FixedByVonnie

By proceeding to access fixedByVonnie.com, you expressly acknowledge, and agree to, all of the following:

fixedByVonnie.com is a personal website and blog owned by Security Plus Pro LLC, which is being presented for informational purposes only. The views on this website are solely those of the website owner (and not those of any employer or of any professional associations affiliated with the website owner).  Any views expressed in this website and any information presented on this website, or in any of its blog entries, should not be relied on for any purpose whatsoever other than as the personal opinions of the website owner.  The website owner expressly disclaims any and all liability for any information presented on this site.  The owner of this website and its blog posts shall not be held liable, and shall be held harmless, for any errors or omissions in any information or representations contained in this website, or in any of its blog entries.  The website owner also expressly disclaims any liability for the current or future availability of any such information. The website owner makes no representations as to the accuracy or completeness of any information on this website or which may be found by following any link on this website. The website owner shall not be held liable for any losses, injuries, damages, claims, or causes of action, from the display or use of any information on this website or in any of its blog entries. If you use the information on this website, or on any of its blog entries, you do so solely at your own risk.

Networking 101: Layers (Part 1 of 3) - fixedByVonnie

Networking 101: Layers (Part 1 of 3)

What’s up!  It’s your man Vonnie Hudson here and today you’re going to learn all about network layers.

Sounds exciting doesn’t?

You’re first thought might be:

Hold up Vonnie, didn’t you already show me everything I need to know about network layers in your previous tutorial?

And my answer is, “Yup, but I really really want you to get this stuff.  I want you to know it inside and out.  And that’s why we’re going even deeper”

Don’t worry – I promise not to bore you.  I love this stuff and I promise you – after reading my tutorial you’ll know more about how networks work than most experienced professionals in the field.  I’m not kidding.  I’ve found that some professionals who do this stuff full-time don’t even get the fundamentals.

I know it’s an audacious claim, but after finishing this section and patiently taking the time to understand everything I share here, you’ll have enough knowledge to teach the big guys.  Heck you’ll even have the raw materials for landing your first full-time job in Computer Networking.

The future is bright and I’m so exciting to show you how all the pieces fit together.

Before you dive in, I strongly suggest you read my two part series on Networking 101: Fundamentals; the lowdown on how networks really work.

Today I’m going to show you:

  • Which layer popular network devices live in
  • The difference between a hub and switch (and how they work)
  • What an IP address really represents

Let’s get started!

The purpose of this series on network layers is to:

  • Get you super cozy with end-to-end network communications
  • Understand encapsulation and de-encapsulation in detail with a closer examination of the TCP/IP layers

That’s it.  That’s my goal.

By the end of this series you should be able to call a colleague and accurately (and confidently) explain exactly what happens when someone types fixedbvonnie.com in a web browser.

So before we dive in – let’s start with a little review.

Do you remember the names of the layers in the OSI and TCP/IP models?

  • Layer 1 is the Physical layer; it’s responsible for getting the bits on the transmission medium. (copper, air, light)
  • Layer 2 is the Data Link layer and it puts the physical addresses in the frames
  • Layer 3 is the Network\Internet Layer and this one is all about logical addressing.  IP addresses live here.

Getting on the Internet at Layer 1

So how do people get on the internet?

That might sound like a stupid question but I’m not being sardonic.

Wireless get’s all the fame these days but it’s easier to understand networking by looking at the little networking jack built into almost every laptop.  It looks something like a oversized telephone jack and it’s officially know as a Registered Jack 45. (RJ-45)

Image Credit Eric Kilby via Flickr

The RJ-45 port is attached to a Network Interface Card (NIC) which is the thing that actually sends and receives the bits over the network.  The NIC is also the physical hardware that has your physical address. (also called a MAC address)

Network Interface Card image credit  technologyuk.net


You basically plug one end of an Ethernet Cable into the RJ-45 port on your computer and the other end goes in an RJ-45 port in your router or switch.

Image credit nrkbeta via Flickr

The point here is that the Ethernet Cable and NIC work in the Physical Layer of the OSI and TCP/IP models.  Incidentally, Wi-Fi adapters also live in the Physical Layer because their purpose in life is to send and receive bits just like NICs.

Alright, so does anything else live in the Physical Layer?

We’ll we have one of the most famous relics of network hardware ever: the humble hub.

Image  credit http://concertaudiovisual.com.au

There’s nothing glorious about the life of a hub.

Here’s what happens:

A six port hub and five PCs walk into a bar…

I thought I had a joke there but I’ve got nothing haha.

So let’s get back on topic here:  You plug the Up-LINK port into a network switch or router and you plug each of your PC’s into the other ports.

Looking at a Network Hub


When PC1 wants to send a file to PC5, the hub says:

I’m a hub so um, my job is to umm… mindlessly repeat all those incoming zeros and ones out all the other ports.

So the hub isn’t very smart.  It’s just a multi-port repeater and that’s why it’s a Layer 1 device.  Since it doesn’t understand layer 2 frames or layer 3 packets it works at layer 1.  Hubs take all the voltage fluctuations representing zeros and ones and spits them out all the other ports.

So at Layer 1 we have:

  • NICs
  • Ethernet Cables
  • RJ-45 Connectors
  • Wi-Fi adapters
  • Hubs
  • Bits

Layer 2 Love

As you know by now, Layer 2 is the Data Link layer.  So here’s how this works.

As a protocol data unit (PDU0 flows down the TCP/IP stack, Layer 2 encapsulates it with its own Ethernet header and trailer. The header has the MAC address of your computer (the source MAC) and the destination MAC address of your default gateway which is probably your home router.

Check out this packet capture I took when attempting to open fixedbyvonnie.com in Safari.

You can see the the layer 2 header which has the source and destination MAC addresses.

  • The source MAC is 64:76:ba:a4:d4:60 which refers to the wireless adapter on my Macbook Air.
  • The destination address of 00:23:eb:00:23:eb refers to the MAC address of my default gateway.

Looking at Physical Addresses

It’s really easy to find the MAC address on a Windows PC.

To find the MAC address on your Mac (hehe that sounds funny) you can open Terminal and type:

/sbin/ifconfig | grep HWaddr


/sbin/ifconfig | grep ether

MAC address on a Mac

Every computer has it’s own unique MAC address.

If we decided to start a business designing NICs, we would need to contact the Institute of Electrical and Electronics Engineers. (IEEE)  The IEEE would reserve 6 unique digits to our company and then we would generate an additional 6 unique digits for each NIC we produce.

So if the IEEE gave us 40:55:1e, we would use 40:55:1e:00:00:01 for our first NIC.  We would use 40:55:1e:00:00:02 for our second NIC and so on.

My MAC address starts with 64:76:ba which happens to be the IEEE block assigned to Apple Computers.  This is called the Organizational Unique Identifier. (OUI)  The last six characters of my MAC, a4:d4:60, were assigned by Apple.

Incidentally, since the NIC owns the MAC address, a NIC is technically both a layer 1 and layer 2 device.k

Switches also like to boogey at Layer 2.

Here’s an example of a basic switch.

Layer 2 Switch

You might be saying:

Vonnie! Vonnie! This thing looks just like a hub! What’s the difference man?

Switches are not hubs.  Despite the physical resemblance there’s a big difference:  Hubs mindlessly repeat incoming electrical signals out all other ports but switches are more discriminating.

When two computers need to communicate through a switch the switch won’t forward the frame out all the other ports unless it has to.  Since it’s a layer 2 device it understands layer 2 frames.  In other words, it knows what to do with source and destination MAC addresses.

Networking Switching

In the above diagram PC 1 has a MAC address ending in AA.  PC2’s is ending in BB and PC3’s ends in CC.

When a user on PC1 tries to send a file to a user on PC3 through the switch, the switch muses to itself like this:

Wait up PC1, what’s your source MAC address? Oh, Okay, it came in on port number 2 and I see it’s 00:00:AA.

So now the switch knows PC1 lives off port 2.   It does the same thing for the other ports.  This is how a switch can selectively forward frames because it knows exactly which MAC addresses are behind each switchport.

This allows it to efficiently forward frames to the correct ports without disturbing the other devices.  In our example, PC2 doesn’t even know PC1 and PC3 are sending files back and forth.

In a hub PC2 would get everything.  PC2 wouldn’t process the data but it would still receive it.

I hope you can see how hubs are a waste now.

The switch keeps all the MAC addresses in a handy little table known as MAC address table (or Content Addressable Memory CAM table in Cisco speak – but no one calls it that)

A Simple MAC address table

When a frame enters a switchport, it scans the destination MAC address table and looks for a matching entry.  Then it just forwards the frame out the appropriate port.

If the switch doesn’t know which port belongs to the destination MAC address it forwards the frame out all ports except the one the frame arrived on.  It temporarily behaves like a hub as it sends a broadcast message to all computers on its street (on its network).

Missing entries can happen if the MAC address table is cleared or you connect a bunch of devices to a new switch.  Or sometimes you send a frame to a device that is no longer plugged into the network and MAC entry was aged out of the table.  In any case, the switch says:

Hmm, I don’t know which MAC is assigned to that port so I’ll flood the frame out all my ports.  Yes yes, I know I’m acting like a stupid hub but this is the only way to figure out where that device lives.  Hopefully the correct device will respond and then I’ll mark its source MAC on the interface it arrived on.

You might have heard that Bridges also operate in Layer 2.  This is technically correct; however, no one uses these artifacts anymore so don’t worry about them.  A Bridge is basically a slower switch with less ports and less functionality.

They are obsolete like hubs and the Stegosaurus.

Kicking it at Layer 3

Layer 3 is my favorite layer because this is where we get to talk about IP addresses.

Before we jump in – let me ask you a question: What exactly is an IP address?

An IP address is just a street name and house number for network devices.

That’s it.  Seriously.

Just as your house has a specific number and is located on a particular street so network devices have a specific number and street.  The “house number” for network devices is called a Host ID and the “street” is known as a “Network ID“.  Your street can have numbers or words but computer streets (networks) are always numbers that look like this:


And every number is unique.

Let’s look at your IP address for a moment.  Press the Windows Logo key on your keyboard and type:

ipconfig /all

Or press Command + Space on your Mac, type “terminal” and type:


Here’s the IP information on my Windows 10 PC:

  • IPv4 Address:

Windows 10 IP address

This means:

  • My computer lives on a “street”/network called 10.0.2
  • My computer’s “house number”/host ID is 15

I’ll show you how I knew where to divide the IP address later but for now I just want you to understand that every IP address has a Network and Host ID.  And I want you to know that Routers, Packets and IP address are all part of Layer 3.

The Bottom Line

Wasn’t that fun? Did you learn anything new?

You should now know:

  • Which devices live at the Physical, Data Link and Network Layers
  • The difference between a hub and switch
  • How to find your MAC address on your Mac or PC
  • The basic anatomy of an IP address.

In the second part of this series tomorrow I’ll bring everything together.

Get ready.  It’s about to get good.


Connect with Vonnie on Twitter

Posted in What Is Tagged with: ,