254 lines
23 KiB
Plaintext
254 lines
23 KiB
Plaintext
|
Episode: 363
|
||
|
|
Title: HPR0363: Networking Basics Part 3
|
||
|
|
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0363/hpr0363.mp3
|
||
|
|
Transcribed: 2025-10-07 18:57:42
|
||
|
|
|
||
|
|
---
|
||
|
|
|
||
|
|
.
|
||
|
|
Hi everyone. Thank you for listening to Hacker Public Radio. This is Clat 2 and this is
|
||
|
|
the third episode of my network series, which is basically just the bare bones basics of
|
||
|
|
how the concept of a network functions. In the first episode, if you'll recall, we talked
|
||
|
|
about the OSI model, which is just a framework of sort of how it all functions, how it works
|
||
|
|
together. Seven different layers in that. Second episode, we talked about the components
|
||
|
|
of a network, the hardware components like routers, switches, hubs, things like that. Recall
|
||
|
|
that hubs are basically amplifiers that take a signal and amplify them and repeat them
|
||
|
|
indiscriminately across the rest of the network. Routers, filter packets based on IP information,
|
||
|
|
things like that, switches, switch packets, and break up collision domains that do not
|
||
|
|
break up broadcast domains. And bridges, I don't really know anything about. Apparently
|
||
|
|
they're like switches though. Okay, so in this episode, we're talking about Ethernet.
|
||
|
|
And Ethernet, you know, if a network is the body, then Ethernet is the veins or something
|
||
|
|
like that. Ethernet is the, it's two things. It exists on the physical layer as the Ethernet
|
||
|
|
cards in your computer or the Ethernet ports in a device and the Ethernet cables that you
|
||
|
|
string from one device to the other. So that's the physical layer aspect of Ethernet. We'll
|
||
|
|
go into deeper, obviously, in a moment. And then there's the data link layer aspect of
|
||
|
|
Ethernet, which is where we start looking at what happens to this series of ones and zeros
|
||
|
|
as it goes from, from literally the data link layer to the physical layer, what gets added
|
||
|
|
and how does this packet develop? How does this data develop from a segment to a packet
|
||
|
|
to a frame to whatever? So we'll talk about both of those two aspects of Ethernet. First,
|
||
|
|
let's just get kind of down and dirty with the hardware stuff. So the specs of Ethernet
|
||
|
|
is that it is, well, first of all, as opposed to some other form of cabling, like coax,
|
||
|
|
apparently they used to use coax for networking and fiber optic. That's obviously a big, kind
|
||
|
|
of a big deal right now still. I mean, fiber optic is a lot more, you know, carries a lot
|
||
|
|
of data. So somewhere between those, you know, we've got Ethernet. And it is 802.3 technology.
|
||
|
|
So you've heard of like 802.11 stuff like that. This is 802.3. And according to various
|
||
|
|
think tank things, like electronic industry alliance and stuff like that, Ethernet is,
|
||
|
|
by definition, a registered jack with four five wiring sequence. So that is RJ45. So you
|
||
|
|
probably heard RJ45 being referred to as an Ethernet cable. This is why it's a registered
|
||
|
|
jack with four or five wiring sequence on unshielded twisted pair. That's UTP cabling. And
|
||
|
|
we'll talk a lot about the wiring within the Ethernet cables in a little while. The other
|
||
|
|
term you'll hear some people apparently throw around, although I haven't actually heard it in
|
||
|
|
person, is an eight pin modular connector. I read that that's what it was also being called.
|
||
|
|
I've never heard it called that, but there you go. Okay, so Ethernet cables, there is some
|
||
|
|
inherent attenuation, meaning that there will be a degradation of your signal strength.
|
||
|
|
The longer the length of the cable is. So you need to look, I don't know the maximum length,
|
||
|
|
you know, or whatever. And I don't know that there is, I'm sure there's a maximum, but I don't
|
||
|
|
know what the ideal length would be, but that's something that you have to decide based on your
|
||
|
|
network. So attenuation, like I say, it's the degradation of your signal. So that's measured
|
||
|
|
in decibels and it's rated in categories. So you might have seen when you're out shopping for
|
||
|
|
Ethernet cables. You might have seen cat three cables for a bargain price and then cat five
|
||
|
|
price a little bit higher. That's because cat five cables have more twists per foot of cable,
|
||
|
|
resulting in less crosstalk between the pairs of cables. So you've got, you know, you've got
|
||
|
|
a better signal. So if you can, get cat five cables and avoid the cat three cables. In my limited
|
||
|
|
experience, I couldn't even find cat three cables to save my life at the business I was working at
|
||
|
|
for a little while. This past summer, I was actually set on a task to get some cat three cables
|
||
|
|
to test a network on like really, really, you know, old and bad equipment. I just could not find
|
||
|
|
them. So I was feeling if you walk into a store and grab an Ethernet cable, I mean, as long as
|
||
|
|
an electronic store, you're probably grabbing a cat five cable. Like I say, cat three, you might be
|
||
|
|
able to find that bargain price is somewhere. So if you've got a situation where you're buying like
|
||
|
|
a lot of cables, like long, long lengths of Ethernet cable to set up a network for someone,
|
||
|
|
keep in mind that the length of the cable will matter in terms of how good your signal is and the
|
||
|
|
way to improve your signal as you get longer lengths of cable would be to do what? Well, yes,
|
||
|
|
to hook up a hub and that way you can have, or you know, you might call it a multi-port repeater,
|
||
|
|
and that way you've got your Ethernet cable going in. It amplifies the signal, gives it new life,
|
||
|
|
and sends it out across the cables to continue its networking destiny. Ethernet also uses something
|
||
|
|
called CSMA-slash-CD that is carry your synths multiple access with collision detection. Okay,
|
||
|
|
what does that mean? Well, each device on your network is going to, because this is Ethernet,
|
||
|
|
it can look on the wire to see if anyone else is transmitting a signal. If the path is clear,
|
||
|
|
your device that you're sitting at, you know, that you want to send a signal will send that signal.
|
||
|
|
Now, in the event that two devices transmit something and there is a collision, then Ethernet will detect
|
||
|
|
that there was a collision, and it will send a jam signal to everything on that network and say,
|
||
|
|
okay, we've got collision, data has been damaged, everyone put yourself on hold for a certain amount
|
||
|
|
of time, and then try to retransmit, and that's what happens. And this is all made possible,
|
||
|
|
because Ethernet has that functionality. I couldn't tell you which little wire it went across on
|
||
|
|
or anything like that. I haven't done that much study on Ethernet, but that is something that is
|
||
|
|
a feature of Ethernet. And that's a good thing, right? Because you've got collision detection,
|
||
|
|
and you've got a way to detect whether there's a signal on your wire already, and you know,
|
||
|
|
you can wait to send your signal. I mean, you, the user, wouldn't do that, but the software,
|
||
|
|
the networking stacks underneath your applications and things will do that. And that is a good thing,
|
||
|
|
but keep in mind, you know, if we're talking about a home network with, you know, six or ten computers,
|
||
|
|
not that big of a deal, but if we're talking about something that is, you know, a lot more complex,
|
||
|
|
like your employer needs you to set up a big network for all of the employees and the company
|
||
|
|
and stuff, then you might want to take a look at that stuff and really think about breaking up
|
||
|
|
your collision demands, because otherwise you're going to start having people trying to send out,
|
||
|
|
you know, whatever signal a request for a web page or an email or whatever, and there are computers
|
||
|
|
just going to put itself on hold because the line is busy right now, and then it's going to keep
|
||
|
|
holding because, you know, you've got 200 other people trying to send signals out over this
|
||
|
|
network, and that is why we like to break up our collision demands to avoid issues like that.
|
||
|
|
There are two types of Ethernet cables broadly speaking, or actually there's, it's not just Ethernet
|
||
|
|
cables, it's like Ethernet interfacing, it's half duplex and full duplex. There are important
|
||
|
|
differences between the two, and you're going to find equipment that is capable of both
|
||
|
|
and equipment that is capable of only half duplex. Again, I had an old job over the summer that I
|
||
|
|
was working, they assigned me a job. They sent me the task of testing out a network on half duplex
|
||
|
|
with old cables and all this other good stuff, and I mean literally I had a hard time finding a switch
|
||
|
|
that would not do full duplex, so it was really tough to find something that, you know,
|
||
|
|
that wouldn't do the faster of the two things, so chances are if you're working at a place with
|
||
|
|
fairly modern equipment, then you're probably not going to have to worry about this, but for some
|
||
|
|
reason you're working at a place with old equipment and you're experiencing a slow network,
|
||
|
|
and you're trying to figure out what's going on, where the bottleneck is, whatever. That's one
|
||
|
|
thing the check can be aware of, that certain, you know, every element on your network needs to be
|
||
|
|
capable of full duplex from maximum speed, because half duplex is sort of a one-way street for
|
||
|
|
networking. There's one pair of wires, and all the data is being sent via this pair.
|
||
|
|
Full duplex is a two-way street. It's got one pair of wires to send data and one pair of wires
|
||
|
|
to receive data, so in theory that would boost your network performance by like 100%.
|
||
|
|
So the full duplex will speed up your network. It's great for all your connections from, you know,
|
||
|
|
a switch to a host, a switch to a switch, a host to a host as long as you're using crossover,
|
||
|
|
and we'll talk about crossover in a moment. You do need a dedicated switch port for each node
|
||
|
|
that you want to be true full duplex, and you need to obviously ensure, like I say, that your network
|
||
|
|
cards and your switches, and the cables are all capable of full duplex, that you're not trying to
|
||
|
|
use a half duplex cable on a full duplex switch, although I've done that and it seemed to perform
|
||
|
|
really well, but I wouldn't swear that that made it true full duplex. Ethernet comes in a variety
|
||
|
|
of different flavors. Three of them I've actually had experience with, and so I'm not going to try to
|
||
|
|
go into any of the other ones, but it's just mostly important to understand, or to realize,
|
||
|
|
I guess, that all Ethernet is not necessarily the same. I mean, so there's 802.3, which I guess
|
||
|
|
originally it was like a three-megabit per second connection, but now everyone, when you talk
|
||
|
|
about Ethernet and you're just talking about, you know, the slow Ethernet, you would be talking
|
||
|
|
about 10 megabits per second. Above that, there's the 802.3 U, which is considered fast Ethernet,
|
||
|
|
which is 100 megabits per second, and then the step up from there is 802.3 AB, which is the gigabit
|
||
|
|
Ethernet on cat5 cables, and so those are the different speeds of Ethernet. You can look up 802.3,
|
||
|
|
or just like fast Ethernet, or Ethernet, like on Wikipedia or something, to find out all the
|
||
|
|
different variations of that. It's really something that you'll probably want to look up more on a
|
||
|
|
basis of should you ever encounter it, because typically, or at least in my very limited experience,
|
||
|
|
the thing that I had to know about was whether to have my switch set at Ethernet, 100 megabits
|
||
|
|
per second, or gigabit Ethernet. There was actually a physical button on the switches that I was
|
||
|
|
dealing with at this one job, and it was just a matter of having all of my switches set to
|
||
|
|
the correct thing. If you don't keep it in mind, obviously, there's a danger of you possibly
|
||
|
|
not having things set correctly, and not having an optimized network. Those are the different
|
||
|
|
types of different speeds that Ethernet that you have available to you. There are different kinds
|
||
|
|
of Ethernet cables that you're going to encounter as well, so you're going to want to make sure
|
||
|
|
that you've got the right one. There is a straight-through cable, there's a crossover cable,
|
||
|
|
and there's a rolled cable. The straight-through is going to be good for your host to switch,
|
||
|
|
or your host to hub connection, or your router to switch, or your router to hub connection,
|
||
|
|
and that uses four wires, full duplex, and it is wired in such, like, if you took the cable apart,
|
||
|
|
if you took the connectors off the end of the cable, you would see that the wires, you know,
|
||
|
|
the red, blue, yellow, whatever, those little wires inside the cable pin one connects to pin one,
|
||
|
|
pin two connects to pin two, pin three connects to pin three, pin six connects to pin six.
|
||
|
|
So if you took the ends off of each cable and examined it, you would see that the red cable
|
||
|
|
goes to the same place on the other end as it started out on the first end. So that's just
|
||
|
|
straight through. Now, crossover is a little bit different. It's going to be good for a switch to
|
||
|
|
switch connection, or a hub to hub connection, or a host to host connection, or a hub to switch
|
||
|
|
connection, or a router to host connection, and that also uses four wires, but it is wired in such a
|
||
|
|
way that pin one on, let's say, the left connection goes to the pin three on the right hand
|
||
|
|
connection. Pin two, if you follow that through the cable, you'll see that that connects with
|
||
|
|
pin six over on the other end. Pin three would go back up to one, and then pin six would go back
|
||
|
|
up to two. So obviously, there's literally a crossing of the wires there so that they end up
|
||
|
|
on opposite pins on each side of your cable. But anyway, the point is that if you're in a pinch,
|
||
|
|
you need something other than what you've got. Keep in mind that if you just look this kind of stuff
|
||
|
|
up, you can actually rewire it pretty easily yourself as long as you've got the right tools for it.
|
||
|
|
Okay, the last kind of cable is a rolled cable, and this is basically, it's really just used,
|
||
|
|
it's for a very specific purpose. It's when you want to connect a host to a router,
|
||
|
|
but via a serial port. So this is when you've got a fancy router that has a serial port,
|
||
|
|
you can use this rolled cable to connect from your host to that router via this port,
|
||
|
|
and that enables you to top directly to the firmware is the typical use for that. I've never
|
||
|
|
used one, so I can't really say much more about it than that, except that it exists, and that's
|
||
|
|
what it does. Looking at the cables themselves a little bit further, we should start thinking about
|
||
|
|
how data gets across these mysterious Ethernets. How does the data get from, for instance,
|
||
|
|
the application layer, and then all the way down to the physical layer? That's kind of,
|
||
|
|
it's kind of a good thing to keep in mind because it's actually, I mean, it's something that you're
|
||
|
|
going to be thinking about a lot in a network, because what happens is if you've ever seen a
|
||
|
|
space shuttle lift off on TV or whatever, you'll see that the space shuttle leave the ground,
|
||
|
|
and then once it reaches a certain altitude and it's burned off a certain amount of fuel,
|
||
|
|
that fuel tank will be ejected from the shuttle itself, so it's shedding off these layers that
|
||
|
|
it doesn't need at, you know, at different stages during its journey. It's kind of similar on a
|
||
|
|
network in a way. So let's say that we start out, obviously, at the application layer, where the
|
||
|
|
user is making some kind of request or generating some kind of data. The presentation layer deals with
|
||
|
|
that data, puts it into whatever format it needs to be put into, and the session layer below that
|
||
|
|
establishes a session as it were to keep all the data organized and make sure that the data comes
|
||
|
|
through where it needs to come through and ends up where it needs to end up, then the transport
|
||
|
|
layer comes into play, and it will add a header, either a TCP or a UDP header, to the data that's
|
||
|
|
being fed to it from these upper layers, and it also creates a virtual circuit for this session,
|
||
|
|
giving it an arbitrary port number, which would start at 1024 and go up from there. So let's say we're
|
||
|
|
trying to FTP somewhere. That is by default assigned to port 21, right? So if we're sending data to
|
||
|
|
a port called 21, and the computer sees you wouldn't want to send it from a port also called 21,
|
||
|
|
now would you? Or you wouldn't want to send it from a port that is assigned to some other service
|
||
|
|
already, like SSH. You want to give it a random, the transport layer is giving it a random,
|
||
|
|
or I don't know how random it is, but an arbitrary port number that is not reserved for something else,
|
||
|
|
and that is not going to be the same as what you're trying to communicate to. The network layer
|
||
|
|
then is going to add an IP header to the segment of data, and at this point this segment of data
|
||
|
|
becomes a packet. It's also going to add a protocol field defining whether it is TCP or UDP.
|
||
|
|
It's going to find the destination hardware address, and the way it's going to do this is with
|
||
|
|
something called address resolution protocol, which is otherwise known as ARP, and we'll talk about
|
||
|
|
that more on some other episode, but basically it compares the IP address and the subnet mask of
|
||
|
|
the source to the IP address and subnet mask of the destination. And if they're on the same network,
|
||
|
|
then ARP is going to ask for the MAC address, and it'll send the packet if it is not on the same
|
||
|
|
network. Then IP is going to look for the IP address of the default gateway or the router instead,
|
||
|
|
so that packet can be forwarded to the appropriate network. In other words, if it's not on your local
|
||
|
|
area network, it must be on some other network somewhere else on the internet, and it will send it
|
||
|
|
out to that other place, or not necessarily the internet, but it could be another network that
|
||
|
|
you're connected to. The data link layer then comes in and encapsulates each packet into what's
|
||
|
|
called a frame, and it places another header. This time of the source MAC address and the destination
|
||
|
|
MAC address. MAC address being, of course, media access control. That's the number that's
|
||
|
|
burned into the network card, the CRC, which is the cyclic redundancy check, which is going to
|
||
|
|
help the data link layer detect errors, although not correct them. That's added to the header as well,
|
||
|
|
and the answer to that CRC is placed in the FCS, which is the frame check sequence field
|
||
|
|
in the at the tail of the frame. So we've got a lot of data being added there, and then finally,
|
||
|
|
all that stuff is sent over to the physical layer as a bunch of ones and zeros, a pure binary
|
||
|
|
signal, and it's committed down to the network medium. That is the wires, the ethernet cables
|
||
|
|
themselves, and every device on the network synchronizes with the frames clock, and they extract
|
||
|
|
the ones and zeros from the signal. They build a frame, and they take a look at the CRC,
|
||
|
|
make sure that the frame is okay, and if it is okay, then the device checks to see if that frame
|
||
|
|
is for them. If the frame is for them, then the process continues, and it does what it needs to do,
|
||
|
|
kind of the reverse process of all that, it goes through all the headers and figures out what
|
||
|
|
protocol it is, and it makes sure that there is no, no or no dropped packets, etc., etc., and then
|
||
|
|
it sends it on up through the session layer to the application layer. If it's not for them,
|
||
|
|
then they ignore it, and it's not for them, so they don't worry about it, but that's how this
|
||
|
|
stuff is sent over the network. It's just, it's given a whole bunch of different headers,
|
||
|
|
lots of different information is being put onto the actual data packet that you are sending out,
|
||
|
|
so that all the different components of the of the network stack can, can take a look at it and
|
||
|
|
know what to do with it. So let's talk about ethernet as a data link layer entity. Ethernet addressing
|
||
|
|
uses the media access control number, and that is, like I say, it's burned into the ethernet
|
||
|
|
interface of a device. It is a 48-bit or six-byte number in hexadecimal format, and it's very
|
||
|
|
specific as to how this is composed. The first bit is the individual group bit. If it is zero,
|
||
|
|
then you know it's a MAC address. If it's a one, then it could be something else like a broad
|
||
|
|
cast or a multi-cast address. The next bit is the global or the local bit, sometimes also called
|
||
|
|
the universal bit, and if that's a zero, then this this is a globally administered address by the
|
||
|
|
IEEE organization. If it's a one, then it's a locally administered address. So if you are,
|
||
|
|
if you've got your own protocol or if you're running tests or whatever, I mean I don't think this
|
||
|
|
would be on the level of certainly what I would be doing, but if you were really screwing around
|
||
|
|
with the networking and stuff like that, if this was set to a one, then you would set this bit to one
|
||
|
|
because it is a locally administered address. The next 24 bits are a manufacturer's assigned code,
|
||
|
|
or again it could be a locally administered one, but assuming that this is more common, it's
|
||
|
|
going to be a manufacturer's assigned code, and this is usually just, it'll start with zero,
|
||
|
|
you know, 24 zeros for the first card that they churn out of the factory on up to the end of the
|
||
|
|
run, you know, whatever that would be mathematically to fit into 24 places. So that would be what you
|
||
|
|
would see there, and a lot of times that's the you'll see those same digits as part of the serial
|
||
|
|
number of the actual interface card as well. The Ethernet frames themselves are used to encapsulate
|
||
|
|
packets coming in from the network layer. So right above the data link layer obviously is the
|
||
|
|
network layer, right? They're done in a Mac frame format, and they provide error detection
|
||
|
|
from cyclic redundancy checks, the CRCs. So this is important data because it's double checking
|
||
|
|
essentially the integrity of the data. And so again, they're very specific in what they contain.
|
||
|
|
They've got a preamble, which is alternating ones and zeros, which create basically a five-meter
|
||
|
|
hertz clock at the start of every packet. This lets all the receiving devices on your network synchronize
|
||
|
|
to the incoming data and make sure that they're getting all the data. And the way it does this is
|
||
|
|
with what's next in the in the data frame is it's the start frame delimiter FDF, and that's
|
||
|
|
it's one octet. So it's one zero, one zero, one zero, one one. So everything knows, you know, we
|
||
|
|
can come in at any point during that one zero, one zero, one zero, but then when they hit one one,
|
||
|
|
they know they're in sync. The destination address comes next, and that could be an individual
|
||
|
|
address, or it could be a broadcast address, or a multi-cast address, you know, to all the
|
||
|
|
devices on your network, or just a subset of all the devices, whatever. That's the destination
|
||
|
|
address. So the next thing would be a source address, and obviously that's just going to be from
|
||
|
|
one thing that's not going to be a broadcast, or a multi-cast address. That's going to be an actual
|
||
|
|
48-bit MAC address of the computer or the device, the node that sent the data. After that,
|
||
|
|
is the length or the type, and that identifies the network layer protocol that's being used,
|
||
|
|
and then the actual data itself. So this is the data that you are sending, and that can be anywhere
|
||
|
|
from 64 to 1500 bytes. And then there's the frame sequence check. Like we said, that's the
|
||
|
|
that's the thing that's going to have the answer to the CRC, so that once the frame is all received
|
||
|
|
and looked at, the cyclical redundancy check can be verified by the frame check sequence.
|
||
|
|
That is everything that that composes the data that is being sent from the data link layer over
|
||
|
|
the Ethernet cables. And that about sums up Ethernet for you. So you've got it on the physical layer,
|
||
|
|
you've got the wires in the cables, different speeds, different, you know, full duplex,
|
||
|
|
the half duplex, you've got straight through, you've got crossover, and you understand the process
|
||
|
|
of data getting from the application layer down to the physical layer, and you also know what
|
||
|
|
exactly is being sent from the data link layer to the physical layer. So in the next episode,
|
||
|
|
we'll continue our exploration of networking, and thanks for listening.
|