Layer 2 Switching & VLANs | Cisco CCNA 200-301

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

or this CCNA Sunday are these we want to make sure that we understand Ethernet addresses how layer to learning and forwarding work and the purpose of VLANs and I have a few surprises up my sleeve for you too as we discuss these topics so let's go ahead and bring up let's bring up a topology and let's talk about this right here boom boom all right let's use this as an example we talked in our previous session about how traffic moves through a network and in the big picture if I've let me just draw it right here it'll be fun let me get a new layer and let's imagine Bob so Bob is our user hi Bob how are ya and Bob's at his PC now that PC could represent a mobile device it can represent a laptop a desktop virtually anything that's connected to the network and in a corporate environment bob is going to be I was going to be connected to which referred to as a layer to switch which is the focus of our content today so we'll talk more about the layer to switch let's imagine you connect to this port right here we'll call that port number one and then on port number two we have another device maybe another PC PC 2 for example and then another another port and another device and another port and another device and I was put et Cie right here so if Bob is communicating locally on his network when he's if he's doing if he's making a web server request for example it's gonna go something like this let me get out some great colors I can use to reinforce this as well it'll be totally worth it and here we go all right hmm all right so if Bob it if Bob wants to communicate with let's go ahead and target PC to let's say PC to is running a web server or just doing or yeah that works let's imagine a PC to where this device is running a web server so in Bob's computer what he would do is he would in his browser just imagine your favorite browser he opened the browser and you go to the name of that website or in the case if he knows what the IP address says he puts the IP address in presses enter and then behind the scenes he gets a response now what's actually happening with all that and we son this in the last one I want to reinforce it as we focus on their to his browser is actually using the services of HTTP in the tcp/ip protocol stack or if it's a secure session is using HTTP those are two examples of application layer protocols so Bob you know let's talk about Bob for a second Bob they may not know that he may just realize that I'm going to a website and pressing enter but behind the scenes there are application layer services and the tcp/ip protocol stack at work will have a separate section on just that in one of our CSA Sundays so continuing down these application layer protocols are going to be then using some services at the transport layer and I happen to have it memorized but HTTP and HTTPS they both use a protocol called TCP at the transport layer TCP is the protocol that cares what do you what do you mean keith is the protocol that cares well if if an application they are service like Web Services is using TCP at layer 4 TCP wants to make darn sure that the message got delivered so to do that it's gonna do a little handshake upfront with the target between the client the server hey you want to talk to me yes no and then it's gonna send acknowledgments and checks along the way just to make sure that all the data got there so a lot of a separate section on layer 4 and transport layer protocols but that's what TCP does for a living now before Bob's computers all in the mind that's in black this is in the mind of Bob's computer am i nd I can spell this so before Bob spits it on the wire Bob's in his on the computer in Bob's computer it's doing all this it's called encapsulation so it takes the request for the web services it then adds the TCP information then at layer 3 it adds the IP information so it'd be Bob source IP address and the destination is its IP address for the destination and then that layer 2 which is what I want to focus on today it's going to go ahead and add layer 2 information and that would be a an Ethernet let me change that color I want that to be kind of the color of the day link layer let's go for this color and Ethernet that's gonna be the MAC address and I'd like to pause right there and let's talk about MAC addresses for a moment what what is the MAC address why do we care and it's a good discussion so in this network right here I've got a switch and I've got some network devices I've got this really old PC I just got out of the closet so I could plug it in for an example if we wanted to connect this PC to the switch we would do so just by using an Ethernet cable from the device and going to the switch just like that though we have connectivity if we have another noise it's a little Raspberry Pi little small computer we want to connect it places forgot I had that on my neck we can connect this and plug it into the switch for connectivity now I'd like to ask a question I'm gonna ask it's not hypothetical yet it will be eventually but each of these network devices the network interface card on this computer the network interface card on this device the network interface card on anything connecting to our switches our switch networks they all have a very unique 12 digit address it's 12 digits long now behind the scenes computers use binary a lot of ones and zeros like a light switch but as humans we view it as a 12-digit number that's a sign uniquely to this interface this network interface card on this device and this computer has a unique layer tor MAC address and the Mac is stands for Apple but media access control so the problem is that well factor you know let's do this let me show you how you can do everything I need to so here at the command prompt if we want to see what our burned in layer 2 addresses our Ethernet address we just simply do a show IP config and then we say that's the problem with working on cisco gear all morning show commands ok so I want to windows 10 computer so the command would be IP config oh my gosh I had the words so and I'm gonna bring it up a little bit so the command is IP config on a Windows computer and they're showing us the IP address and the mask and IP addresses those are layer 3 constructs think of a layer an IP address like a combination of a street name like a network name and also the actual house number on that Street if wanted to see the layer to address the Ethernet address that 12-digit burned in a dress we would use that same command space with a /a ll and that will show us the information here plus the burned-in address to the layer to address on the network interface card and here it is right here I'm go ahead and highlight now one of the beautiful things about layer 2 addresses Ethernet addresses MAC addresses like this right here is that there are so many different names for it and this is something I wish somebody had just pointed out to me like a couple maybe two and a half decades ago when I was first learning about layer 2 addresses is that what give me a list of all the names that way of swinging mentions this type of an address on that ah that's the layer 2 address that's an Ethernet address so let's make a list together of the names and if you have some recommendations in the chat go ahead and put those in as well so here are the names over the years that I've seen this address referred to s1 is shown right here the physical address so are you saying keep that if space says physical address and we talked about Ethernet they're talking about this layer to address this MAC address the answer is yes and that brings us to Ma C in uppercase media access control it's also a layer to address it's the same thing in fact we could call this the physical address for the MAC address we could call it the layer to address that works we could call it the see here physical Mac layer 2 we could call it the Ethernet address and these are all layer 2 just to get that our minds as well so even address physical Mac layer 2 Ethernet and the other one because these are burned in from the factory when a manufacturer makes a network adapter they actually put in that unique 12 digit address and so is sometimes referred to as a BIA a burned-in address and that a is address on the burn an address address I'll put that in parentheses so now if anybody comes to us or is reading an article or discussing a network problem and they talk about Mack and Russell they are to address an ether and address a physical address we can just realize up there talking about that 12 digit number which represents 48 bits in the background but that 12 digit hexadecimal number that's burned into every network interface card including this one and this one and the other eleventy billion network devices that are out there so that's what a layer 2 addresses and Ethan address that was one of our objectives is to make sure he talked about the what is and he'd go back to this graphic real quick what is an Ethernet address and it is a layer 2 address that is burned into every network interface card now also network interface cards could be let me bring up that screen for you network interface cards are also referred to as network adapters network interface cards network cards that's just the physical card most days they're built into our network devices and this also applies to wireless so if your computer has a wireless adapter it's also the same concept it's gonna have a 12-digit number that has burned in from the factory that is its layer to address all right let me yeah all right I've got my overlay on there as to here didn't dent that damn where is that huh not there not there not there so I've got an overlay with these hello and we'll begin in a few minutes and I for the life of me can't see where it is in my painter application all right so an Ethernet address 12 digits long now the next challenge is why do we care about this and that is a very very valid question and let's take a look at why this might matter and we'll go back to this analogy with Bob so back here with Bob and I go to this layer right here perfect all right so if Bob is trying to communicate with PC to Bob before he sends that information out on the network he's got to go ahead and input or implement all that information including the layer 2 address of PC 2 before he spits the bits on the network so the big question is well bob has a layer 2 address a source address is darn burned in the networking charge and pc2 or the server whatever he's talking to has a layer to address but the big question is how how does Bob because he needs to include it in the in the day of these gonna be sending he needs to include that before he sends it and so the method that Bob's computer is going to use to learn another device on the same local network to learn its layer to address is a protocol called a R P an ARP is an acronym for address resolution protocol and it goes something it goes something like this let's imagine that you and I are Bob's computer and we need to find PC twos layer to address so here's what we do we shout yeah we shout we say hey everybody on the network I mean everybody I need to know the layer to address associated with any we give the IP address and then in response everybody listens to that it's kind of a bummer but every a listens on the network on that same local network and then the person who owns that IP address says oh that's my IP address I will respond with my layer to address so ARP is the mechanism for learning when a client on one network needs to find out or discover the layer two drafts of another device on that same network our address resolution protocol and you know I think would be fun yeah we can do this I think it'd be fun to actually prove that because understanding it's like way ARP is used how do we prove that I think I think a great way to prove it would be this [Music] let's go to Bob's computer yeah let's do that let's go to Bob's computer and what we'll do is as Bob learns layer 2 addresses of other devices on his local network he's going to go ahead and put those in something called an ARP cache and the benefit of an ARP cache I'll give you the screen here I follow these the benefit of an ARP cache is that you're looking at the side of my head and I follow these the benefit of our cache with Bob is that Bob can ask for somebody's layer 2 address and then once that gets it in an ARP cache so let's go ahead and let me bring up an environment or in practice with this yeah let me do a refresh here of this baguette about this entry right here so effectively let me bring up another window real quick yeah perfect so effectively we're gonna do this we're gonna say art - d4 delete and then an asterisk and that's going to say to this computer please delete any dynamically learned layer 2 addresses you have in the air cache so press ENTER and then we'll hit the up arrow key a couple times and now he knows about this multicast address which isn't relative to our conversation but he does not know about this layer to address and to demonstrate Moustakas for mine if we were to send more traffic from Bob's computer over to that device at 20 Bob's computer say oh no I don't I don't know what the layer 2 address is I can't put all the pieces together it'll do an ARP so Bob's computer on its own will do an ARP request it'll send it out as a broadcast like an all-points bulletin hey everybody on this local network if your address is 1016 0.20 could you do me a favor and respond and tell me what your layer 2 addresses pretty please and that's what an ARP request does so to demonstrate that let's capture it on this Windows computer I've got Wireshark Wireshark is a a free protocol capture program it it copies all the packets that it sees going in and out of the network interface card now we can actually take a look and verify Arps behavior as it discovers and asks and gets a response we're getting a layer 2 address it's on the same local network so let's do that let me just - the up arrow key make sure we still don't have in our entry for it good so we do not at the moment have an entry for 1016 0.20 and just put this in context that is the IP address right here up PC - 1016 0 plenty I'm Bob species 1016 0.10 alright so let's go ahead and let's capture that traffic that'll be fun go to the right window here and here's my icon down here for Wireshark I'll just launch it and I'll start capturing on the network interface card oh there's gonna be there's give me a boatload of traffic on this network segment cuz there's a lot going on but I want to focus just on the RP Qwest as Bob's computer tries to figure out what the IP what the layer to address is or PC to so we'll hit the up arrow key a few times I guess we won't I guess I'll just do a ping of 10 that 16.0 top 20 and what in the background because it's not in the ARP cache that's gonna force an ARP and then it's going to go ahead and subsequently do the ping request ping is simply a network connectivity tool uses ICMP to test connectivity between us the device issuing the ping and the device we're trying to reach so you'll notice that here the first ping had a long time out 387 milliseconds that's a long time compared to 22 milliseconds that's 22 one thousandth of a second and so anyway the first one very likely took longer because ARP had to happen if we do it again because in the ARP cache we have a much more constant delay that first hit and if we hit the up-arrow key a few times new ARP - a there we have our dynamically learn layer to address of PC - and just to confirm let's go verify that's really a PC T's address I just don't like to leave too much to chance here so we look at PC - and on this little virtual machine if I do a show IP there's its IP address 1016 0.20 and there's this layer to address and what I do I just look at the last four digits six eight zero zero is the last four digits and that's what should be in client pcs ARP cache so we go back to the client PC yeah six eight zero zero and it learned that via R now if we go back to our protocol analyzer and I'm gonna stop this stop the madness and again there's a lot of activity happening in the background I've got multiple networks up there but let's see here let's go look for the first set of pings and I'll back it off a little bit all right there okay so if we look at the details of this packet which in this captures packet number seven and here's the layer to information so in the layer 2 information the destination address was a broadcast now in this ARP request here's the problem Bob's computer doesn't know what the layer to address is of PC to so ARP is simply going to send a broadcast where at layer two the destination address is all FS that's in hexadecimal but in behind-the-scenes means it's all ones it's a special reserved of drafts meaning everybody needs to see this so Bob's computer sends a broadcast everybody on that local network gets it they all have to take a moment ah another broadcast oh no it opened up and as they open it up all the devices that don't have the IP address of 10.16 dot 0:20 say ah wasted time next next frame place but PC - who actually has that layer to address or how does that IP address it says oh you're looking for my layer to dress and it's gonna go ahead and do a response so we open up this packet a little bit and so here's the source MAC address this is Bob's computer here's the destination address the ARP request which is a broadcast and if we open up the actual ARP request it says hey here's my layer 2 address says Bob's computer here's my IP address says Bob's computer and I'm looking forever whoever has this IP address 10 16 0 20 please respond with your layer 2 address and we won't have to look too far for that because it's going to be in the skinny very very close in the output here fact it's in the very next packet which is our very next frame we'll talk about that in just a moment which is number 8 so here we have the reply and this reply is coming from see here yeah so this reply is coming from the MAC address sending in six eight zero zero which is PC - it's going to our windows 7 layer 2 address which is eight 8 nine 9 and in the payload in the ARP reply message here's where the sender is saying yep here's my layer 3 address my IP address and what you wanted mostly here's my layer 2 address which at that point Bob's PC put that in the cache of its local computer and and it used it for the very next frame where it did the ping request so when you did the ping request Bob's computer included that as the destination address at layer 2 so that's that's how a computer discovers what the layer 2 addresses of another device that's on the same local network alright so let's go back and take a look at what we've done so far we've taken a look at my bring up the video we've take a look at layer 2 addresses and my question for you is this which network interface cards if we're using Ethernet which network interface cards have a burned in ready to go for the factory layer to address which ones like does this little Raspberry Pi have one for its network interface card is this laptop have one that I just pulled off my desk sorry guys probably ok how about the how about this little mini baby mini-me version of an AAS a firewall does it have a layer 2 address on each of its network interface cards and the answer is yes yes it does the second question is how does a client so if this PC right here wanted to talk to this Raspberry Pi and it didn't know the layer 2 address of this device how would it find out assuming we're running the tcp/ip protocol stack well would this PC do what protocol would is if it needed to learn the layer 2 address of this guy's network interface card if you're saying Keith its ARP address resolution protocol you'd be spot-on so I want to make sure we're covering the topics I wanted to focus on in this CCA sunday this is a critical function that happens on Ethernet networks everywhere so whether you're running checkpoint Juniper Palo Alto Cisco it doesn't matter if you're running Ethernet this process of ARP and dynamically learning layer 2 addresses on the same local network that's how it works all right so I want to talk about Ethernet addresses I want to talk about learning and the next question I have in fact you know what I'd like to do I'd like to give you a brief history lesson because it's relevant back when I started back in the day 1980s we didn't have Ethernet we didn't we had a lot of IBM mainframe networks and things like that and then when local area networks first came out they used we use token ring because that's what IBM was pushing at the time for local area network activity so we're not gonna talk about token room other than what I just did but what we did use is we used something called Ethernet with coax cables now if you're thinking coax cables I mean like coax TV Comox yeah that's how it started and here's how it work you get this long coax cable with cuts in it and termination points are long cuts in it sorry you get coax cable chunks of it properly terminated and then you have these little t connectors and the network adapter cards instead of having an rj45 jack like this does this is an rj45 jack kinda looks like that that's what we use today Ethernet networks when we're not using fiber which is right here but we would take a t-connector and it would connect to this barrel connector on the ethernet card and then we would daisy chain like a piece of coax from that computer to the next one to that t-connector and then from that t-connector on that machine to another one and we daisy chain them you know back in the day in the 80s it's like oh my gosh we're not--we're getting whoo and they call that 10 base to 10 megabits per second baseband approximately 200 meters on a good day but the problem was if that coax was broken anywhere along the path had termination points on the end you break that cable or there's a problem that cable the whole network goes what's the word I'm looking for oh yeah down just boom gone and so that's a problem the other problem was that any device that communicated on that coax network basically every other device had the opportunity to see every single frame of data everything so for security it wasn't good because you send a frame in this device sends the frame in and every other device on the network has a chance to oh that's cool what's that so what we did we migrated from coax cable which was really a pain for all those problems I just mentioned and we went to something called a hub hubba bubba so with a hub we have rj45 connectors and what we do is we plug all the devices into the hub so I'm gonna take the that computer plug a man take the laptop plug it in and we double these devices connected to a hub now the benefit of a hub was that if any single cable got cut the rest of the network just that one device would lose the service but the rest of the network was still function which is good however the bad news is is that the hub was they call it a dumb up sorry mr. hub because what it does is any signals to go into one port it doesn't have any intelligence about any kind of addresses like layer 2 addresses what's that I don't know I don't know what that is so what a hub died but it just takes signals that come in one port and it says I must forward these bits out every single other port but like a repeater that's all I did so the the benefit was if we lose one connect cable the network still functions the negative is it's not to secure also also because we're sharing the hub effectively only one device can send at a time so with coax cables and with ethernet hubs at layer one because it's a physical or repeating device we have something called half duplex now if you and I are talking like we're having a comment let's imagine you and I are we're grabbing a drink and whatever that drink might be and we're just town a nice chat it'd be really great as you and I talked that we could do it half duplex what does that mean well half duplex means that we both don't talk at the same exact time I say something you say uh-huh or you telling me something I say uh-huh and we're going back and forth having a nice great conversation you and I that's half duplex well on a computer network if we have 20 or 30 or 40 or a hundred devices on the network and they all have to only one device can talk at a time that's referred to as half duplex and it's not very good so to solve the problem we came up with another device I've got at least several of them very very close and oh you know what I'll use this one hi began with another device which is known as a switch a layer to switch I so instead of plugging into a hub we can plug into a switch and there's if you have a home device like a home wireless router it usually has like one port that connects up to the Internet and the rest of the ports connect internally to your local network and those internal ports those are switched ports and here's the benefit of layer 2 switching somebody had the idea wouldn't it be great if when this computer or this device sends data into the network that's supposed to go to this PC let's just forward it just to that PC let's not forward the frames to every other device let's ward it just this computer and then this emails came up with a thought well if this switch is gonna make forwarding decisions based on the layer 2 MAC addresses the physical address is the hardware address is the Ethernet addresses this switch has to learn well where those device to live I mean how does this switch know that this MAC address with this device is off of this port port number 1 and how does this switch know that the MAC address with the laptop is on port number 2 and the answer is the switch learns by listening what the switch is gonna do the first time that any device sends a frame into the network that frame is going to include a source and destination layer 2 address and if it's a broadcast to be a broadcaster s but in either case in fact let's take a look at our our packet capture which I think I still have up yeah check this out so even with this ARP request right here I'll bring it up full screen there so with this ARP request you'll notice that this this is Bob's computer he has his source layer 2 address included as he sends that data into the network so here's what the switch does this which says oh I'm gonna memorize that that layer to address that source address came in on this porc maybe it sport like 1 / 0 or 0 / 1 or 0 / - whatever report it is and after a few moments the switch can memorize and know dynamically learn all the layer 2 addresses associated with which ports so if there's 10 say there's 100 devices and this this device needs to send a packet or frame to this device it includes this layer to address when this device says that into the switch the switch says oh I know where that layer to address is and it can just forward it boom right to that port it doesn't have to forward it to everybody it's not gonna bother everybody just says it right to the port so that's how a layer 2 switch like a multi-layer this layer 2 switch how it learns where MAC addresses live by listening to the frames that come in and then saying oh I saw a source MAC address of XYZ on this port and if I ever get a frame destined to that layer 2 address that's the port I'm going to use so what are we covered so far let's back up a second drink of water am I told you I appreciate you being here I I do I do it's great to have you um so we've identified that every network interface card on Ethernet including Wi-Fi has a layer 2 address that's burned in from the factory and those layer 2 addresses have multiple names layer 2 addresses Ethernet addresses MAC addresses column that you want it's a little great we also learned that if computer one needs to find out the layer to dress of computer 2 on the same local network this only is relevant on the same local network it's gonna go ahead and do an ARP request so the ARP request goes out as a broadcast everybody in that local network listens and the one that has that layer 3 address associated with the request is gonna respond back and say oh here's my layer 2 rust which is then cached in use the third thing that we've just identified is that this layer 2 switch is now memorizing layer 2 addresses it knows that the MAC address for this device lives off this port because it's listening to these source frames that come in and memorizing or adding those two things called a MAC address table yeah so that's where it safari you know you know we should I like taking interrupts introduce steps and verifying as we go so we did a protocol capture to verify ARP requests and responses how would we verify that a switch can go ahead and learn I've got an idea let's do this let's go ahead and let's bring up this topology yeah I think I think this will work let's go ahead use this right here this is port I think look at my notes this is port 0/1 on a switch that I have that I'm going to do a demonstration on and this is port 0/2 that pc 2 is on Bob's computer I think it ends in 6 6 7 mmm let me take a look let me verify that oh seven 7 eight 8 nine 9 all right so I will back that off seven 7 eight 8 nine 9 that's Bob's last six digits of his MAC address on his network interface card and let's go grab whatever PC twos is and we can do that just by going over to the Swit and let's go over to yeah let's go here all right so here's pc 2 and it's its MAC address ends in six six six eight zero zero and I'll document that as well six six six eight zero zero six six six eight isn't really sick sick sick so I gotta check that again it can't be right it is alright that's that was just an accident that doesn't mean anything all right in case you're superstitious it's just a number in fact what I'll do is let's just focus on the last four digits for that bad boy and then we don't have to feel bad about doing that for anybody all right so I'm gonna go ahead and just erase this and I get out my eraser tool here yeah yeah oh there we go so the last four digits of there's never kind of restart of that so if we powered on this switch and let it dynamically and send some traffic in the switch should dynamically learn that I'm poor 0/1 is the MAC address of PC one and off port 0 / - you should dynamically learn the MAC address associated with PC - so client client went up here and PC - off of port 0 / - and to force that I'm going to I'm gonna show you some stuff whenever I like to verify I like to do it in a ways that can be replicated and proven not just by luck so let's do this go to switch 1 will go to configuration mode interface gig and that port is 0 / 2 and I'm gonna do a shutdown and the reason I'm doing that is any MAC addresses that that switch had learned on that port 0 / - Don and then we'll bring it back up and then we'll go ahead and then we'll take a look at the MAC address table we'll send some traffic from PC - and just verify that the switch is dynamically learning the layer to address on that port so let's bring it up no shutdown I used to have a cisco dog and that's how I taught him to stand it was the command no sit and you stand that's not true I did have a really amazing dog that passed away a couple years ago but we had different commands for sitting yeah although I always think about that when I dunno shut alright so let's take a look at the MAC address table on a Cisco switch to see the MAC address table the dynamically learned MAC addresses we use the commands show Mac space address and I'm tapping that out address - table and here's what it knows about so I have a lot going on behind the scenes in this lab but the point here that I want to share with you is that PC - I changed the color there so PC - is on port gigabit 0/2 and if we look at the dynamically learned addresses we have nothing yet on port 0 / 2 and the MAC address for PC - once we send some traffic in it should go ahead and the switch to dynamically learn it again this is just to reinforce that the switch the way it learns where MAC addresses live is by looking at these source frames from the devices as they come in on their respective ports alright so let's do let's hit the up arrow key one more time just to make sure we have nothing for 0/2 fantastic and let's go to PC - so I'm PC - it should I take like one ping let's cut in ping 1016 0.10 so this is PC 2 pinging Bob's computer and we'll press Enter and you'll notice that the first one Wow there these are not rapid response times but the first one took a little bit longer you'll see that 237 milliseconds which is about 1/4 of a second and that took a lot longer very likely because it had to do the ARP and this little virtual machine had to do the ARP and then sent frames into the network including the broadcast frame the switch looked at that source MAC address and said oh I know where you live now this MAC address you live off port 0 / 2 we can verify that by going to switch and hitting the up arrow key one time for a show Mac space address table and there it is right there zero zero five zero seven nine six six six eight zero zero that is the layer to address of PC - and over here on gig 0 / 1 this is the layer 2 address of Bob's computer that it also learned in the same exact manner so as we take a look at what we've learned so far in our journey in this CCNA Sunday we've identified layer 2 addresses where they come from they're burned in from the factory on network interface cards they have several different names that we could refer to them as but a rose by any other name still is 12 digits long it's still an Ethernet address we learned how a client on the local network can use an ARP request to go ahead and find the layer 2 address of another device on that local network and if that other device is out there and here's that broadcast that ARP request it sends a response we've now also identified how a layer 2 switch can be used to dynamically learn the layer 2 addresses based on eavesdropping it's like oh I see the source MAC address coming in on port 0 / 1 it's this address like and it builds that adds up to MAC address table so in the future any frames that come in if their address to a MAC address where the switch says oh I know where that is it can make a layer two forwarding decision set it forwards to the correct port based on the layer 2 information now a couple of things I want to point out 1 what happens if a device sends a frame into the network and the switch does not yet have a MAC address table entry for that layer to address let's talk about what we would do let's imagine that we've memorized all these layer 2 dresses off the various ports and we give this frame in and this frame is destined for a layer 2 address that we don't know exactly where it is I would say we could err on the side of caution and maybe we just squint and say I'm gonna go ahead and I'm gonna flood that frame to every other port in the same network because that way if somebody's out there who needs it they'll get it so when a switch does not know the layer 2 destination address that it's free in the frame when it receives it it's gonna get to Unit it's called the unicast flooding it's basically sending it to every other port in that same network in hopes that hey whoever's out there maybe they'll see it maybe they'll use it good that receives a frame and it's destined to the broadcast address which is all F's in hexadecimal all right so let me do this we've talked about a few critical pieces and fun pieces we've used analogies we used examples we've used demos and I'd like to put some music on for maybe 30 seconds 45 seconds and just take a look at the queue and see if there's any and I also appreciate everybody who's answering questions for other people fantastic - thumbs way way up who has two thumbs and really appreciates you answering other people's questions I do appreciate you so let me put some music on for like 30 seconds take a look at the queue and then I do have one other concept I'd like to introduce to you and that's the concept of a virtual local area network or a VLAN so they put some music on and we'll be right back in about 30 seconds [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] answers to the questions that come up also if those questions aren't answered that you have regarding this topic which is layer 2 switching and Ethernet addresses and how devices and switches learn about the layers and we have a network with 300 devices if one of those devices just one does one ARP requests like a broadcast that means 299 other devices on the network kept saying uh what's this it's a broadcast I guess I better look at it and if in case you're something important they open it up they look at what it is if it's not applicable they throw it away and we say I can't believe we were bothered actually computers don't have attitudes but if we have a 300 device Network and there's broadcasts that's a lot of overhead for devices that have to process that also for security it's not always good to have everyone one network even though it's switching with these guys right here we have what's called full duplex meaning they can send like this device on a switch it can send and receive at the same time and these devices and other devices can all send frames at the same time because on the backplane of the switch it's not buffer is the wrong word but it's got hardware on the back end that's keeping all those conversations separate so it's not just only one device can communicate with a layer to switch we can have multiple devices communicating at the same time and this switch is only forwarding out to the correct port based on the layer to destination address if it knows where that is alright so let's take a look at a bigger network and a problem with broadcasts and let me go ahead and bring out a another layer oh that's not what I meant to do here we go boom all right there we go so let's imagine that we have this network right here so this is a switch let's imagine we have a hundred ports on the left hand side and 100 ports on the right hand side and if one device sends a broadcast the switch is going to forward that broadcast to all other so one broadcast coming in from one device is gonna go to 199 other devices some like going into a big room and yelling hey everybody I've got an important message for John and then there he says okay I'm not Jonathan thanks for wasting my time um but that's how broadcast worked in ipv4 it later - everybody's got to listen to it so instead of having just one giant network the idea is why not carve this up in fact I'll just drop down here so this is the this is our switch one original now I've got myself thinking about original or original I think that's right all right and then we have switch updated and here's how we can update our network to make it instead of having one they call this a broadcast domain and it's called a broadcast domain because you sent a broadcast in and every other device on that network is going to go ahead and receive that broadcast so it's called a one broadcast domain and when I think of that I like to think of an ARP request because it's very real happens thousands of times every hour busier network maybe more and so this is one giant broadcast main broadcast goes in every house they listen to it if we change the rules a little bit maybe we slice and dice so we make two separate logical networks so LAN 1 and this closed LAN 10 and LAN 20 so if we have a hundred ports over here and 100 ports over here because these are two now different networks a broadcast going to land 10 we only have to bother 99 other devices and if a broadcast comes into Network 20 or LAN plenty it would only have to bother the other 99 devices here instead of all of them now this idea about taking the switch and partitioning it like this is called da and this is another thing that I wished somebody just told me like two decades ago when our two and a half decades as first starting learning networking that a VLAN is nothing more than partitioning your switch it's a layer two function and you're simply putting some of your ports into one VLAN I'll actually total this out here VLAN 10 for example and another set of ports into VLAN 20 and if a broadcast goes in here lar to broadcast it's only going to go to these other devices so we're isolating the networks now on top of this this is also very important if we have two VLANs normally what happens is we have street names networks IP networks which is a layer 3 thing but it's important to point out here that if we have one switch and all the ports are in the default VLAN which is VLAN one it's one it's also likely going to be one logical IP network like one street one network once we start carving out these switches and then put the ports like all these ports in VLAN 10 and all of these ports in VLAN 20 as an example then we're gonna have different IP networks associated with those maybe these ports in VLAN 10 we associate with the IP network of 10 dot 16.0 with the 24 bit mask and maybe VLAN 20 we use once any to 16.0 with the 24 bit mask or some different network so VLANs are a layer 2 thing but I'll tell you what oh hi George is so common to hear people talk about oh we had that VLAN this B then and they're referring to IP networks so I just want to give you a heads up because we're gonna dive more into this in future CCNA Sundays is that when people talk about a VLAN if they're not really paying attention to their words they might mean this IP network that's associated with this VLAN because usually there's a one-to-one correlation so if a customer has 10 VLANs it's also very likely at least at the CCNA level that they've got 10 different streets or networks associated with those so maybe ones 10.1 network and another's 10.2 and 10.3 and 10.4 but VLANs are definitely layer 2 constructs we're going to tell a switch to carve out the ports into their respective VLANs and I think is a sneak peak I'd like to like to show you how to do that so let's do that it won't take long super-easy let's go back to our let's go back a draw another topology here a simple one mm-hmm all right so let's imagine we have switch one and we've got port 0 / 1 and port 0 / 2 and a whole bunch of other ports and for the purpose of this demonstration I've got Bob's PC here at 10.16 dot dudududududu yeah he's a 0.10 and I've got PC to that 10.16 0.20 and right now they are both in the default VLAN of VLAN number 1 if we move them over we created a new VLAN let's create VLAN 10 and here let me show you the syntax to create it don't blink it goes pretty fast in global configuration mode you type in VLAN space 10 you press Enter done actually then you type in exit if you're at the seat behind the scenes it actually doesn't create the VLAN until you exit VLAN configuration mode but you type in VLAN 10 and our exit enter boom that VLAN exists and then to assign these ports to that VLAN he simply go into interface configuration mode you need to say switch port mode access and I am abbreviating I'll walk you through the full syntax here moment and switch port access VLAN 10 and yeah I'll take I'll show you the full commands as we do the lab that makes sense so right now they're both in VLAN 1 they can both talk to each other then the same broadcast domain if we move Bob's PC into a different reel and then what PC 2 is in they won't be able to talk to each other even if they have the IP addresses from the same subnet so let's do that let's bring it up and we'll configure VLAN 10 we'll put both of those devices in it it'll be fun ok here's my management computer I'm logging in okay so one of the questions might be able Keith how do we like you said all a porter and vlan1 by default they are you just do a show VLAN brief and that will give you a nice bird's-eye view so we've got the default VLAN which is VLAN one right there and all these ports including gig 0 / 1 & 0 / 2 are all in that VLAN so if we got a PC - at the moment and we join a ping effect I'll hit the up arrow key so we can ping via PC 1 right now no problem we're both on the same VLAN easy peasy but if we go to switch 1 and we create a new VLAN type in VLAN 10 m and there and then exit boom that beeline now exists now the reason I just did a do right there is if you're in global configuration mode or any configuration mode for that matter and you want to do a show command the do is a workaround this is okay let them do the show command without having to go all the way out of configuration mode that's all that is so now I've got this new VLAN I can also assign it a name if I wanted to but it's been 10 but the problem is there's no ports no ports are associated with it so let's take Bob's PC and put it in so to do that we'll go to Bob's peek Bob sport which is interface gig 0 / 1 and we're gonna do a switch port mode access that tells the port that it's an access port as opposed to a trunk which we'll cover in our next video and we need to assign it to the VLAN 10 so this is X pass which port access VLAN 10 and if we do a top arrow key a couple times and do a do show via on brief check this out now gig 0 / 1 is associated with VLAN 10 now our problem is though that Bob's PC is in VLAN 10 and PC 2 is in VLAN 1 still so they won't be able to ping each other anymore we can verify that real quick just by going back to PC to hitting the up arrow key is like noop nope nope nope not gonna happen we could is all day long it's not gonna happen because they are in different VLANs and they they believe based on their IP addresses they're in the same network so they are not going to get to each other because they're in separate VLANs so to solve that we need to add PC to to that same VLAN so to do that we'll go to its port interface gig looking at my notes here it's gig 0 / 2 and we could verify that - I do show MAC address table oh because I mean here we go that were ah freak show Mac ad D there we go because I'm in configuration mode context-sensitive help isn't working for that show cramp anyway if I wanted to confirm what port isang there's this IP address its mouth sorry there's this MAC address it's on gig 0 / - that's PC - just wanted to verify them on the right port so go to interface gig 0 / - will say switch port mode access which means hey you're an access port as opposed to a trunk which we'll cover the next video and then we'll assign it to the right VLAN switch port access VLAN 10 then we'll do a show VLAN brief and Oh where's that care what'd I do wrong I owe this good I was looking for a gig 0 / - PC 2 are both in the same VLAN and I'm also going to do this show spanning tree for VLAN 10 no you're not recent you are not responsible for spanning see - look the up arrow key and because now PC 2 and client PC are both on the same VLAN it should work now look at that I think we had an ARP request there they happen in the background and that was the extra delay on the initial ping well I'm pretty happy about that let's do it one last command show VLAN brief just to verify and let's review let's review what we've learned in this CCA Sunday I had a list of exactly what I wanted to cover I think we nailed everything number 1 Ethernet addresses layer 2 addresses burned in devices that make forwarding decisions based on that layer 2 address is a layer 2 switch say hello to my little friend it learns those MAC addresses by looking at the source frame as they come in and it says oh you're coming from this source MAC addresses all associate with that port in the future if I see any mac addresses destined to that layer to address I will forward it clients like servers routers PCs Apple devices Android iOS doing anything that's on the network of it if it needs to learn the layer to address of another device on that same VLAN same local network it's going to use ARP address resolution protocol it is a broadcast and then the response comes back unicast with the information that the client needed and then we address the problem of VLANs or the problem of a broadcast I mean that's too big and so to solve that we take our switch ports and we carve them up into smaller chunks or sections so maybe 50 or a hundred ports we assigned to be than ten another hundred to VLAN 20 and then our broadcast domains are smaller and then each of those VLANs are gonna have an Associated IP network or street address as well yeah now there's a lot of really cool stuff that I'm eager to talk to you about but not today because if we start talking about routing between VLANs we'd be getting into layer 3 and I want to say that so coming up next Sunday if you have not already subscribed do it please and next Sunday for CCNA Sunday make sure it's not Christmas yes not ok nobody wants to be here on Christmas um next Sunday what we're gonna do is take a look at trunking what if we need to do VLANs on multiple switches like switch 1 and switch 2 and switch 3 and we have a client in VLAN 10 here and a client in VLAN 10 on a different switch how do those switches keep track of you know which wheel and the traffic is 4 as it's going between the two switches the answer is an 802 dot1q trunk so we'll take a look at the concepts of trunking also some demos of how to set it up and verify it as we continue to build on the basic components and pieces inside of CCNA I also wanted to point out that this these concepts are really helpful not just for configuring like I need a configure VLAN or they also really helpful in troubleshooting the better we understand how these components work not only are we going to be able to configure it but the troubleshooting most most of them I would say a large portion of the IT engineer's job and the IT technicians job is troubleshooting it's like why isn't this working as it should so if we know the commands to look at the layer 2 addresses on a PC for example on a Windows machine to be ipconfig /all on a linux box or a Macintosh as a command line we ifconfig on a Cisco router or switch if add a layer 3 interface it would be show interface that could show us the layer 2 information on the switches if we want to verify the MAC address table at show Mac space address - table so we can see what those MAC addresses are and those are all really helpful now if this is your first pass at learning about layer 2 and MAC addresses I'm so happy to be part of your journey if you want more information on layer 2 there's a couple options that are really good one is you can certainly ask questions in the group here on the channel I'd be happy to answer those and other people as well so thank you for the responses the other options are definite now def net is the dev node associate is a new sort of relatively new certification from Cisco Systems and we created the whole course at CBT Nuggets it's really good and most of it deals with programming so you might say well I was a course on programming and network on emission and how is that gonna help me learn layer 2 well i create this little section called network fundamentals inside of definite and what it does it is it does a very concise job of the protocol stack what happens at layer 2 what happens at layer 3 what happens at layer 4 and the application layer and it's all nice consumable chunks so if you liked what you saw here you'll love what you're gonna see there and it can help reinforce what we've talked about and it's live it's on site today so if you have a subscription that CBT Nuggets great if you don't I'll put a link and you can go out there and get a free 7-day trial and you can probably easily consume all of those videos on network fundamentals from dev net and in seven days easy easy and coming soon the full CCNA playlist for 200 s 301 that'll be out as well and it's got more information on switching and VLANs and trunking as well that you can brush up once that's released ok so that's it that's it next week same bat-time same bat-channel will focus on trunking I'll have some demos I'll help you understand why it's important how it works and then we'll demonstrate setting it up they're also on Wednesdays 4:00 p.m. if you follow me on social also have a live stream dealing with various topics from CCNA to augment as well but so whether you wanna join me on Wednesdays and Sundays or just Sundays or just Wednesdays the key is I want to keep you learning and keeping keeping you having fun [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music] [Applause] [Music]

Info

Channel: Keith Barker

Views: 65,701

Rating: 4.9690108 out of 5

Keywords: ccna certification, ccna training, ccna 200-301, CCNA, new ccna, cisco ccna, cisco certified network associate, new ccna certification 2020, new ccna exam 2020, cisco certifications, 200-301 ccna, ogit, keith barker, networkchuck, networkchuck ccna, layer 2 switch, layer 2 switching, layer 2 switch configuration, layer 2 switching tutorial, layer 2 switching explained, layer 2 switch functions, ccna

Id: gC2-4ZrKwZE

Channel Id: undefined

Length: 60min 7sec (3607 seconds)

Published: Sun Dec 15 2019