1
00:00:02,050 --> 00:00:04,540
The role of a switch
is to forward traffic

2
00:00:04,540 --> 00:00:06,760
based on the
destination MAC address

3
00:00:06,760 --> 00:00:08,960
inside of an ethernet frame.

4
00:00:08,960 --> 00:00:12,910
This means the switch needs to
keep an ongoing and active list

5
00:00:12,910 --> 00:00:15,730
of all of the devices
it happens to know about

6
00:00:15,730 --> 00:00:18,850
based on the MAC address
of those devices.

7
00:00:18,850 --> 00:00:22,240
The switch builds this list
by looking at inbound traffic

8
00:00:22,240 --> 00:00:24,520
and examining the
source MAC address

9
00:00:24,520 --> 00:00:26,410
and tying that
source Mac address

10
00:00:26,410 --> 00:00:28,750
to a specific
physical interface.

11
00:00:28,750 --> 00:00:30,520
And for switches
that are configured

12
00:00:30,520 --> 00:00:33,100
with spanning tree
protocol, or STP,

13
00:00:33,100 --> 00:00:36,190
they're also responsible for
ensuring that a loop does not

14
00:00:36,190 --> 00:00:38,880
occur on the switch network.

15
00:00:38,880 --> 00:00:41,460
The process of sending traffic
through a switch network

16
00:00:41,460 --> 00:00:43,780
is the same for
every ethernet frame.

17
00:00:43,780 --> 00:00:45,870
Let's take this
scenario where Sam,

18
00:00:45,870 --> 00:00:48,210
and you can see the Mac
address for Sam's device,

19
00:00:48,210 --> 00:00:51,210
is sending information
to the SGC server,

20
00:00:51,210 --> 00:00:57,240
and you can see the SGC server's
Mac addresses 1000:5555:5555.

21
00:00:57,240 --> 00:00:59,880
We have a switch in the
middle, and all of our devices

22
00:00:59,880 --> 00:01:03,510
are plugged into the switch,
including Sam and the SGC

23
00:01:03,510 --> 00:01:04,200
server.

24
00:01:04,200 --> 00:01:06,930
Inside of the switch
is a MAC address table.

25
00:01:06,930 --> 00:01:10,050
It lists all the MAC
addresses and the interfaces

26
00:01:10,050 --> 00:01:12,090
were those addresses
are connected.

27
00:01:12,090 --> 00:01:15,570
When Sam sends traffic to the
switch with the destination MAC

28
00:01:15,570 --> 00:01:20,160
address of
1000:5555:5555, the switch

29
00:01:20,160 --> 00:01:22,410
looks up that
address in its table,

30
00:01:22,410 --> 00:01:26,280
and if one matches one of the
entries inside of that table,

31
00:01:26,280 --> 00:01:29,820
it identifies the output
interface for that traffic

32
00:01:29,820 --> 00:01:32,970
and sends it down that
interface to the server

33
00:01:32,970 --> 00:01:35,130
that has that MAC address.

34
00:01:35,130 --> 00:01:38,800
If you have multiple switches
it's exactly the same process,

35
00:01:38,800 --> 00:01:41,610
except it occurs twice
once on the first switch

36
00:01:41,610 --> 00:01:42,870
and once on the second.

37
00:01:42,870 --> 00:01:45,300
You can see this is the
same configuration where

38
00:01:45,300 --> 00:01:47,980
Sam is communicating
to the SGC server,

39
00:01:47,980 --> 00:01:50,610
but there is a switch A
on one side of the network

40
00:01:50,610 --> 00:01:52,530
and a switch B on the other.

41
00:01:52,530 --> 00:01:56,160
Switch A has a MAC address table
specific to the devices plugged

42
00:01:56,160 --> 00:01:59,340
in to switch, and switch B
has a completely different,

43
00:01:59,340 --> 00:02:01,710
and unique, MAC address table.

44
00:02:01,710 --> 00:02:04,950
Sam is going to send traffic
again to the SGC server.

45
00:02:04,950 --> 00:02:06,750
It knows that it's
sending this traffic

46
00:02:06,750 --> 00:02:10,800
to MAC address 1000:5555:5555.

47
00:02:10,800 --> 00:02:12,960
As that traffic hits
switch A, switch A

48
00:02:12,960 --> 00:02:15,030
refers to its own
MAC address table

49
00:02:15,030 --> 00:02:18,420
and knows that that particular
MAC address is located

50
00:02:18,420 --> 00:02:22,480
on an interface that is
a gigabit 0/2 interface,

51
00:02:22,480 --> 00:02:25,230
and so it sends that
traffic out that interface

52
00:02:25,230 --> 00:02:26,580
to the next switch.

53
00:02:26,580 --> 00:02:29,040
On that switch, the
same lookup process

54
00:02:29,040 --> 00:02:31,800
occurs where switch B will
examine the destination

55
00:02:31,800 --> 00:02:35,220
MAC address, determine that
MAC address is associated

56
00:02:35,220 --> 00:02:38,280
with the interface
fast ethernet 0/5,

57
00:02:38,280 --> 00:02:41,670
and sends that traffic down that
interface to the destination

58
00:02:41,670 --> 00:02:43,230
device.

59
00:02:43,230 --> 00:02:45,000
You can see that
building that MAC address

60
00:02:45,000 --> 00:02:46,870
table is extremely important.

61
00:02:46,870 --> 00:02:48,540
If we didn't have the
MAC address table,

62
00:02:48,540 --> 00:02:50,970
the switch would not know
where to send that traffic.

63
00:02:50,970 --> 00:02:53,040
In order to build
that table, the switch

64
00:02:53,040 --> 00:02:55,770
is going to examine
all incoming traffic

65
00:02:55,770 --> 00:02:58,590
and make a note of the
source MAC address.

66
00:02:58,590 --> 00:03:00,750
It will then associate
that source MAC address

67
00:03:00,750 --> 00:03:03,510
to a specific interface
on the switch.

68
00:03:03,510 --> 00:03:06,720
So let's take a scenario where
we've just powered up a switch,

69
00:03:06,720 --> 00:03:09,180
it has nothing in the
MAC address table,

70
00:03:09,180 --> 00:03:11,730
and we're going to send
information from Sam's computer

71
00:03:11,730 --> 00:03:13,350
to the SGC server.

72
00:03:13,350 --> 00:03:15,660
Sam's going to send that
traffic to the switch,

73
00:03:15,660 --> 00:03:18,930
the switch is going to examine
the source MAC address,

74
00:03:18,930 --> 00:03:24,150
and in the case of Sam's
device, that's 1000:1111:1111.

75
00:03:24,150 --> 00:03:26,970
It will then put that MAC
address into the MAC address

76
00:03:26,970 --> 00:03:29,550
table, and it will
identify the interface

77
00:03:29,550 --> 00:03:31,080
where that information
was received,

78
00:03:31,080 --> 00:03:34,440
in this case, interface F0/1.

79
00:03:34,440 --> 00:03:38,020
That information is then
sent on to the SGC server,

80
00:03:38,020 --> 00:03:42,000
and then when the SGC server
responds to that communication,

81
00:03:42,000 --> 00:03:44,490
it has a different
source MAC address.

82
00:03:44,490 --> 00:03:47,350
And the process is repeated,
except in this case,

83
00:03:47,350 --> 00:03:49,650
the switch identifies
that MAC address is

84
00:03:49,650 --> 00:03:53,490
coming from fast ethernet 0/5.

85
00:03:53,490 --> 00:03:55,950
In that previous example,
we were sending information

86
00:03:55,950 --> 00:03:59,610
to the SGC server, but the
SGC server's MAC address

87
00:03:59,610 --> 00:04:01,680
was not yet in the switch.

88
00:04:01,680 --> 00:04:04,590
If the switch does not have
an entry for that MAC address

89
00:04:04,590 --> 00:04:07,260
in the table, then it
will send that information

90
00:04:07,260 --> 00:04:09,420
to everyone on the network.

91
00:04:09,420 --> 00:04:12,000
For example, we'll take Sam
sending this information

92
00:04:12,000 --> 00:04:13,380
to the SGC server.

93
00:04:13,380 --> 00:04:15,540
You can see in this case,
the MAC address table

94
00:04:15,540 --> 00:04:17,970
has nothing inside
of it at the moment.

95
00:04:17,970 --> 00:04:20,730
The MAC address table will be
updated with the source Mac

96
00:04:20,730 --> 00:04:23,790
address because Sam did send
that information to the switch,

97
00:04:23,790 --> 00:04:27,810
and it did associate that
with fast ethernet 0/1,

98
00:04:27,810 --> 00:04:29,550
but we're sending
this information

99
00:04:29,550 --> 00:04:32,370
to a destination MAC
address that's not currently

100
00:04:32,370 --> 00:04:34,470
listed in the switch's table.

101
00:04:34,470 --> 00:04:38,460
In that case, it's going to now
send that traffic to everybody

102
00:04:38,460 --> 00:04:40,650
on the network and
effectively flood

103
00:04:40,650 --> 00:04:44,520
that traffic to all of the
other interfaces on that switch.

104
00:04:44,520 --> 00:04:47,070
If you're familiar with
the operation of a hub,

105
00:04:47,070 --> 00:04:49,830
then you'll notice that this
is very similar to the way

106
00:04:49,830 --> 00:04:51,330
a hub works normally.

107
00:04:51,330 --> 00:04:53,790
But this traffic being
sent to every device

108
00:04:53,790 --> 00:04:56,520
ensures that at least
the destination will

109
00:04:56,520 --> 00:04:58,470
receive this particular frame.

110
00:04:58,470 --> 00:05:02,160
And in this example, you can see
that the SGC server did indeed

111
00:05:02,160 --> 00:05:05,280
receive that time frame, and
when the SGC server responds

112
00:05:05,280 --> 00:05:08,280
back to Sam with a response,
the source MAC address

113
00:05:08,280 --> 00:05:10,320
will be identified
by the switch,

114
00:05:10,320 --> 00:05:13,380
that information will be added
to the MAC address table,

115
00:05:13,380 --> 00:05:14,850
and the switch
will no longer need

116
00:05:14,850 --> 00:05:17,640
to flood the traffic
across all interfaces

117
00:05:17,640 --> 00:05:21,360
if communication is occurring
between Sam and the SGC server

118
00:05:21,360 --> 00:05:23,270
again.

119
00:05:23,270 --> 00:05:26,750
On an IPv4 network,
devices are able to obtain

120
00:05:26,750 --> 00:05:31,190
the MAC address of a remote
device using the ARP protocol.

121
00:05:31,190 --> 00:05:34,430
ARP stands address
resolution protocol.

122
00:05:34,430 --> 00:05:37,730
ARP will query the network
for a specific IP address,

123
00:05:37,730 --> 00:05:41,660
and that IP address will respond
back with its MAC address.

124
00:05:41,660 --> 00:05:44,450
Your local computer keeps
a cache of all of the MAC

125
00:05:44,450 --> 00:05:46,340
addresses that it
currently knows.

126
00:05:46,340 --> 00:05:48,110
If you wanted to look
at the ARP address

127
00:05:48,110 --> 00:05:52,850
table on your local machine,
you can use the command arp-a.

128
00:05:52,850 --> 00:05:55,800
Let's run the arp-a
command on my machine.

129
00:05:55,800 --> 00:06:00,230
You can see that I have a number
of local devices on the 10.1.10

130
00:06:00,230 --> 00:06:00,930
network.

131
00:06:00,930 --> 00:06:02,640
You can see them
all listed here.

132
00:06:02,640 --> 00:06:06,120
There's also some other
devices on my local network,

133
00:06:06,120 --> 00:06:10,880
including some APIPA addresses
and some multicast addresses.

134
00:06:10,880 --> 00:06:13,610
Let's say that I want to
communicate to a switch

135
00:06:13,610 --> 00:06:15,410
that I have on my network.

136
00:06:15,410 --> 00:06:19,460
That switch's IP
address is 10.1.10.210,

137
00:06:19,460 --> 00:06:21,440
and you can see in
my ARP address table,

138
00:06:21,440 --> 00:06:24,450
I don't currently have
that address in the list.

139
00:06:24,450 --> 00:06:29,420
So I'm going to perform a ping,
and I'm on a ping 10.1.10.210,

140
00:06:29,420 --> 00:06:32,990
and I'll get some responses back
from that particular device.

141
00:06:32,990 --> 00:06:37,025
If I now look at my ARP
address table with an arp-a,

142
00:06:37,025 --> 00:06:41,990
you will see that I have a
new entry for 10.1.10.210,

143
00:06:41,990 --> 00:06:46,010
and you'll see that I have a MAC
address associated with that IP

144
00:06:46,010 --> 00:06:46,670
address.

145
00:06:46,670 --> 00:06:49,640
When I performed that ping,
the first thing that occurred

146
00:06:49,640 --> 00:06:51,890
was an ARP request
made to the network

147
00:06:51,890 --> 00:06:54,080
to try to find that
particular device,

148
00:06:54,080 --> 00:06:56,330
and I received an
ARP response, which

149
00:06:56,330 --> 00:07:00,050
then allowed me to send traffic
to that device directly.

150
00:07:00,050 --> 00:07:03,170
I captured the ARP
communication using Wireshark,

151
00:07:03,170 --> 00:07:06,680
which is a packet analyzer, and
you can download and install

152
00:07:06,680 --> 00:07:09,920
Wireshark on your own
machine to see not only ARPs,

153
00:07:09,920 --> 00:07:12,770
but all of the network
traffic on your system.

154
00:07:12,770 --> 00:07:15,650
The first frame that I'm
sending is from my device,

155
00:07:15,650 --> 00:07:18,170
and it's sending it
out as a broadcast,

156
00:07:18,170 --> 00:07:22,280
and the ARP itself is
requesting the MAC address

157
00:07:22,280 --> 00:07:25,880
for who has 10.1.10.210.

158
00:07:25,880 --> 00:07:28,010
You can see the
details of the ARP

159
00:07:28,010 --> 00:07:30,800
that are located further
down in the detail.

160
00:07:30,800 --> 00:07:32,700
You can see the
sender mac address,

161
00:07:32,700 --> 00:07:34,160
which is my Apple computer.

162
00:07:34,160 --> 00:07:38,870
You can see my local IP
address, which is 10.1.10..249.

163
00:07:38,870 --> 00:07:41,000
You can see the
target MAC address.

164
00:07:41,000 --> 00:07:43,700
Right now we don't know what
the MAC address is of the target

165
00:07:43,700 --> 00:07:47,060
so it's all zeros, and you can
see that I'm requesting the MAC

166
00:07:47,060 --> 00:07:52,820
address for the device that has
the IP address of 10.1.10..210.

167
00:07:52,820 --> 00:07:55,730
We very quickly get a response
from this device, which

168
00:07:55,730 --> 00:07:58,640
happens to be a Cisco
switch, and the response

169
00:07:58,640 --> 00:08:01,910
from the MAC address is
from the Cisco Mac address

170
00:08:01,910 --> 00:08:06,260
with the sender's IP address,
which is 10.1.10.210.

171
00:08:06,260 --> 00:08:08,390
And the target is
the response back

172
00:08:08,390 --> 00:08:11,750
to my Apple computer
and my local IP address.

173
00:08:11,750 --> 00:08:15,050
You can see in the response
that it filled in the sender MAC

174
00:08:15,050 --> 00:08:15,570
address.

175
00:08:15,570 --> 00:08:19,400
So instead of being all zeros,
I see this long MAC address

176
00:08:19,400 --> 00:08:21,440
associated with this IP.

177
00:08:21,440 --> 00:08:23,900
And if you remember
the IP address and MAC

178
00:08:23,900 --> 00:08:26,240
address in my
local ARP cache, it

179
00:08:26,240 --> 00:08:31,780
matches both of those that were
received by this ARP response.

180
00:08:31,780 --> 00:08:34,570
That ARP process is what
we use an IP version

181
00:08:34,570 --> 00:08:37,270
4 to be able to
identify a MAC address,

182
00:08:37,270 --> 00:08:40,360
but we don't have
broadcasts in IPv6.

183
00:08:40,360 --> 00:08:43,630
There's also a different
process for IPv6

184
00:08:43,630 --> 00:08:47,770
to identify the MAC addresses of
devices on your local network.

185
00:08:47,770 --> 00:08:51,610
In IPv6, we use in NDP,
which is Neighbor Discovery

186
00:08:51,610 --> 00:08:57,280
Protocol, using multicast,
specifically with ICMPv6.

187
00:08:57,280 --> 00:09:00,460
This replaces the ARP function
that we would commonly

188
00:09:00,460 --> 00:09:04,390
see in IP version 4 with
this Neighbor MAC Discovery.

189
00:09:04,390 --> 00:09:06,550
This can also be
used in conjunction

190
00:09:06,550 --> 00:09:10,900
with SLAAC, which is Stateless
Address Autoconfiguration,

191
00:09:10,900 --> 00:09:14,200
which allows the system to
automatically configure itself

192
00:09:14,200 --> 00:09:18,250
with an IP address without
using a DHCP server.

193
00:09:18,250 --> 00:09:20,080
Neighbor Discovery
Protocol is also

194
00:09:20,080 --> 00:09:24,610
used to identify any
duplicate addresses using DAD,

195
00:09:24,610 --> 00:09:26,980
or duplicate address detection.

196
00:09:26,980 --> 00:09:29,170
If you wanted to see
the conversation that

197
00:09:29,170 --> 00:09:32,650
takes place in IPv6,
instead of using ARP,

198
00:09:32,650 --> 00:09:37,930
we send a neighbor solicitation,
or NS, on a multicast address,

199
00:09:37,930 --> 00:09:42,070
and that is the IPv6 multicast
that's used for this neighbor

200
00:09:42,070 --> 00:09:43,570
solicitation frame.

201
00:09:43,570 --> 00:09:46,870
The response is sent back from
the other side with a neighbor

202
00:09:46,870 --> 00:09:49,780
advertisement, or
NA, and that NA

203
00:09:49,780 --> 00:09:52,960
includes the mac address
of that local device.

204
00:09:52,960 --> 00:09:56,030
Although the protocols and the
method is slightly different,

205
00:09:56,030 --> 00:09:58,630
you can see that the process
is very similar to the one that

206
00:09:58,630 --> 00:10:01,330
occurs in IPv4.

207
00:10:01,330 --> 00:10:04,300
Not only are we sending
data over ethernet networks,

208
00:10:04,300 --> 00:10:07,180
we can also send power
over those networks

209
00:10:07,180 --> 00:10:11,860
at the same time using
power over ethernet, or POE.

210
00:10:11,860 --> 00:10:15,610
This allows us to connect
devices such as access points,

211
00:10:15,610 --> 00:10:18,520
voice over IP phones,
and other devices

212
00:10:18,520 --> 00:10:21,370
by simply plugging in
an ethernet connection.

213
00:10:21,370 --> 00:10:23,920
You don't have to then
plug in a separate power

214
00:10:23,920 --> 00:10:25,570
connection for that device.

215
00:10:25,570 --> 00:10:28,120
That power is coming
from either the switch

216
00:10:28,120 --> 00:10:31,240
or another device that's
connected into the network.

217
00:10:31,240 --> 00:10:32,740
If it's coming
from the switch, we

218
00:10:32,740 --> 00:10:35,440
call that an endspan,
or if it's coming

219
00:10:35,440 --> 00:10:37,910
from an injector like
the one you see here,

220
00:10:37,910 --> 00:10:41,020
which sits in the middle of an
existing ethernet connection,

221
00:10:41,020 --> 00:10:44,080
we refer to that as a midspan.

222
00:10:44,080 --> 00:10:47,260
If your ethernet network
is a 10 or 100 megabit

223
00:10:47,260 --> 00:10:51,010
per second connection, then you
have some extra wires inside

224
00:10:51,010 --> 00:10:53,110
of that cable that you
could use for power.

225
00:10:53,110 --> 00:10:56,290
We refer to that as mode
B power over ethernet,

226
00:10:56,290 --> 00:10:58,990
where you're sending
power on the spare pairs.

227
00:10:58,990 --> 00:11:01,030
But if you're using
gigabit connections,

228
00:11:01,030 --> 00:11:04,660
you're using all of those wires
for your gigabit ethernet data.

229
00:11:04,660 --> 00:11:06,970
And in those cases,
we're using mode a

230
00:11:06,970 --> 00:11:11,438
where we're sending power
and data over the same wire.

231
00:11:11,438 --> 00:11:13,480
You'll find there are a
number of different power

232
00:11:13,480 --> 00:11:15,730
over ethernet standards,
and these standards

233
00:11:15,730 --> 00:11:18,460
are being added to and
changed all the time.

234
00:11:18,460 --> 00:11:24,370
Two very common standards are
the IEEE 802.3af from 2003.

235
00:11:24,370 --> 00:11:28,000
We refer to that as the
original POE standard, which

236
00:11:28,000 --> 00:11:32,320
provides 15.4 watts of
direct current power

237
00:11:32,320 --> 00:11:35,230
with a maximum current
of 350 milliamps.

238
00:11:35,230 --> 00:11:38,290
An update to that standard
is what we call POE+.

239
00:11:38,290 --> 00:11:42,640
This was updated
with 802.3at in 2009.

240
00:11:42,640 --> 00:11:46,810
This also has been incorporated
into the existing 802.3

241
00:11:46,810 --> 00:11:48,040
ethernet standard.

242
00:11:48,040 --> 00:11:50,920
This provides a bit more
power on the ethernet network,

243
00:11:50,920 --> 00:11:55,090
25.5 watts of DC power,
with a maximum current

244
00:11:55,090 --> 00:11:57,100
of 600 milliamps.

245
00:11:57,100 --> 00:11:59,600
There are other power
over ethernet standards,

246
00:11:59,600 --> 00:12:01,520
and these are being
updated all the time

247
00:12:01,520 --> 00:12:04,990
so make sure you check with the
ethernet standards from IEEE

248
00:12:04,990 --> 00:12:09,570
to know exactly what options
may be available for you.