1 00:00:02,050 --> 00:00:04,540 The role of a switch is to forward traffic 2 00:00:04,540 --> 00:00:06,760 based on the destination MAC address 3 00:00:06,760 --> 00:00:08,960 inside of an ethernet frame. 4 00:00:08,960 --> 00:00:12,910 This means the switch needs to keep an ongoing and active list 5 00:00:12,910 --> 00:00:15,730 of all of the devices it happens to know about 6 00:00:15,730 --> 00:00:18,850 based on the MAC address of those devices. 7 00:00:18,850 --> 00:00:22,240 The switch builds this list by looking at inbound traffic 8 00:00:22,240 --> 00:00:24,520 and examining the source MAC address, 9 00:00:24,520 --> 00:00:26,410 and tying that source MAC address 10 00:00:26,410 --> 00:00:28,750 to a specific physical interface. 11 00:00:28,750 --> 00:00:30,520 And for switches that are configured 12 00:00:30,520 --> 00:00:33,100 with spanning tree protocol, or STP, 13 00:00:33,100 --> 00:00:36,190 they're also responsible for ensuring that a loop does not 14 00:00:36,190 --> 00:00:38,880 occur on the switch network. 15 00:00:38,880 --> 00:00:41,460 The process of sending traffic through a switch network 16 00:00:41,460 --> 00:00:43,780 is the same for every ethernet frame. 17 00:00:43,780 --> 00:00:45,870 Let's take this scenario where Sam, 18 00:00:45,870 --> 00:00:48,210 and you can see the MAC address for Sam's device, 19 00:00:48,210 --> 00:00:51,210 is sending information to the SGC server, 20 00:00:51,210 --> 00:00:57,240 and you can see the SGC server's MAC address is 1000:5555:5555. 21 00:00:57,240 --> 00:00:59,880 We have a switch in the middle, and all of our devices 22 00:00:59,880 --> 00:01:04,200 are plugged into the switch, including Sam and the SGC server. 23 00:01:04,200 --> 00:01:06,930 Inside of the switch is a MAC address table. 24 00:01:06,930 --> 00:01:10,050 It lists all the MAC addresses and the interfaces 25 00:01:10,050 --> 00:01:12,090 where those addresses are connected. 26 00:01:12,090 --> 00:01:15,570 When Sam sends traffic to the switch with the destination MAC 27 00:01:15,570 --> 00:01:20,160 address of 1000:5555:5555, the switch 28 00:01:20,160 --> 00:01:22,410 looks up that address in its table, 29 00:01:22,410 --> 00:01:26,280 and if one matches one of the entries inside of that table, 30 00:01:26,280 --> 00:01:29,820 it identifies the output interface for that traffic 31 00:01:29,820 --> 00:01:32,970 and sends it down that interface to the server 32 00:01:32,970 --> 00:01:35,130 that has that MAC address. 33 00:01:35,130 --> 00:01:38,800 If you have multiple switches, it's exactly the same process, 34 00:01:38,800 --> 00:01:41,610 except it occurs twice, once on the first switch 35 00:01:41,610 --> 00:01:42,870 and once on the second. 36 00:01:42,870 --> 00:01:45,300 You can see this is the same configuration where 37 00:01:45,300 --> 00:01:47,980 Sam is communicating to the SGC server, 38 00:01:47,980 --> 00:01:50,610 but there is a switch A on one side of the network, 39 00:01:50,610 --> 00:01:52,530 and a switch B on the other. 40 00:01:52,530 --> 00:01:55,990 Switch A has a MAC address table specific to the devices plugged 41 00:01:55,990 --> 00:01:59,340 into Switch A, and Switch B has a completely different 42 00:01:59,340 --> 00:02:01,710 and unique, MAC address table. 43 00:02:01,710 --> 00:02:04,950 Sam is going to send traffic again to the SGC server. 44 00:02:04,950 --> 00:02:10,800 It knows that it's sending this traffic to MAC address 1000:5555:5555. 45 00:02:10,800 --> 00:02:12,960 As that traffic hits Switch A, Switch A 46 00:02:12,960 --> 00:02:15,030 refers to its own MAC address table 47 00:02:15,030 --> 00:02:18,420 and knows that that particular MAC address is located 48 00:02:18,420 --> 00:02:22,480 on an interface that is a gigabit 0/2 interface, 49 00:02:22,480 --> 00:02:25,230 and so it sends that traffic out that interface 50 00:02:25,230 --> 00:02:26,580 to the next switch. 51 00:02:26,580 --> 00:02:29,040 On that switch, the same lookup process 52 00:02:29,040 --> 00:02:31,800 occurs, where Switch B will examine the destination 53 00:02:31,800 --> 00:02:35,220 MAC address, determine that that MAC address is associated 54 00:02:35,220 --> 00:02:38,280 with the interface fast ethernet 0/5, 55 00:02:38,280 --> 00:02:42,960 and sends that traffic down that interface to the destination device. 56 00:02:42,960 --> 00:02:45,350 You can see that building that MAC address table 57 00:02:45,350 --> 00:02:46,870 is extremely important. 58 00:02:46,870 --> 00:02:48,900 If we didn't have the MAC address table, the switch 59 00:02:48,900 --> 00:02:50,970 would not know where to send that traffic. 60 00:02:50,970 --> 00:02:53,040 In order to build that table, the switch 61 00:02:53,040 --> 00:02:55,770 is going to examine all incoming traffic 62 00:02:55,770 --> 00:02:58,590 and make a note of the source MAC address. 63 00:02:58,590 --> 00:03:00,750 It will then associate that source MAC address 64 00:03:00,750 --> 00:03:03,510 to a specific interface on the switch. 65 00:03:03,510 --> 00:03:06,720 So let's take a scenario where we've just powered up a switch, 66 00:03:06,720 --> 00:03:09,180 it has nothing in the MAC address table, 67 00:03:09,180 --> 00:03:11,730 and we're going to send information from Sam's computer 68 00:03:11,730 --> 00:03:13,350 to the SGC server. 69 00:03:13,350 --> 00:03:15,660 Sam's going to send that traffic to the switch, 70 00:03:15,660 --> 00:03:18,930 the switch is going to examine the source MAC address, 71 00:03:18,930 --> 00:03:24,150 and in the case of Sam's device, that's 1000:1111:1111. 72 00:03:24,150 --> 00:03:26,970 It will then put that MAC address into the MAC address 73 00:03:26,970 --> 00:03:29,550 table, and it will identify the interface 74 00:03:29,550 --> 00:03:34,440 where that information was received. In this case, interface F0/1. 75 00:03:34,440 --> 00:03:38,020 That information is then sent on to the SGC server, 76 00:03:38,020 --> 00:03:42,000 and then when the SGC server responds to that communication, 77 00:03:42,000 --> 00:03:44,490 it has a different source MAC address, 78 00:03:44,490 --> 00:03:47,350 and the process is repeated. Except in this case, 79 00:03:47,350 --> 00:03:49,650 the switch identifies that MAC address is 80 00:03:49,650 --> 00:03:53,490 coming from fast ethernet 0/5. 81 00:03:53,490 --> 00:03:56,580 In that previous example, we were sending information to the SGC 82 00:03:56,580 --> 00:03:59,610 server, but the SGC server's MAC address 83 00:03:59,610 --> 00:04:01,680 was not yet in the switch. 84 00:04:01,680 --> 00:04:04,590 If the switch does not have an entry for that MAC address 85 00:04:04,590 --> 00:04:07,260 in the table, then it will send that information 86 00:04:07,260 --> 00:04:09,420 to everyone on the network. 87 00:04:09,420 --> 00:04:12,000 For example, we'll take Sam sending this information 88 00:04:12,000 --> 00:04:13,380 to the SGC server. 89 00:04:13,380 --> 00:04:15,540 You can see in this case, the MAC address table 90 00:04:15,540 --> 00:04:17,970 has nothing inside of it at the moment. 91 00:04:17,970 --> 00:04:20,730 The MAC address table will be updated with the source MAC 92 00:04:20,730 --> 00:04:23,790 address because Sam did send that information to the switch, 93 00:04:23,790 --> 00:04:27,810 and it did associate that with fast ethernet 0/1, 94 00:04:27,810 --> 00:04:29,550 But we're sending this information 95 00:04:29,550 --> 00:04:32,370 to a destination MAC address that's not currently 96 00:04:32,370 --> 00:04:34,470 listed in the switch's table. 97 00:04:34,470 --> 00:04:38,460 In that case, it's going to now send that traffic to everybody 98 00:04:38,460 --> 00:04:40,650 on the network, and effectively flood 99 00:04:40,650 --> 00:04:44,520 that traffic to all of the other interfaces on that switch. 100 00:04:44,520 --> 00:04:47,070 If you're familiar with the operation of a hub, 101 00:04:47,070 --> 00:04:49,830 then you'll notice that this is very similar to the way 102 00:04:49,830 --> 00:04:51,330 a hub works normally. 103 00:04:51,330 --> 00:04:53,790 But this traffic being sent to every device 104 00:04:53,790 --> 00:04:56,520 ensures that at least the destination will 105 00:04:56,520 --> 00:04:58,470 receive this particular frame. 106 00:04:58,470 --> 00:05:02,160 And in this example, you can see that the SGC server did indeed 107 00:05:02,160 --> 00:05:05,280 receive that frame, and when the SGC server responds 108 00:05:05,280 --> 00:05:08,280 back to Sam with a response, the source MAC address 109 00:05:08,280 --> 00:05:10,320 will be identified by the switch. 110 00:05:10,320 --> 00:05:13,380 That information will be added to the MAC address table, 111 00:05:13,380 --> 00:05:15,830 and the switch will no longer need to flood the traffic 112 00:05:15,830 --> 00:05:20,010 across all interfaces if communication is occurring between Sam 113 00:05:20,010 --> 00:05:23,270 and the SGC server again. 114 00:05:23,270 --> 00:05:26,750 On an IPv4 network, devices are able to obtain 115 00:05:26,750 --> 00:05:31,190 the MAC address of a remote device using the ARP protocol. 116 00:05:31,190 --> 00:05:34,430 ARP stands for Address Resolution Protocol. 117 00:05:34,430 --> 00:05:37,730 ARP will query the network for a specific IP address, 118 00:05:37,730 --> 00:05:41,660 and that IP address will respond back with its MAC address. 119 00:05:41,660 --> 00:05:44,450 Your local computer keeps a cache of all of the MAC 120 00:05:44,450 --> 00:05:46,340 addresses that it currently knows. 121 00:05:46,340 --> 00:05:48,720 If you wanted to look at the ARP address table on 122 00:05:48,720 --> 00:05:52,850 your local machine, you can use the command arp-a. 123 00:05:52,850 --> 00:05:55,800 Let's run the arp-a command on my machine. 124 00:05:55,800 --> 00:06:00,930 You can see that I have a number of local devices on the 10.1.10 network. 125 00:06:00,930 --> 00:06:02,640 You can see them all listed here. 126 00:06:02,640 --> 00:06:06,120 There's also some other devices on my local network, 127 00:06:06,120 --> 00:06:10,880 including some APIPA addresses and some multicast addresses. 128 00:06:10,880 --> 00:06:13,610 Let's say that I want to communicate to a switch 129 00:06:13,610 --> 00:06:15,410 that I have on my network. 130 00:06:15,410 --> 00:06:19,460 That switch's IP address is 10.1.10.210, 131 00:06:19,460 --> 00:06:21,440 and you can see in my ARP address table, 132 00:06:21,440 --> 00:06:24,450 I don't currently have that address in the list. 133 00:06:24,450 --> 00:06:29,420 So I'm going to perform a ping, and I'm gonna ping 10.1.10.210, 134 00:06:29,420 --> 00:06:32,990 and I'll get some responses back from that particular device. 135 00:06:32,990 --> 00:06:37,025 If I now look at my ARP address table with an arp-a, 136 00:06:37,025 --> 00:06:41,990 you will see that I have a new entry for 10.1.10.210, 137 00:06:41,990 --> 00:06:46,670 and you'll see that I have a MAC address associated with that IP address. 138 00:06:46,670 --> 00:06:49,640 When I performed that ping, the first thing that occurred 139 00:06:49,640 --> 00:06:51,890 was an ARP request made to the network 140 00:06:51,890 --> 00:06:54,080 to try to find that particular device, 141 00:06:54,080 --> 00:06:56,330 and I received an ARP response, which 142 00:06:56,330 --> 00:07:00,050 then allowed me to send traffic to that device directly. 143 00:07:00,050 --> 00:07:03,170 I captured the ARP communication using Wireshark, 144 00:07:03,170 --> 00:07:06,680 which is a packet analyzer, and you can download and install 145 00:07:06,680 --> 00:07:09,920 Wireshark on your own machine to see not only ARPs, 146 00:07:09,920 --> 00:07:12,770 but all of the network traffic on your system. 147 00:07:12,770 --> 00:07:15,650 The first frame that I'm sending is from my device, 148 00:07:15,650 --> 00:07:18,170 and it's sending it out as a broadcast, 149 00:07:18,170 --> 00:07:22,280 and the ARP itself is requesting the MAC address 150 00:07:22,280 --> 00:07:25,880 for who has 10.1.10.210. 151 00:07:25,880 --> 00:07:28,010 You can see the details of the ARP 152 00:07:28,010 --> 00:07:30,800 that are located further down in the detail. 153 00:07:30,800 --> 00:07:32,700 You can see the sender MAC address, 154 00:07:32,700 --> 00:07:34,160 which is my Apple computer. 155 00:07:34,160 --> 00:07:38,870 You can see my local IP address, which is 10.1.10.249. 156 00:07:38,870 --> 00:07:41,000 You can see the target MAC address, 157 00:07:41,000 --> 00:07:43,700 right now we don't know what the MAC address is of the target, 158 00:07:43,700 --> 00:07:46,950 so it's all zeros, and you can see that I'm requesting the MAC 159 00:07:46,950 --> 00:07:52,820 address for the device that has the IP address of 10.1.10.210. 160 00:07:52,820 --> 00:07:55,730 We very quickly get a response from this device, which 161 00:07:55,730 --> 00:07:58,640 happens to be a Cisco switch, and the response 162 00:07:58,640 --> 00:08:01,910 from the MAC address is from the Cisco MAC address 163 00:08:01,910 --> 00:08:06,260 with the sender's IP address, which is 10.1.10.210, 164 00:08:06,260 --> 00:08:08,390 and the target is the response back 165 00:08:08,390 --> 00:08:11,750 to my Apple computer and my local IP address. 166 00:08:11,750 --> 00:08:15,570 You can see in the response that it filled in the sender MAC address, 167 00:08:15,570 --> 00:08:19,400 so instead of being all zeros, I see this long MAC address 168 00:08:19,400 --> 00:08:21,440 associated with this IP. 169 00:08:21,440 --> 00:08:23,900 And if you remember the IP address and MAC 170 00:08:23,900 --> 00:08:26,240 address in my local ARP cache, it 171 00:08:26,240 --> 00:08:31,780 matches both of those that were received by this ARP response. 172 00:08:31,780 --> 00:08:34,570 That ARP process is what we use an IP version 173 00:08:34,570 --> 00:08:37,270 4 to be able to identify a MAC address, 174 00:08:37,270 --> 00:08:40,360 but we don't have broadcasts in IPv6. 175 00:08:40,360 --> 00:08:43,630 There's also a different process for IPv6 176 00:08:43,630 --> 00:08:47,770 to identify the MAC addresses of devices on your local network. 177 00:08:47,770 --> 00:08:51,610 In IPv6, we use in NDP, which is Neighbor Discovery 178 00:08:51,610 --> 00:08:57,280 Protocol, using multicast, specifically with ICMPv6. 179 00:08:57,280 --> 00:09:00,460 This replaces the ARP function that we would commonly 180 00:09:00,460 --> 00:09:04,390 see in IPv4 with this Neighbor MAC Discovery. 181 00:09:04,390 --> 00:09:06,550 This can also be used in conjunction 182 00:09:06,550 --> 00:09:10,900 with SLAAC, which is Stateless Address Autoconfiguration, 183 00:09:10,900 --> 00:09:14,200 which allows the system to automatically configure itself 184 00:09:14,200 --> 00:09:18,250 with an IP address without using a DHCP server. 185 00:09:18,250 --> 00:09:20,080 Neighbor Discovery Protocol is also 186 00:09:20,080 --> 00:09:24,610 used to identify any duplicate addresses using DAD, 187 00:09:24,610 --> 00:09:26,980 or Duplicate Address Detection. 188 00:09:26,980 --> 00:09:29,170 If you wanted to see the conversation that 189 00:09:29,170 --> 00:09:32,650 takes place in IPv6, instead of using ARP, 190 00:09:32,650 --> 00:09:37,930 we send a neighbor solicitation, or NS, on a multicast address, 191 00:09:37,930 --> 00:09:43,570 and that is the IPv6 multicast that's used for this neighbor solicitation frame. 192 00:09:43,570 --> 00:09:46,870 The response is sent back from the other side with a neighbor 193 00:09:46,870 --> 00:09:49,780 advertisement, or NA, and that NA 194 00:09:49,780 --> 00:09:52,960 includes the MAC address of that local device. 195 00:09:52,960 --> 00:09:56,030 Although the protocols and the method is slightly different, 196 00:09:56,030 --> 00:10:01,330 you can see that the process is very similar to the one that occurs in IPv4. 197 00:10:01,330 --> 00:10:04,300 Not only are we sending data over ethernet networks, 198 00:10:04,300 --> 00:10:07,180 we can also send power over those networks 199 00:10:07,180 --> 00:10:11,860 at the same time using Power over Ethernet, or POE. 200 00:10:11,860 --> 00:10:15,610 This allows us to connect devices such as access points, 201 00:10:15,610 --> 00:10:18,520 voiceover IP phones, and other devices 202 00:10:18,520 --> 00:10:21,370 by simply plugging in an ethernet connection. 203 00:10:21,370 --> 00:10:23,920 You don't have to then plug in a separate power 204 00:10:23,920 --> 00:10:25,570 connection for that device. 205 00:10:25,570 --> 00:10:28,120 That power is coming from either the switch, 206 00:10:28,120 --> 00:10:31,240 or another device that's connected into the network. 207 00:10:31,240 --> 00:10:34,512 If it's coming from the switch, we call that an Endspan, 208 00:10:34,512 --> 00:10:37,910 or if it's coming from an injector, like the one you see here, 209 00:10:37,910 --> 00:10:41,020 which sits in the middle of an existing ethernet connection, 210 00:10:41,020 --> 00:10:44,080 we refer to that as a Midspan. 211 00:10:44,080 --> 00:10:47,260 If your ethernet network is a 10 or 100 megabit 212 00:10:47,260 --> 00:10:51,010 per second connection, then you have some extra wires inside 213 00:10:51,010 --> 00:10:53,110 of that cable that you could use for power. 214 00:10:53,110 --> 00:10:56,290 We refer to that as Mode B power over ethernet, 215 00:10:56,290 --> 00:10:58,990 where you're sending power on the spare pairs. 216 00:10:58,990 --> 00:11:01,030 But if you're using gigabit connections, 217 00:11:01,030 --> 00:11:04,660 you're using all of those wires for your gigabit ethernet data. 218 00:11:04,660 --> 00:11:06,970 And in those cases, we're using Mode A, 219 00:11:06,970 --> 00:11:11,108 where we're sending power and data over the same wire. 220 00:11:11,108 --> 00:11:13,400 You'll find there are a number of different power 221 00:11:13,400 --> 00:11:15,730 over ethernet standards, and these standards 222 00:11:15,730 --> 00:11:18,460 are being added to and changed all the time. 223 00:11:18,460 --> 00:11:24,370 Two very common standards are the IEEE 802.3af from 2003. 224 00:11:24,370 --> 00:11:28,000 We refer to that as the original POE standard, which 225 00:11:28,000 --> 00:11:32,320 provides 15.4 watts of direct current power, 226 00:11:32,320 --> 00:11:35,230 with a maximum current of 350 milliamps. 227 00:11:35,230 --> 00:11:38,290 An update to that standard is what we call POE+. 228 00:11:38,290 --> 00:11:42,640 This was updated with 802.3at in 2009. 229 00:11:42,640 --> 00:11:48,040 This also has been incorporated into the existing 802.3 ethernet standard. 230 00:11:48,040 --> 00:11:50,920 This provides a bit more power on the ethernet network, 231 00:11:50,920 --> 00:11:57,100 25.5 watts of DC power, with a maximum current of 600 milliamps. 232 00:11:57,100 --> 00:11:59,490 There are other power over ethernet standards, 233 00:11:59,490 --> 00:12:01,430 and these are being updated all the time, 234 00:12:01,430 --> 00:12:04,990 so make sure you check with the ethernet standards from IEEE 235 00:12:04,990 --> 00:12:09,570 to know exactly what options may be available for you.