Network Packets and data

By Dan Collins, Emily Sullivan, Jenny Terry, Blake Herbert, Shannon Sheehy, August Mapp, Ryan Alvey, Alli Rippy, Don Hansen, Brian Luerman, Danny Morton, Amanda Gearhart, Rekkai Steed, David York, Tonia Nolden, Jared Mueller, Charles Kayser, Rama Kattunga, Brett Fraley, Kalee Howard, Christina Porter, Aaron Marks, Sebastian Frohm, and Ailene Johnston

MAC Addresses Explained: Networking Basics

By Charles Kayser

Was this helpful?

(Voting helps us personalize your learning experience!)

In this lesson we're going to explore more of Networking Fundamentals and learn how IP addresses are actually assigned, how devices can find and reference them, and how data actually travels across the network.

MAC Addresses

MAC (Media Access Control) addresses are unique identifiers assigned to network interfaces (NICs) for communications at the Data Link Layer (Layer 2) of the OSI model. They are structured as 48-bit hexadecimal numbers, typically formatted like `00:1A:2B:3C:4D:5E`. The first 24 bits represent the manufacturer, known as the Organizationally Unique Identifier (OUI), while the second half uniquely identifies the specific device itself. MAC addresses facilitate local network communication and switching, ensuring that packets are directed correctly. A special MAC address, `FF:FF:FF:FF:FF:FF`, is used for broadcasting, enabling a message to reach all devices on a local network simultaneously.

Definition: A MAC (Media Access Control) address is a unique, hardware-level identifier assigned to network interface cards (NICs) used for communication at the Data Link Layer (Layer 2) of the OSI model.

Structure:

A 48-bit hexadecimal number (e.g., 00:1A:2B:3C:4D:5E).
First half (24 bits) identifies the manufacturer (OUI).
Second half (24 bits) uniquely identifies the specific hardware interface.

Use Cases:

Ethernet communication within local networks.
Switches use MAC addresses to forward data frames to the correct port.

Broadcast MAC Address:

FF:FF:FF:FF:FF:FF is the broadcast MAC address, sending the frame to all hosts within the local network.

Network Protocols Explained: Networking Basics

By Charles Kayser

Was this helpful?

(Voting helps us personalize your learning experience!)

Network Packets and Protocols

Network packets are structured units of data transmitted across networks, comprising headers (which contain routing and addressing information), payloads (the actual data), and sometimes trailers for error-checking purposes.

Several key protocols operate within networks, each serving distinct purposes. HTTP (Hypertext Transfer Protocol) is primarily used for web browsing, typically over TCP ports 80 (HTTP) and 443 (HTTPS). DNS (Domain Name System) translates human-readable domain names into IP addresses, operating primarily on UDP/TCP port 53. ARP (Address Resolution Protocol) resolves IP addresses into MAC addresses, allowing devices on local networks to communicate effectively. TCP (Transmission Control Protocol) provides reliable, ordered, connection-oriented data transfer, while UDP (User Datagram Protocol) offers faster but connectionless and unreliable data transfers. ICMP (Internet Control Message Protocol) handles network diagnostics, commonly seen in tools like `ping`. SSH (Secure Shell) provides secure, encrypted remote access and management capabilities over networks, commonly using TCP port 22.

Definition: Structured units of data sent across a network, composed of headers, payload (data), and sometimes trailers (error-checking).

General Structure:

Network Protocols

HTTP (Hypertext Transfer Protocol)

Layer: Application (7)
Purpose: Web browsing
Port: TCP 80, HTTPS TCP 443

DNS (Domain Name System)

Layer: Application (7)
Purpose: Resolves domain names into IP addresses
Port: UDP/TCP 53

ARP (Address Resolution Protocol)

Layer: Data Link (2)
Purpose: Maps IP addresses to MAC addresses
Process:
1. Host broadcasts an ARP request asking, "Who has IP X.X.X.X?"
2. The host with IP X.X.X.X replies with its MAC address.

TCP (Transmission Control Protocol)

Layer: Transport (4)
Reliable, connection-oriented, ensures data delivery and order.

UDP (User Datagram Protocol)

Layer: Transport (4)
Connectionless, fast, no guaranteed delivery.

ICMP (Internet Control Message Protocol)

Layer: Network (3)
Diagnostic/control messaging (e.g., ping, traceroute).

SSH (Secure Shell)

Layer: Application (7)
Encrypted remote access and file transfers
Port: TCP 22

Packet Data

Packet data refers to the specific contents of network packets, including headers containing routing and addressing information and payloads such as HTTP requests, DNS queries, or other application-specific data. It can be summed up as:

Structured content within network packets including headers and payloads used by different protocols (HTTP request data, DNS queries, etc.).

Example:

Ethernet Frame:
  Dest MAC: AA:BB:CC:DD:EE:FF
  Source MAC: 11:22:33:44:55:66
IP Packet:
  Source IP: 192.168.1.10
  Dest IP: 142.250.68.142
TCP Segment:
  Source Port: 50234
  Dest Port: 80
Application Data:
  HTTP GET Request

RECAP!

ARP (Address Resolution Protocol) In-depth:

ARP Cache: Temporary storage of IP-to-MAC address mappings.
ARP Poisoning: An attack where an attacker sends fake ARP responses to redirect network traffic maliciously.

MAC Address:

Globally Unique Identifier, yet locally administered addresses can be manually assigned for special use cases (virtual networking).
MAC Filtering: Security measure allowing only devices with specific MAC addresses to connect to a network.

Broadcasting:

Process of sending a packet to all hosts within a network segment.
Essential in protocols like DHCP (Dynamic Host Configuration Protocol) and ARP.
Broadcast storms can occur if excessive broadcast traffic overwhelms a network, often due to misconfigured devices.