Layer 2

Data Link Layer

• "Local" communication
• The realm of frames
• LAN & WAN capabilities
• PAN (Personal Area Network), CAN (Campus Area Network), and many more
• Provide error detection
  • As data comes in, we use a check sum to determine if data arrived correctly.
• Clocking and synchronization
  • Both have to be in step with one another
• Authentication
  • Is optional but is recommended
  • 802.1x
    • Is a specification that handles authenticating into networks
    • If using WPA2 in enterprise mode, you have to provide a username and a password before you join the network
• Integrity
  • Check if data arrived exactly as it came in.

Layer 2 Addressing

Ethernet

• MAC address
  • Locally significant , they only really matter on the link that they are communicating, as soon as they get to a router device there is new layer 2 information.
• Hexadecimal
• Assigned by vendor
  • First 24 bits are assigned by a vendor so one can tell if frames are from a Netgear MAC address or a Juniper MAC address for example.

Layer 2 Considerations

• great for connectivity
• Gullible protocols
  • "Easily persuaded"
• Scalability limitations
• Group like devices when possible
• Isolate sensitive devices when possible
  • Things you do not want to get hacked
  • Manage network equipment
  • We keep the administrators separated from normal users
• Encrypt data when necessary
  • MAC Sec
    • Encryption scheme that basically encrypts and decrypts your frames on a hop-by-hop basis very, very secure (Very secure).
• Authenticate users and devices when we bring them into the environment