10 hours 41 minutes
so we'll talk about some more of the components. So first we'll talk about routers.
Is there a boundary Devices that interconnect network so thes operate the layer three
they direct based off the I P address that later. Two. We're looking at the AARP.
They blocked broadcast, drafted by defaults of broadcast traffic is what's used to talk to other machines on the same, uh,
sub net will call it the same local sub net. So when you have machines behind a router, unless it has a rule, unless the rotors configured to allow that traffic out, it's not gonna be able to see
other machines on the outside. They're connected with your side, that router.
Unless there's a route defined to go see that can only broadcast with behind two machines behind that router.
Most of our support filtering so you can say, don't allow this kind of traffic out. Based on I p address,
some firewall features dual port filtering
and network address translation, which has commonly referred to his net.
That's where it
you have a certain i p address all your machines behind a writer could have.
We'll all have their own unique I p addresses. But then when they leave the router,
we'll get translated into whatever the I. P address is of the router.
So it looks like they're sharing that one connection. So that way, the router can filter everything coming in and out and also hides your eyepiece in the sub net behind the router.
The router itself maintained a table that says, Okay, traffic
came out from this I p looking for this, and I'm gonna watch for it to come back in, and I'll send it back to the original host. Since we're not going to use
R. I. P. We're leaving the network
through the router.
So we said it's used to connect network, so we have a Siri's of
for You were through a router fits in
so we could have a series
connected to a switch and a star apology.
So that's a PC.
That's a PC.
They're on one network because they share that switch right there.
there will say a router here.
So these guys were free to talk to each other
between this switch.
So when I say block broadcast, they're not automatically will be able to talk to anyone on the other side of this router. Unless
these two guys know about each other,
we'll do another.
Now these could be completely separate networks with completely different I P addresses,
and these routers will do the
translation to be able to talk to each other.
That's what we mean by connect to separate networks.
So to be able to do that truth that communication between two routers
and that's a very basic demo. With just two routers,
we can do it statically where we say, OK, all traffic coming from one writer
or anyone behind that router, And that network will automatically go to this other router
so we can set that in stone right in the convict file and always know how to do that.
But as you can see,
as we add more routers to the mix and more networks and you get to the size of a large corporation or even the Internet, that's a lot of rules that have to write and to keep track of because as soon as anything changes, you're going to go rewrite those rules
so that every network knows about every other network out there, so that developed into dynamic routing, where there's protocols that will discover the other networks and be able to talk to me. Just say, OK, I don't exist anymore or this is the path of least resistance
by counting the number of hops between router. So
especially in a large environment, if I have
multiple pathways, I didn't get to another network. I want to go the one that's the shortest. So dynamic growing protocol will also help
about your traffic over the
path of least resistance.
This is all stored in what's called a writing table on the router
that keeps track of where each of these
I p network I P addresses should go.
So, like I said, with static routing, we manually entered in.
If we are small network with only a few rattlers, it does give us higher control over our network because we're saying no kidding. This is how we want our traffic to route instead of allowing it to figure it out on its own.
If you're a smaller network, you're not gonna have multiple passed between
you're routers. You're not worrying about the best path to take or the most efficient because you usually have
a number of computers that are connected to one router and that one rotter goes out to the Internet.
So you're not doing any static routing internally to your network. If you just have the one switching the one router going out,
you're a larger network that used a hub and spoke technology.
you might need to use a stacker out for your main
routers and then you might want to use dynamic
Does not handle failures while you're out. That's configured mainly must be updated, reconfigured manual to fix a repair so it won't know by itself that another
that another router may be gone and say you could be trying to wrap traffic to a network. It doesn't exist in my game failed attempts.
So dynamic Apple, the dynamic routing where we're going to try to develop our routes automatically based off,
uh, various protocols.
So we share information between the writers saying, Hey, this is the networks I know about these networks you know about, and so they know when traffic comes from their network. Hey, you're trying to go to this network well, based off the little conversation I had
with the other routers in my neighborhood I know he has that network, so I'm gonna I know to send you there so I don't need to write a rule about that because all the routers are talking to each other. Say, Hey, this who I know about This is who I know about.
And so it knows how to route the traffic.
So provides a mechanism for discovering best paths, alternate paths redundant past based on routing metrics,
but still writes it to a routing table that it maintains internally.
Now, a metric would be How many hops is that router from me or that Mets network? So
well, say, if I'm in a network that has multiple pass to reach the same network
by knowing the number of hops, it is that network. That's the metric I know which way I want to take the one that has the least number of hops.
And I discovered that when I'm doing my conversation with the other writers using
usually it's PGP border Gateway protocol.
I know how far away is it? I've already done that. Math.
If I'm the router,
Robertson, Security Rogers or devices that can add security network by separating broadcast, remains them playing rule sets.
We can also set access control us that define what traffic slots diverse the device and what cannot.
So we say, don't allow any bios traffic, which or don't allow any Windows file sharing traffic across the router.
So if I'm running a home network
and I'm doing Windows file sharing,
there's no reason Windows file sharing should be leaving to go to the Internet.
I'm not. I'm only doing Windows file sharing to the computers internally. So at the router Aiken block window file sharing and say, OK, don't let anything for Windows file sharing try to leave.
I don't like D. N s. I might want to let leave for doing name I p. Look up.
Robbers could be accessed remotely. This a big security risk in a lot of situations where people don't change it to fault your name, passwords on a router
or access them using
insecure protocols like telling it. So
when you have many robbers, make sure that
that the fault passwords and user names were changed. Since most routers will sit in a closet somewhere, especially if you're not a home user. We're looking in a corporate environment
and your I t support. You're not gonna travel to that router to go change a configuration, saying you want to be Oh, you're gonna get to it remotely.