WEBVTT 1 00:00:00.160 --> 00:00:02.799 Welcome to the deep dive. This is where we take 2 00:00:02.839 --> 00:00:06.519 your sources, dig into them and really pull out the 3 00:00:06.559 --> 00:00:09.119 most important insights. That's right. Today we're kind of pulling 4 00:00:09.160 --> 00:00:12.080 back the curtain on how the Internet, you know, how 5 00:00:12.119 --> 00:00:15.359 all our modern networks actually work underneath it all? Yeah, 6 00:00:15.359 --> 00:00:17.839 the real guts of it. Yeah, exactly. You click a link, 7 00:00:18.039 --> 00:00:22.199 send a message, watch a video. It feels instantaneous, like magic, 8 00:00:22.239 --> 00:00:24.559 doesn't it. It really does. Well, it's definitely not magic. 9 00:00:24.600 --> 00:00:28.679 It's a very carefully designed system. And today we're doing 10 00:00:28.679 --> 00:00:33.000 a deep dive into its core building blocks, switches and routers, and. 11 00:00:32.960 --> 00:00:35.520 Our mission really is to give you a shortcut. This 12 00:00:35.560 --> 00:00:38.759 stuff can be incredibly dense, so we're extracting the let's say, 13 00:00:38.759 --> 00:00:41.600 the must know parts and maybe some surprising bits from 14 00:00:41.600 --> 00:00:44.880 a great resource, the Cisco CCNA and sixty Days Learned 15 00:00:44.880 --> 00:00:46.159 Dot pdf book. 16 00:00:46.200 --> 00:00:47.799 Yeah, and it's got a kind of cool backstory. The 17 00:00:47.799 --> 00:00:51.240 original author, Paul Browning, was actually an ex police officer 18 00:00:51.240 --> 00:00:53.880 in the UK. Oh really, yeah, taught himself it, wrote 19 00:00:53.920 --> 00:00:56.840 the first version because he needed it. But then importantly 20 00:00:57.079 --> 00:01:01.079 he brought in these dual CCIE network architect people like 21 00:01:01.200 --> 00:01:04.799 Daniel Gersh Daryl Brunnick for ITAFA the people who actually 22 00:01:04.840 --> 00:01:07.799 do this stuff day in, day out, exactly as the 23 00:01:07.840 --> 00:01:11.920 book says, they do Internet working full time. So what 24 00:01:11.920 --> 00:01:16.719 you're getting, hopefully is that real world relevance distilled down. 25 00:01:17.040 --> 00:01:19.719 The goal is you walk away feeling informed, maybe have 26 00:01:19.799 --> 00:01:22.120 a couple of aha moments, and just get a better 27 00:01:22.159 --> 00:01:25.760 feel for what's happening behind the scenes without getting totally overwhelmed. 28 00:01:25.799 --> 00:01:29.079 Ideally. Okay, so let's start at the beginning, maybe how 29 00:01:29.079 --> 00:01:32.159 things used to be before we had these intelligent devices. 30 00:01:32.159 --> 00:01:35.000 We had hubs. You call them the network's loud speaker. 31 00:01:35.200 --> 00:01:36.079 That's a good way to put it. 32 00:01:36.159 --> 00:01:40.359 Yeah, hubs were really simple, basically multiport repeaters. Signal comes 33 00:01:40.359 --> 00:01:43.599 in one port, it gets boosted, and then just blasted 34 00:01:43.640 --> 00:01:45.920 out of every other port. Didn't matter who it was for. 35 00:01:46.040 --> 00:01:48.799 So if my computer sends something to yours, everyone else 36 00:01:48.840 --> 00:01:49.799 plugged in got it too. 37 00:01:49.920 --> 00:01:53.439 Everyone got it. Which leads to the biggest problem. Yeah, 38 00:01:53.480 --> 00:01:56.200 one huge collision domain, right. 39 00:01:56.319 --> 00:01:57.680 Like shouting in a crowded room. 40 00:01:57.719 --> 00:02:02.200 You said, Yeah, chaos total, Only one device could really 41 00:02:02.280 --> 00:02:05.920 talk at a time without signals colliding, and they only 42 00:02:05.920 --> 00:02:09.800 worked at half duplex. Couldn't send and receive simultaneously. Performance 43 00:02:09.960 --> 00:02:11.319 was well, not great. 44 00:02:11.400 --> 00:02:15.120 Okay, So hubs were noisy and inefficient. Then came switches, 45 00:02:15.520 --> 00:02:18.719 and here's where you said it gets interested. Maybe counterintuitive 46 00:02:19.240 --> 00:02:21.639 switches increase collision domains. 47 00:02:21.879 --> 00:02:24.199 Yeah sounds weird, right, but it's a very good thing. 48 00:02:24.280 --> 00:02:28.039 See with the switch, each port essentially becomes its own 49 00:02:28.120 --> 00:02:30.319 collision domain. Traffic is isolated. 50 00:02:30.439 --> 00:02:32.840 Uh okay, so instead of a shouting match, it's. 51 00:02:32.639 --> 00:02:35.479 More like like a smart telephone operator maybe, or an 52 00:02:35.479 --> 00:02:38.120 efficient post office. It directs traffic precisely. 53 00:02:38.280 --> 00:02:39.719 How does it do that? How does it nowhere to 54 00:02:39.759 --> 00:02:40.240 send things? 55 00:02:40.479 --> 00:02:44.159 So switches use something called a content addressable memory table 56 00:02:44.159 --> 00:02:47.000 a CAM table, and this is usually stored in a 57 00:02:47.039 --> 00:02:49.719 special chip and ask to make it super fast? 58 00:02:49.759 --> 00:02:51.919 Okay. The switch listens to. 59 00:02:51.879 --> 00:02:54.759 The traffic and learns the unique hardware address the emmelia 60 00:02:54.800 --> 00:02:56.919 address of whatever device is plugged into each port. 61 00:02:57.360 --> 00:02:59.000 It builds this table, so. 62 00:02:59.039 --> 00:03:01.639 When a frame comes in in, the switch looks at 63 00:03:01.639 --> 00:03:05.599 the destination MSc address, checks its CAM table and says, ah, 64 00:03:05.680 --> 00:03:08.520 that device is on port five, and sends the frame 65 00:03:08.599 --> 00:03:10.039 only out of port five. 66 00:03:09.960 --> 00:03:12.000 Not broadcasting it everywhere like the hub did. 67 00:03:12.159 --> 00:03:16.560 Exactly, huge improvement and efficiency less unnecessary traffic. 68 00:03:16.800 --> 00:03:20.479 Better security makes total sense. So switches are great for 69 00:03:20.520 --> 00:03:25.319 connecting local things BCS, printers, servers, and you mentioned segmenting 70 00:03:25.360 --> 00:03:28.159 networks with VLANs, which I definitely want to get back to. 71 00:03:28.319 --> 00:03:28.719 We will. 72 00:03:28.879 --> 00:03:30.520 But for basic setup, you just need to give it 73 00:03:30.560 --> 00:03:33.639 a name, a host name, and set up promote access right, 74 00:03:33.719 --> 00:03:35.319 prefer secure. 75 00:03:34.879 --> 00:03:39.240 SSH precisely, keep it simple but secure. Now, if switches 76 00:03:39.360 --> 00:03:43.000 handle the local traffic, routers are the big navigators. They 77 00:03:43.000 --> 00:03:44.039 connect different networks. 78 00:03:44.120 --> 00:03:46.240 And you said learning about routers is like what half 79 00:03:46.280 --> 00:03:47.919 the CCNA curriculum easily. 80 00:03:48.039 --> 00:03:50.080 Yeah, it tells you how crucial they are. They're the 81 00:03:50.120 --> 00:03:53.199 devices that really stitch the Internet together, connecting all these 82 00:03:53.199 --> 00:03:54.319 separate local networks. 83 00:03:54.360 --> 00:03:57.000 So they don't just connect networks, they actively learned about them. 84 00:03:57.120 --> 00:03:57.479 They do. 85 00:03:57.520 --> 00:04:01.080 They learn routes, They exchange routing information with routers, and 86 00:04:01.120 --> 00:04:03.400 they figure out the best way to get packets from 87 00:04:03.400 --> 00:04:06.800 networkA to network B, whether that's internal networks or out 88 00:04:06.840 --> 00:04:07.719 to the wider Internet. 89 00:04:07.759 --> 00:04:10.439 Okay, walk me through that. A packet arrives at the 90 00:04:10.520 --> 00:04:14.120 router destined for somewhere else. What happens step by step? 91 00:04:14.199 --> 00:04:16.800 Okay, So first the router receives the frame off the 92 00:04:16.800 --> 00:04:19.680 wire and needs to look inside, so it performs decapsulation. 93 00:04:20.120 --> 00:04:23.360 It strips off the layer two frame, header and trailer. 94 00:04:23.680 --> 00:04:26.120 That information was just for the previous. 95 00:04:25.839 --> 00:04:28.480 Hop, right, like the local delivery instructions exactly. 96 00:04:28.839 --> 00:04:32.120 Then it looks at the layer three packet inside, specifically 97 00:04:32.160 --> 00:04:36.199 the destination IP address, the ultimate disc the ultimate destination. Yes, 98 00:04:36.600 --> 00:04:39.120 it consults its routing table to find the best path 99 00:04:39.160 --> 00:04:43.639 towards that destination IP. Then crucially, it re encapsulates that 100 00:04:43.720 --> 00:04:45.920 layer three packet into a new layer. 101 00:04:45.759 --> 00:04:46.959 Two frame, a new frame. 102 00:04:47.199 --> 00:04:49.959 Why new, because the next hop might be over a 103 00:04:49.959 --> 00:04:53.240 different type of network link. Maybe it came in over ethernet, 104 00:04:53.279 --> 00:04:55.759 but it's going out over say an older ceial link 105 00:04:55.839 --> 00:05:00.519 using HDLC. The frame format needs to match the outgoing link. 106 00:05:00.879 --> 00:05:04.319 Ah, okay, different local delivery instructions for the next leg 107 00:05:04.360 --> 00:05:05.519 of the journey, You got it. 108 00:05:05.839 --> 00:05:09.000 And then it forwards that new frame out the correct interface. 109 00:05:09.199 --> 00:05:11.839 So this leads to that really key point, that aha 110 00:05:11.959 --> 00:05:14.519 moment you mentioned. Yes, this is fundamental. 111 00:05:15.240 --> 00:05:19.839 As a packet travels across multiple networks, multiple routers, the 112 00:05:19.879 --> 00:05:23.839 source and destination IP addresses inside that packet they never change. 113 00:05:23.879 --> 00:05:25.720 They never change. Okay, But the layer two. 114 00:05:25.759 --> 00:05:29.199 Mmy addresses in the frame. They change at every single 115 00:05:29.279 --> 00:05:31.959 hop between routers or other intermediary devices. 116 00:05:32.040 --> 00:05:35.079 Right, the envelope dress stays the same, but the mail 117 00:05:35.120 --> 00:05:37.000 carrier changes at each sorting office. 118 00:05:37.079 --> 00:05:40.639 Perfect analogy. The IP address is the final house address. 119 00:05:41.000 --> 00:05:44.839 Theme address is the specific person carrying the mail between 120 00:05:44.879 --> 00:05:48.279 post offices. Right now, That dynamic is what makes global 121 00:05:48.360 --> 00:05:51.120 routing work alongside local delivery. 122 00:05:50.959 --> 00:05:54.360 And interacting with these routers like switches, usually means using 123 00:05:54.360 --> 00:05:57.399 the command line interface the CLI. It has different modes 124 00:05:57.480 --> 00:05:57.800 it does. 125 00:05:57.800 --> 00:06:00.360 It's hierarchical. You start in user mode, which is very 126 00:06:00.360 --> 00:06:03.560 limited router. Then you enable to get to privileged mode 127 00:06:03.639 --> 00:06:07.000 router hashtag where you can view things and do basic tests. 128 00:06:07.439 --> 00:06:11.040 To make changes, you go into global configuration mode config 129 00:06:11.120 --> 00:06:14.759 T giving router configure hashtag, and from there you might 130 00:06:14.800 --> 00:06:20.040 go into more specific modes like interface configuration, router configure hashtag, 131 00:06:20.240 --> 00:06:21.439 or router configuration. 132 00:06:22.279 --> 00:06:24.519 Kind of nested levels of control exactly. 133 00:06:24.560 --> 00:06:27.959 It prevents accidental changes. You use commands like exit to 134 00:06:28.000 --> 00:06:30.439 go back up a level or credil plus z to 135 00:06:30.480 --> 00:06:32.120 jump straight back to privileged mode. 136 00:06:32.199 --> 00:06:33.720 And for new folks navigating this. 137 00:06:33.800 --> 00:06:37.439 Oh, the question mark is your best friend type it anywhere. 138 00:06:37.480 --> 00:06:40.519 It shows you available commands or options. Tab completion is 139 00:06:40.560 --> 00:06:43.839 also essential. Start typing a command, hit tab, it finishes 140 00:06:43.839 --> 00:06:47.360 it for you, saves typos, and show history is handy 141 00:06:47.399 --> 00:06:49.240 to see what you type before life savers. 142 00:06:49.240 --> 00:06:53.399 I bet okay. So we have the devices, hubs, switches, routers. 143 00:06:53.519 --> 00:06:56.720 We know how they physically move data. Now let's talk 144 00:06:56.720 --> 00:07:00.680 about the language they speak, these models OSI and t ACPIP. 145 00:07:01.480 --> 00:07:03.720 What problem did they solve? Great question? 146 00:07:03.959 --> 00:07:06.680 Before these models, networking was kind of the wild West. 147 00:07:06.720 --> 00:07:08.560 Every vendor had their own way of doing things, and 148 00:07:08.600 --> 00:07:10.959 getting equipment from different companies to talk to each other 149 00:07:11.120 --> 00:07:15.959 was difficult, a nightmare probably pretty much. So these models 150 00:07:16.040 --> 00:07:19.879 OSI being more theoretical with seven layers and TCPIP being 151 00:07:19.879 --> 00:07:22.879 the practical one, which this go often shows as five layers. 152 00:07:22.920 --> 00:07:26.879 Now they created a common framework, a blueprint. 153 00:07:26.399 --> 00:07:28.759 A standard way of thinking about network functions. 154 00:07:28.920 --> 00:07:34.759 Exactly, they divided networking into logical layers physical data, link, network, transport, application, 155 00:07:35.000 --> 00:07:38.199 and so on. This modularity means vendor A can focus 156 00:07:38.240 --> 00:07:40.759 on making a great layer two switch, and vendor B 157 00:07:40.959 --> 00:07:43.279 can make a great layer three router, and they can 158 00:07:43.360 --> 00:07:46.720 still work together because they adhere to the same layered rules. 159 00:07:46.360 --> 00:07:50.519 And it allows innovation at one layer without breaking everything else. 160 00:07:50.560 --> 00:07:53.160 Absolutely, it's all about interoperability, and. 161 00:07:53.120 --> 00:07:56.720 This concept of encapsulation and decapsulation fits right in here, 162 00:07:56.759 --> 00:07:57.920 doesn't it perfectly. 163 00:07:58.319 --> 00:08:01.079 As data moves down the layers on sending device, each 164 00:08:01.120 --> 00:08:03.519 layer adds its own header, like putting the data in 165 00:08:03.560 --> 00:08:05.319 an envelope than a bigger envelope, etc. 166 00:08:05.639 --> 00:08:07.920 That's encapsulation, wrapping it up, wrapping it up. 167 00:08:08.040 --> 00:08:10.319 Then as it moves up the layers on the receiving device, 168 00:08:10.680 --> 00:08:14.639 each layer unwraps its corresponding header, processes the information, and 169 00:08:14.720 --> 00:08:16.680 passes the rest up decapsulation. 170 00:08:17.079 --> 00:08:19.480 Okay, so let's look at the addresses used at these layers. 171 00:08:19.560 --> 00:08:23.199 Layer three IP addressing the global address. We started with 172 00:08:23.360 --> 00:08:24.240 IPv four. 173 00:08:24.160 --> 00:08:28.000 Right, the original thirty two bit addresses revolutionary at the time, 174 00:08:28.279 --> 00:08:31.079 but we ran into a problem pretty quickly. With the 175 00:08:31.120 --> 00:08:34.960 massive explosion of computers and Internet connected devices. 176 00:08:34.480 --> 00:08:36.879 We ran out of addresses, basically started running out. 177 00:08:36.919 --> 00:08:40.240 Yeah, address exhaustion became a real issue. We had addressed 178 00:08:40.240 --> 00:08:45.480 classes initially ABC with defall masks, but we needed more flexibility. 179 00:08:44.840 --> 00:08:46.840 Which led to subnetting exactly. 180 00:08:46.879 --> 00:08:51.000 Subnetting was this clever trick. It let network admins steal 181 00:08:51.039 --> 00:08:53.159 bits from the host part of the IP address to 182 00:08:53.159 --> 00:08:57.879 create more network segments or subnets within the originally allocated block. 183 00:08:58.120 --> 00:09:00.720 So you could take one large network and carve it 184 00:09:00.799 --> 00:09:03.759 up into smaller, more manageable pieces, like taking a large 185 00:09:03.799 --> 00:09:07.440 plot of land and dividing it into smaller lots. Good analogy. 186 00:09:07.759 --> 00:09:10.600 It helped use the available addresses more efficiently and allowed 187 00:09:10.600 --> 00:09:14.639 for better network organization and security. You know, calculating subnets 188 00:09:14.639 --> 00:09:17.600 can be tricky, hence things like cheat sheets like figuring 189 00:09:17.639 --> 00:09:20.159 out which subnet one ninety two point one sixty eight 190 00:09:20.240 --> 00:09:22.159 point one zero zero two six. 191 00:09:21.960 --> 00:09:25.279 Belongs to right. But even subnetting was just delaying the 192 00:09:25.320 --> 00:09:29.240 inevitable with IPv four exhaustion, which brings us to IPv 193 00:09:29.399 --> 00:09:32.440 six the future, well, the present and future. Why the 194 00:09:32.440 --> 00:09:35.720 big push to migrate? Obviously, there are way more addresses 195 00:09:35.720 --> 00:09:38.279 one hundred and twenty eight bits versus thirty two that's. 196 00:09:38.120 --> 00:09:42.639 The headline feature, almost unlimited addresses. But IPB six offers more. 197 00:09:42.879 --> 00:09:45.480 It has a simpler packet header, which routers can process 198 00:09:45.480 --> 00:09:48.720 more efficiently. It eliminates broadcast traffic altogether. 199 00:09:48.919 --> 00:09:50.840 No more shouting in the room, No more shouting. 200 00:09:50.960 --> 00:09:54.240 It relies heavily on multicast instead, and it has built 201 00:09:54.240 --> 00:09:57.480 in support for stateless auto configuration, making it much easier 202 00:09:57.480 --> 00:09:59.279 for devices to get an address automatically. 203 00:09:59.360 --> 00:10:03.440 Okay, simple, faster, bigger address space, easier configuration sounds good, 204 00:10:03.840 --> 00:10:07.879 but the addresses look intimidating. That's adecimal. They do look different. 205 00:10:07.879 --> 00:10:11.320 They use exitesimal numbers zero nine and letters af eight 206 00:10:11.320 --> 00:10:15.039 groups of four hex characters separated by colons, like two 207 00:10:15.039 --> 00:10:17.840 thousand one point point zero dB eight point eight five 208 00:10:17.879 --> 00:10:20.080 eight three point zero zero zero zero zero zero zero 209 00:10:20.240 --> 00:10:22.279 zero point a two e point zero three seven zero 210 00:10:22.519 --> 00:10:25.039 point seven three three four. That's a mouthful lots of 211 00:10:25.120 --> 00:10:27.399 zeros in that example. Often yes, which is why there's 212 00:10:27.399 --> 00:10:29.600 a shorthand. You can use a double colon dome just 213 00:10:29.720 --> 00:10:32.200 once an interddress to represent a consecutive string of all 214 00:10:32.279 --> 00:10:35.960 zero groups ah compression, so that example could become two 215 00:10:36.000 --> 00:10:38.320 thousand and one dot dB eight dot eight five a 216 00:10:38.399 --> 00:10:40.799 three point eighty two e point zero three seven zero 217 00:10:41.000 --> 00:10:41.919 point seven three. 218 00:10:41.879 --> 00:10:45.000 Three four precisely makes them a bit easier than handle, 219 00:10:45.120 --> 00:10:47.600 and IPv six has different address types too. There are 220 00:10:47.679 --> 00:10:51.039 link local addresses. They start with fe eighty point en 221 00:10:51.159 --> 00:10:53.759 and devices use them automatically to talk to other devices 222 00:10:53.799 --> 00:10:56.440 on the same physical link for things like neighbor. 223 00:10:56.159 --> 00:10:58.159 Discovery, so local chat only. Right. 224 00:10:58.399 --> 00:11:01.320 Then you have multicast of russes starting FS zero zero 225 00:11:01.360 --> 00:11:04.720 point eight, used extensively for one to many communication. IPv 226 00:11:04.840 --> 00:11:07.679 six uses multicasts for things arps to do in IPP 227 00:11:07.799 --> 00:11:11.240 four and any cast is interesting, same address on multiple devices, 228 00:11:11.240 --> 00:11:12.600 your traffic goes to the nearest one. 229 00:11:13.000 --> 00:11:15.399 It's more of a concept for CCNA level though, and 230 00:11:15.480 --> 00:11:17.879 auto configuration. You mentioned stateless and state full. 231 00:11:18.039 --> 00:11:20.879 Yeah. Statefle is like DHT and IPv four where server 232 00:11:20.960 --> 00:11:24.440 hands out addresses DHCPv six stateless is cooler. A host 233 00:11:24.440 --> 00:11:27.000 listens for router advertisements containing the network prefix, then it 234 00:11:27.000 --> 00:11:29.639 basically creates its own unique address by combining that prefix 235 00:11:29.639 --> 00:11:32.440 with its own MSSU address slightly modified and what's called 236 00:11:32.480 --> 00:11:33.600 EUI sixty four. 237 00:11:33.440 --> 00:11:37.559 Format clever self sufficient addressing pretty much. Okay, So that's 238 00:11:37.639 --> 00:11:38.279 layer three. Down. 239 00:11:38.320 --> 00:11:42.840 At layer two we have MAAC addresses, the physical hardware address. 240 00:11:42.519 --> 00:11:45.840 Burned into the network card, unique to each device. 241 00:11:45.559 --> 00:11:49.200 Ideally ideally yes, the data link layer address. But how 242 00:11:49.240 --> 00:11:52.679 does your computer know the MAC address of, say, the 243 00:11:52.759 --> 00:11:55.919 local router when it only knows the router's IP address. 244 00:11:56.000 --> 00:11:59.440 Good question. It needs to translate IP to MP somehow 245 00:11:59.440 --> 00:12:00.080 for local deal. 246 00:12:00.480 --> 00:12:04.200 And that's ARP Address Resolution Protocol. It's the local translator. 247 00:12:04.360 --> 00:12:04.960 How does it work? 248 00:12:05.240 --> 00:12:07.919 So when your PC wants to send a packet to 249 00:12:08.000 --> 00:12:11.120 the router's IP, it first checks its own AARP cash 250 00:12:11.159 --> 00:12:13.120 a little table mapping IPS to MLC. 251 00:12:13.279 --> 00:12:14.440 It already knows uh huh. 252 00:12:14.600 --> 00:12:16.919 If the router's MH isn't in the cash, your PC 253 00:12:17.120 --> 00:12:20.960 sends out an ARP request. This is a broadcast message saying, hey, 254 00:12:21.320 --> 00:12:23.679 whoever has IP address one nine to two point one 255 00:12:23.759 --> 00:12:25.639 sixty eight point one on one, please tell me your 256 00:12:25.720 --> 00:12:26.399 my address. 257 00:12:26.480 --> 00:12:29.360 Shouting again, but just locally, this time locally exactly. 258 00:12:29.799 --> 00:12:32.720 The router sees this broadcast, recognizes its own IP and 259 00:12:32.759 --> 00:12:35.360 sends an ARP replied directly back to your PC, saying 260 00:12:35.480 --> 00:12:38.679 that's me, Here's Miami address. Your PC then adds this 261 00:12:38.799 --> 00:12:41.120 mapping to its RP cash and can now build the 262 00:12:41.200 --> 00:12:42.559 layer two frame properly. 263 00:12:42.799 --> 00:12:46.080 Got it, And that explains why sometimes the first ping 264 00:12:46.159 --> 00:12:48.679 to a device fails. That's often the reason. 265 00:12:48.759 --> 00:12:52.039 Yeah, you'll see a period maybe for the first ping attempt, 266 00:12:52.159 --> 00:12:55.360 indicating a timeout while ARP does its thing. Then the 267 00:12:55.399 --> 00:12:58.720 next pings succeed with exclamation marks B. The ms isn't 268 00:12:58.759 --> 00:13:02.000 now cashed. These cashes don't last forever though, they time out, 269 00:13:02.120 --> 00:13:04.279 usually after a few hours to keep things fresh. 270 00:13:04.480 --> 00:13:09.080 Okay, ARP handles local IP TOMAC translation, but going back 271 00:13:09.080 --> 00:13:12.600 to the IPv four address shortage, ARP doesn't solve that. 272 00:13:12.600 --> 00:13:17.080 That's where NAT comes in, right, Network address translation absolutely essential. NAT. 273 00:13:17.559 --> 00:13:20.159 Your analogy of the color tokens was spot on. You 274 00:13:20.200 --> 00:13:23.000 have loads of private internal addresses you can use freely 275 00:13:23.039 --> 00:13:25.759 the blue and yellow tokens, but you only have a 276 00:13:25.799 --> 00:13:29.360 few or maybe just one public IP address to access 277 00:13:29.399 --> 00:13:31.759 the global Internet, the scarce green tokens. 278 00:13:31.799 --> 00:13:34.480 So NEAT is the gatekeeper managing those green tokens. 279 00:13:34.559 --> 00:13:37.720 It's the exchange mechanism. When your internal device needs to 280 00:13:37.759 --> 00:13:40.440 talk to the Internet, the GNAT router swaps out the 281 00:13:40.480 --> 00:13:44.000 private source IP for a public one. Its fundamental purpose 282 00:13:44.200 --> 00:13:48.519 was and still is conserving those precious public IPv four addresses. 283 00:13:48.639 --> 00:13:50.399 And there are different flavors of net A. 284 00:13:50.320 --> 00:13:53.200 Few main types. Yeah, static net is a simple one 285 00:13:53.200 --> 00:13:56.480 to one mapping. This private IP always uses that public IP. 286 00:13:57.240 --> 00:13:59.559 Good for hosting a server. Okay, Then you have a 287 00:13:59.639 --> 00:14:02.960 NAP where you have a pool of public eyps, and 288 00:14:03.159 --> 00:14:06.639 internal devices grab one from the pool as needed, first come, 289 00:14:06.759 --> 00:14:09.679 first served until the pool runs out right. But the 290 00:14:09.720 --> 00:14:13.000 most common type, especially in homes and small businesses, is 291 00:14:13.159 --> 00:14:16.039 NAT overload, often called PAT port. 292 00:14:15.879 --> 00:14:18.279 Address translation the CAT. Yeah. 293 00:14:18.720 --> 00:14:21.559 This allows many internal devices to share a single public 294 00:14:21.600 --> 00:14:24.759 IP address. The router keeps track of connections by using 295 00:14:24.799 --> 00:14:28.000 different source port numbers for each internal device's session. 296 00:14:28.080 --> 00:14:30.360 Ah, so it uses the port number to differentiate the 297 00:14:30.360 --> 00:14:34.399 conversations sharing that one public IP precisely. It's incredibly efficient 298 00:14:34.440 --> 00:14:37.960 for address conservation. And you mentioned a common troubleshooting issue 299 00:14:37.960 --> 00:14:41.559 with NAT, something easily forgotten. Oh yeah, it's almost a classic. 300 00:14:42.039 --> 00:14:44.720 Nine times out of ten, someone's configured the NAT rules, 301 00:14:44.960 --> 00:14:47.360 but they forgot to tell the router which interface is 302 00:14:47.399 --> 00:14:50.279 connected to the internal network and which is connected to 303 00:14:50.320 --> 00:14:51.320 the external network. 304 00:14:51.720 --> 00:14:52.360 You need those. 305 00:14:52.240 --> 00:14:55.600 Ipnet inside and IPNAT outside commands on the interfaces. 306 00:14:56.120 --> 00:15:01.440 Simple mistake, big headache, Good tip. Okay, let's shift gears 307 00:15:01.480 --> 00:15:07.879 to organizing networks within an organization. V lance Virtual. 308 00:15:07.559 --> 00:15:11.480 Lands d lands are huge, really fundamental for modern network design. 309 00:15:11.720 --> 00:15:14.480 They let you take one physical switch and logically chop 310 00:15:14.480 --> 00:15:16.399 it up into multiple virtual switches. 311 00:15:16.720 --> 00:15:19.559 So devices plugged into the same physical switch can be 312 00:15:19.600 --> 00:15:21.840 in different logical networks exactly. 313 00:15:21.879 --> 00:15:25.080 You can group devices by department, say sales on VLAN ten, 314 00:15:25.200 --> 00:15:28.200 engineering on VLAN twenty, even if their desks are scattered 315 00:15:28.200 --> 00:15:30.919 across the building and plugged into different switches. Or you 316 00:15:30.919 --> 00:15:33.720 can separate voice traffic onto its own VLAN for quality 317 00:15:33.720 --> 00:15:34.519 of service and. 318 00:15:34.480 --> 00:15:37.559 The key benefit here security wise or traffic. 319 00:15:37.200 --> 00:15:40.879 Wise, each VLAN is its own separate broadcast domain. Remember 320 00:15:40.919 --> 00:15:43.720 how hubs were one big broadcast domain and switches made 321 00:15:43.759 --> 00:15:47.440 each port its own collision domain. Well, vilains create broadcast 322 00:15:47.519 --> 00:15:50.960 boundaries at layer two. By default, traffic from VLAN ten 323 00:15:51.039 --> 00:15:54.960 cannot reach VLAN twenty and vice versa. Broadcasts sent in 324 00:15:55.039 --> 00:15:57.759 VLAN ten only go to other ports in. 325 00:15:57.759 --> 00:16:01.879 VLAN ten, So improve security through isle and less broadcast 326 00:16:01.919 --> 00:16:03.360 noise flooding the whole network. 327 00:16:03.399 --> 00:16:07.360 Absolutely, but it means each vland needs its own IP subnet, 328 00:16:07.559 --> 00:16:10.279 like one ninety two point one sixty eight point zero 329 00:16:10.320 --> 00:16:13.399 two four for v LAN ten and one ninety two 330 00:16:13.399 --> 00:16:16.039 point one sixty eight point twenty day point zero two 331 00:16:16.120 --> 00:16:17.360 four for VLAND twenty. 332 00:16:17.519 --> 00:16:20.879 Okay, different virtual neighborhoods, different address ranges. But what if 333 00:16:20.919 --> 00:16:23.519 sales needs to talk to engineering, how do they communicate 334 00:16:23.559 --> 00:16:24.360 between vlands? 335 00:16:24.639 --> 00:16:28.120 Ah, that requires interval routing. You need a layer three device, 336 00:16:28.200 --> 00:16:30.440 a router or a multi layer switch to act as 337 00:16:30.440 --> 00:16:32.200 the bridge between those IP subnets. 338 00:16:32.279 --> 00:16:34.360 Makes sense. But first, what if I have devices in 339 00:16:34.440 --> 00:16:37.440 the same vlan, say VLAN ten, but they're plugged into 340 00:16:37.440 --> 00:16:40.159 different physical switches, one on floor one, one on floor two. 341 00:16:40.320 --> 00:16:42.720 How does their traffic stay in VLAN ten across the building? 342 00:16:42.879 --> 00:16:45.200 Good question. That's where trunk links come in. A trunk 343 00:16:45.240 --> 00:16:47.720 link is a special connection between switches that's configured to 344 00:16:47.720 --> 00:16:50.919 carry traffic for multiple VLANs simultaneously. 345 00:16:50.240 --> 00:16:52.559 Like a highway carrying traffic for different destinations. 346 00:16:52.879 --> 00:16:57.320 Exactly when a frame belonging to say villan ten needs 347 00:16:57.320 --> 00:16:59.639 to cross the trunk link to the other switch, the 348 00:16:59.679 --> 00:17:02.600 first switch adds a tag to the frame that identifies 349 00:17:02.639 --> 00:17:03.440 it as belonging to. 350 00:17:03.399 --> 00:17:05.759 Vilan ten, a VLANI tag giant Right. 351 00:17:06.000 --> 00:17:09.079 The receiving switch sees the tag, knows the frame belongs 352 00:17:09.119 --> 00:17:12.559 to villaan ten, removes the tag and forwards the frame 353 00:17:12.680 --> 00:17:15.240 only to ports assigned to VLAN ten on its side. 354 00:17:15.319 --> 00:17:18.359 So the Vilin identity is maintained across switches. And how 355 00:17:18.440 --> 00:17:19.960 is this tagging actually done. 356 00:17:19.920 --> 00:17:23.359 Two main ways. There's an older Cisco proprietary method called 357 00:17:23.400 --> 00:17:26.279 isl interswitch link. You don't see it much anymore, Okay, 358 00:17:26.319 --> 00:17:29.519 The standard universally used method is i ee atoh two 359 00:17:29.559 --> 00:17:31.880 point one Q, often just called DOT one Q. It 360 00:17:31.920 --> 00:17:34.440 inserts a small tag into the Ethernet frame header. 361 00:17:34.519 --> 00:17:36.640 Got it? ATO two point one Q is the standard. 362 00:17:36.640 --> 00:17:38.599 And you mentioned something with a native lan ah? 363 00:17:38.680 --> 00:17:41.240 Yes, with ATO two point one Q, there's a concept 364 00:17:41.240 --> 00:17:44.359 of a native LAN. Traffic belonging to this specific villain 365 00:17:44.400 --> 00:17:47.359 is sent across the trunk link untagged by default. 366 00:17:47.359 --> 00:17:49.759 This is villain one untagged. Is that a problem? It 367 00:17:49.759 --> 00:17:50.920 can be a security risk. 368 00:17:51.160 --> 00:17:54.160 It's best practice to change the native VLAN to something 369 00:17:54.240 --> 00:17:57.359 other than the default VLAN one and make sure it's 370 00:17:57.359 --> 00:18:00.039 consistent on both ends of the trunk link. Also, so 371 00:18:00.119 --> 00:18:03.000 don't put any user devices in the native VLAN. 372 00:18:03.240 --> 00:18:05.799 Okay, change the native vilan from one. And what about 373 00:18:05.799 --> 00:18:07.960 setting up these trunk links? Is it always manual? 374 00:18:08.279 --> 00:18:11.119 You can configure them manually. But Cisco also has a 375 00:18:11.160 --> 00:18:15.960 protocol called DTP Dynamic Trunking Protocol. It allows switches to 376 00:18:16.000 --> 00:18:18.880 automatically negotiate whether the link between them should become a 377 00:18:18.920 --> 00:18:21.640 trunk it's Cisco proprietary though, right. 378 00:18:21.799 --> 00:18:25.359 So we have VLANs for segmentation trunks to connect VLANs 379 00:18:25.440 --> 00:18:29.279 across switches. Now back to routing between VLANs. How do 380 00:18:29.319 --> 00:18:30.279 we build those bridges? 381 00:18:30.440 --> 00:18:33.039 Several ways? The old school way was to use a 382 00:18:33.039 --> 00:18:36.079 physical router with a separate physical interface plugged into the 383 00:18:36.119 --> 00:18:39.079 switch for each VLAN. One port for VLAN ten, one 384 00:18:39.119 --> 00:18:39.920 for VILAN twenty. 385 00:18:40.039 --> 00:18:42.279 Sounds inefficient, uses up a lot of router ports. 386 00:18:42.400 --> 00:18:45.880 Very inefficient, doesn't scale well. A more common method became 387 00:18:46.200 --> 00:18:49.960 router on a stick. Yeah, you use one physical router 388 00:18:50.000 --> 00:18:53.160 interface connected to the switch via a trunk link. Then 389 00:18:53.240 --> 00:18:56.319 on the router you create logical sub interfaces, one for 390 00:18:56.400 --> 00:19:00.039 each VLAN. Each sub interface gets an IP address in 391 00:19:00.079 --> 00:19:02.720 that VLAN subnet and understands the eight to two point 392 00:19:02.759 --> 00:19:03.759 one Q tags. 393 00:19:04.079 --> 00:19:07.039 Ah. So the single physical link carries tag traffic for 394 00:19:07.119 --> 00:19:09.759 all VLANs up to the router, and the router sorts 395 00:19:09.759 --> 00:19:11.559 it out using sub interfaces exactly. 396 00:19:11.640 --> 00:19:14.480 The downside is that all intervland traffic has to go 397 00:19:14.640 --> 00:19:17.200 up to the router and back down, sharing the bandwidth 398 00:19:17.200 --> 00:19:17.960 of that single link. 399 00:19:18.240 --> 00:19:21.720 It can become a bottleneck. Okay, better than multiple physical interfaces, 400 00:19:21.759 --> 00:19:25.279 but still potentially slow. What's the modern approach. 401 00:19:25.400 --> 00:19:28.640 Multi layer switches. These are switches that can also perform 402 00:19:28.720 --> 00:19:32.680 layer three routing. You create logical interfaces on the switch itself, 403 00:19:32.720 --> 00:19:36.839 called switch virtual interfaces or sviis SVIs. Yeah, you create 404 00:19:36.880 --> 00:19:40.880 an SVII for each VLAN like Interfaceland ten interface Land twenty, 405 00:19:41.119 --> 00:19:43.759 give it an IP address in that VLAN subnet, and 406 00:19:43.799 --> 00:19:46.960 the switch can then route traffic directly between VLANs at 407 00:19:47.039 --> 00:19:49.440 hardware speed, much faster and more scalable. 408 00:19:49.480 --> 00:19:52.680 So the routing happens right there inside the switch, right inside. 409 00:19:53.119 --> 00:19:56.160 Though sometimes on certain switch models, like maybe a Cisco 410 00:19:56.240 --> 00:19:58.960 twenty nine to sixty, you might need to enable a 411 00:19:59.039 --> 00:20:02.720 specific routing template and SDM template and reload the switch 412 00:20:02.759 --> 00:20:04.319 before it can do layer three routing. 413 00:20:04.480 --> 00:20:07.240 Good to know? And if things go wrong with VLANs 414 00:20:07.319 --> 00:20:10.680 or trunking? What are the usual suspects when troubleshooting? 415 00:20:11.039 --> 00:20:14.319 Often it's simple configuration errors. Did you assign the ports 416 00:20:14.400 --> 00:20:17.240 to the correct VLANs? Are the trunk links configured correctly 417 00:20:17.240 --> 00:20:20.799 on both ends? Same native vland, same allowed VLANs. Physical 418 00:20:20.880 --> 00:20:25.359 layer issues of course, bad cables, huh, mismatched VTP settings. 419 00:20:25.440 --> 00:20:29.279 VTP is a protocol for synchronizing VLAN databases, and if 420 00:20:29.319 --> 00:20:33.319 domains or passwords don't match, it causes problems. There's even 421 00:20:33.359 --> 00:20:35.680 a scary scenario where a new switch with a higher 422 00:20:35.799 --> 00:20:39.319 VTP revision number can accidentally wipe out the VLAN configuration 423 00:20:39.400 --> 00:20:41.039 on all your existing switches. 424 00:20:40.640 --> 00:20:42.160 If you're not careful. Yikes. 425 00:20:42.279 --> 00:20:46.759 Yeah, VTP needs careful handling and sometimes spanning to reprotocol STP, 426 00:20:46.880 --> 00:20:49.839 which prevents loops, might be blocking a port you expect 427 00:20:49.839 --> 00:20:52.160 to be working, and amber lade on the switch port 428 00:20:52.200 --> 00:20:54.079 is often a clue that STP is involved. 429 00:20:54.319 --> 00:20:57.400 Okay, let's to check there. Finally, let's wrap up with security. 430 00:20:57.519 --> 00:21:00.559 We have all this gear, switches, routers, how do wetect them? 431 00:21:00.680 --> 00:21:04.559 The absolute first step, often forgotten is physical security. Lock 432 00:21:04.680 --> 00:21:08.599 the doors. Network gears shouldn't be accessible to just anyone. 433 00:21:08.920 --> 00:21:11.920 If someone can physically plug into your core switch or 434 00:21:11.920 --> 00:21:14.480 console into your router, game over right. 435 00:21:14.559 --> 00:21:17.200 Lock the wiring closet, secure the data. 436 00:21:16.920 --> 00:21:22.400 Center absolutely, Then secure remote access. We mentioned SSH over telnet. 437 00:21:22.480 --> 00:21:27.599 Telnet sends passwords and plaintext. Big no no, Always use SSH. 438 00:21:27.319 --> 00:21:29.559 And setting up SSH requires a host name and a 439 00:21:29.599 --> 00:21:32.880 domain name on the device right to generate the crypto. 440 00:21:32.559 --> 00:21:36.240 Keys, correct, you need those configured first, Then manage your 441 00:21:36.279 --> 00:21:40.440 passwords properly. Use strong passwords obviously, and understand the difference 442 00:21:40.480 --> 00:21:42.119 between enable password. 443 00:21:41.720 --> 00:21:42.720 The less secure one. 444 00:21:42.839 --> 00:21:45.880 Yeah, it's stored less securely, potentially visible in the configure. 445 00:21:45.880 --> 00:21:49.039 If you haven't encrypted it, use enable secret instead. It 446 00:21:49.119 --> 00:21:52.240 uses stronger MD five hashing and always takes precedence over 447 00:21:52.359 --> 00:21:54.079 enable password if both are configured. 448 00:21:54.200 --> 00:21:56.759 What if you forget the enabled secret password locked out? 449 00:21:57.119 --> 00:22:01.039 Not necessarily, but it's a hassle as a password recovery 450 00:22:01.039 --> 00:22:05.039 procedure usually involves interrupting the boot process and changing a 451 00:22:05.079 --> 00:22:08.319 configuration register value specific to the device model. 452 00:22:08.880 --> 00:22:12.039 Best not to forget it. Good advice. What other basic 453 00:22:12.079 --> 00:22:13.559 security hygiene should be done? 454 00:22:13.799 --> 00:22:17.119 Use the service password encryption command. It applies a weak 455 00:22:17.200 --> 00:22:20.519 encryption to passwords like the enabled password and user passwords 456 00:22:20.519 --> 00:22:23.160 in the configuration file, just so they aren't sitting there 457 00:22:23.160 --> 00:22:26.920 in plaintext if someone looks at the configure. Better than nothing. Okay, 458 00:22:27.079 --> 00:22:31.200 centralize your logging. Configure devices to send cislog messages to 459 00:22:31.240 --> 00:22:35.000 a central server. You need logs for troubleshooting and security auditing, 460 00:22:35.279 --> 00:22:37.960 and make sure those logs have accurate time stamps right. 461 00:22:38.039 --> 00:22:42.160 Use service time stamps, log daytime, local time showtime zone. 462 00:22:41.880 --> 00:22:44.720 Exactly, which also means you need accurate time on the 463 00:22:44.720 --> 00:22:48.720 devices themselves. That's where NTP Network Time Protocol comes in. 464 00:22:49.000 --> 00:22:52.559 Synchronize your device clocks to a reliable NTP server. 465 00:22:52.480 --> 00:22:56.000 Essential for correlating events across different devices. Absolutely. 466 00:22:56.680 --> 00:23:00.960 Then there's SMMP simple network management protocol from monitoring device 467 00:23:01.039 --> 00:23:04.960 health and stats from a central network management station and MS. 468 00:23:05.519 --> 00:23:09.680 Understand the difference between SNMP traps which are unacknowledged alerts 469 00:23:09.720 --> 00:23:12.720 sent by the device, and informs which are acknowledged, making 470 00:23:12.759 --> 00:23:15.839 them more reliable but using more resources. 471 00:23:15.200 --> 00:23:17.240 And NetFlow how does that fit in? 472 00:23:17.480 --> 00:23:20.880 NetFlow is different from SNMP. SNMP tells you about the 473 00:23:20.920 --> 00:23:25.519 device itself, cpu load, memory usage, interface errors. NetFlow tells 474 00:23:25.559 --> 00:23:27.839 you about the traffic flowing through the device, who's talking 475 00:23:27.880 --> 00:23:32.000 to whom, how much data, what protocols invaluable for understanding 476 00:23:32.039 --> 00:23:34.920 traffic patterns, baselining and spotting anomalies. 477 00:23:35.160 --> 00:23:38.440 Okay, monitoring is key. What about locking down the switch 478 00:23:38.480 --> 00:23:41.519 ports themselves, preventing random devices from plugging in. 479 00:23:41.839 --> 00:23:46.519 That's switchport security critical for access layer switches where users connect. 480 00:23:46.839 --> 00:23:49.599 You can configure ports to only allow specific m mass 481 00:23:49.640 --> 00:23:52.400 addresses or a limited number of MC addresses. 482 00:23:52.119 --> 00:23:53.960 As it learned which max are allowed. 483 00:23:54.240 --> 00:23:57.400 You can configure them statically typing them in, or you 484 00:23:57.400 --> 00:24:01.640 can use stickymac. With stickymac, the switch learns the first 485 00:24:01.759 --> 00:24:04.519 a MAC address it sees on the port and automatically 486 00:24:04.519 --> 00:24:08.599 converts them into secure static entries in the running can fig. 487 00:24:08.559 --> 00:24:10.960 Convenient, and you can limit the number, like if you 488 00:24:11.000 --> 00:24:13.279 have an IP phone and a PC connected to the same. 489 00:24:13.119 --> 00:24:16.880 Port exactly, you'd set switchport port security maximum two in 490 00:24:16.880 --> 00:24:20.359 that case, one for the phone's data VLAN MAC, one 491 00:24:20.440 --> 00:24:22.480 for the PC's data vland MAC. 492 00:24:22.680 --> 00:24:26.039 What happens if an unauthorized device plugs in depends on 493 00:24:26.079 --> 00:24:26.920 the violation mode. 494 00:24:26.920 --> 00:24:29.559 You can figure the default is shut down. The port 495 00:24:29.599 --> 00:24:32.319 goes into an air disabled state and stops passing traffic 496 00:24:32.799 --> 00:24:35.960 needs manual intervention or automatic recovery to bring back up, 497 00:24:36.799 --> 00:24:38.880 or you can set it to restrict. It drops the 498 00:24:38.880 --> 00:24:42.839 bad traffic, sends an alert SNMP trap and counts the violation, 499 00:24:43.720 --> 00:24:47.039 or protect which just silently drops the bad traffic. No alert, 500 00:24:47.160 --> 00:24:49.599 no counter. Shutdown is usually recommended, and you. 501 00:24:49.559 --> 00:24:52.440 Can configure or disabled recovery to automatically re enable the 502 00:24:52.440 --> 00:24:53.279 port after a while. 503 00:24:53.519 --> 00:24:56.440 Yes, you can set timers for that other port security 504 00:24:56.480 --> 00:25:00.599 best practices shut down any unused ports administratively, don't leave 505 00:25:00.640 --> 00:25:04.279 them active, and assign them to an unused VLAN not 506 00:25:04.400 --> 00:25:07.720 VLAN one, and again change that native VLAN away from 507 00:25:07.839 --> 00:25:08.440 VLAN one. 508 00:25:08.799 --> 00:25:12.440 Lots of layers to security. What about authenticating the administrators 509 00:25:12.440 --> 00:25:16.039 themselves instead of local passwords on every device. 510 00:25:16.119 --> 00:25:18.920 Right For larger networks, managing local users on hundreds of 511 00:25:18.960 --> 00:25:22.839 devices is impractical. That's where centralized authentication comes in, using 512 00:25:22.880 --> 00:25:26.279 protocols like tech ass plus or Radius Rentoy. Triple A 513 00:25:26.400 --> 00:25:30.400 stands for Authentication, authorization and accounting. You set up triple 514 00:25:30.440 --> 00:25:33.599 A servers, often running tac ass plus serve, which is 515 00:25:33.599 --> 00:25:37.759 Cisco proprietary and uses TCP port forty nine. When an 516 00:25:37.759 --> 00:25:40.000 admin tries to log into a router or switch, the 517 00:25:40.000 --> 00:25:42.480 device contacts the tax as plus server to verify the 518 00:25:42.559 --> 00:25:45.599 user name and password, check what commands they're authorized to run, 519 00:25:45.759 --> 00:25:46.799 and lug their activity. 520 00:25:46.960 --> 00:25:50.519 Much more scalable and secure, central control way better for management, security, 521 00:25:50.559 --> 00:25:54.200 and auditing. Wow. Okay, so that really brings us full circle. 522 00:25:54.240 --> 00:25:57.440 We've gone from you know, basic hubs shouting everywhere, to 523 00:25:58.319 --> 00:26:03.680 intelligent switches directing traffic locally, routers navigating between networks. 524 00:26:03.799 --> 00:26:09.599 Yeah, understanding the language they speak ip amris arp NAT. 525 00:26:09.440 --> 00:26:12.200 How we organize them with vlands and connect those vlands 526 00:26:12.200 --> 00:26:13.720 with trunks and routing. 527 00:26:13.720 --> 00:26:17.839 And finally the critical steps to actually secure these foundational 528 00:26:17.880 --> 00:26:18.920 pieces of the network. 529 00:26:19.000 --> 00:26:21.039 It's been a real deep dive. The idea was to 530 00:26:21.079 --> 00:26:24.680 give you that shortcut, that solid understanding of the mechanics 531 00:26:24.680 --> 00:26:25.839 behind the scenes. 532 00:26:25.839 --> 00:26:29.920 And hopefully knowing this stuff isn't just you know, interesting trivia. 533 00:26:30.039 --> 00:26:32.240 It really helps when things go wrong, when you need 534 00:26:32.279 --> 00:26:34.359 to figure out why you can't reach something, or when 535 00:26:34.400 --> 00:26:37.279 you're planning how to expand or secure your own network. 536 00:26:37.440 --> 00:26:40.759 It empowers you, really gives you the foundational knowledge exactly. 537 00:26:40.799 --> 00:26:43.559 So as we wrap up, we've seen how these core 538 00:26:43.640 --> 00:26:48.920 networking ideas have evolved, but some fundamentals seem constant. Here's 539 00:26:48.920 --> 00:26:53.359 the thought to leave you with. With everything changing so fast, 540 00:26:53.799 --> 00:26:57.680 AI quantum competing on the horizon, what's one fundamental principle 541 00:26:57.720 --> 00:27:00.440 of network communication? Maybe something we touched on today that 542 00:27:00.720 --> 00:27:02.519 you think will always be critical no matter how the 543 00:27:02.519 --> 00:27:06.720 technology itself transforms. Something timeless about how information gets from 544 00:27:06.720 --> 00:27:09.880 A to B H. That's a great question to ponder. 545 00:27:10.160 --> 00:27:13.119 What endures something to think about thanks for joining us 546 00:27:13.119 --> 00:27:13.720 on the deep Dive