How-to Design and Configure a Home or Small Office Network

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi welcome to my latest video well this one is going to be really the culmination of two other network videos that i've done recently the first one that i did was sort of detailed it was talking about how to set up subnets anywhere from a small to a rather large network that i illustrated in that video the second one is a review an initial introduction to my new asus router and i think i did say in the other one that i was planning on using some of that information and configuring my new router from my home office well this is the video where it's going to be done first i'm going to go through specifically the part of the theory in a little more sort of layman's terms to go over how i'm going to establish the subnet and what my purposes are and some of the other ancillary configuration that's going to go along with it and then if you stick around towards the end i'm going to take this router freshly initialized by setting the reset button completely just the way you would get it if you purchased it and you took it out of the box and i'm going to configure it the way i want my network to be so you get a really good idea of both the theory and how that theory is put to use so stick around towards the end of the video so you see how the whole thing works let's now get into some of the theory that i want to cover in how i'm going to set up my new network at home i'm calling this the home office and small office network discussion let's start off with a topology the first choice it is a standard internet cloud connected to a modem usually in your home or office and then connect it up to your router now the router could be provided by the isp the internet service provider or it could be one that you bought like i've done i think i'm now up to my fourth one you know for this particular configuration it's given an outside address now this is an address assigned by the internet service provider which you have very little control over you have to know how they've set it up so you have to configure certain parameters in the router in order to get it set properly but you have no choice in what the number is going to be that's an address range that is owned by the isp on the internet but you can assign the inside addresses and what i've assigned to this particular router is 192.168.30.200. and you'll see how that's derived in a few minutes i've also chosen a subnet mask the subnet mask of 255 255 2550 means that we have a total address space that includes 256 addresses amongst which 254 are usable as i'll explain in a little bit then you have any number of pcs connected up directly through hardwire that's what i'm illustrating here with the blue lines up to your router in this case i have two desktop computers and i have two laptop computers and they are hardwired up to that particular router now i'll get into what the addresses mean in a moment but those are also address ranges within an address range that i've selected in this case we also have a lot of wireless devices it could be an all-in-one computer it could be ipads it could be phones it could be anything like that i have down the bottom right there actually point-of-sale terminals for example if you're a small company now the address has come out of a range as i said which we pick and i'll show you how to pick that later when we set up the actual router because you can define what the minimum and maximum address range within your allowable addresses of 254 which ones of those will be automatically assigned by your router when something is connected point to note here though two of these are not automatically assigned the ones i have in green the two workstations the two towers here those have been statically assigned in the router and i'll show you how that's done when i go into configuring the router in a few minutes all the rest were picked through the dhcp a special service that's running on your router that will dish out addresses that are requested by a newly connected device now let's look at private address ranges there are three of them talked about them in a lot of detail in a previous video so i'm not going to get too involved here but generally the one that starts the third bullet here major bullet 192.168.0.1 that particular address range is the most common one that comes on routers you buy for a home or a small office pre-configured there's an address range in it when you first turn it on that's usually in that range the middle one the 172.16 that's usually for slightly larger organizations because it gives you more addresses whereas the 192 dot range gives you only 65 000 and change the 172 range gives you over a million and if you're a really large organization you would use the 10 dot and that would give you over 16 million addresses you get to choose any of these you want when you go to assign your network addresses but you know usually people stick to the 192 or like i like to do you go into the 172 category it's sort of a little more secure because that's not one that's expected by someone that's trying to get into your network and as i said before all of these are private which what means it will not pass through your router to the internet the router will make a conversion a network address translation or nat which will change your internal addresses to something that looks like the outside address the one provided by your isp so just keep that in mind it's getting a little bit in the weeds but it's an important concept to understand as we start to configure this now let's break this down a little bit more the four different numbers here are called octets and they're called that way because they have eight bits of binary which is octal right eight is oct and since there's four of them each one has eight bits a total of 32 across the board then each one of these is one octet or one quarter of that 32 now that's defined each one of these by the binary table so all the way to the right is the weight of one so the zero in all these cases over here if it were set has a value of one go bit all the way to the left which a couple of them are set the 192 has it set and the 168 has it set that represents a value of 128 whichever bits are set you just count those numbers up and that will equal the address or you could use a calculator that converts decimal to binary or you could just go on the internet and say you know how much is 168 in binary and it'll give you those eight bits now let's talk about the subnet mask now this is sort of a little bit convoluted explanation but i'll go into a little more detail it is used to define your range of usable addresses that's the bottom line to it and you can define your range of usable addresses as the whole chunk that you initially wanted to or as i mentioned in my other more detailed video you could break it into smaller networks but i'm not going to cover that in this video the most common subnet mask for small businesses and homes is five two five five zero like i said earlier and that gives you 254 usable addresses since the first one the zero is used to represent the actual subnet address so when you're asked for a subnet address you always end it with that zero at the end in the case of this particular subnet map if you want to do a broadcast to every device on this network that's what the 255 is for so if a message is sent to any address networking the network address in our case would be 192.168. and then we put 255 at the end that same message will go to every device on your network you don't normally do that but the devices that you connect to it might so just keep that in mind we have that's why it's a reserved address range in most cases let's look at this in breaking it down a little bit we saw this earlier this is the actual network address that i chose and we broke it into its four octets in binary when you look at this though the way it works the first 24 bits represent the network address the last eight bits represent the device address and that's determined by your subnet mask as i described earlier and it's done that way because two five five two five five two five five zero it sets all ones to the left the first 24 bits and the ones that are left zero all the way to the right well they become what's left over for your addresses for your devices that are on that network so part of it is your network and the remaining part of it is your device address the network part is fixed it'll always be that number it does not change this is also referred to as a slash 24 because when you convert this two five five two five five two five five zero into its octets and binary you have 24 bits that represent the address so a shorthand notation as i explained in another video in a lot more detail it's calling it a slash 24. the actual address range you then have by picking this assuming that the only thing that's going to change here is the host address part the last eight bits then it'll start off at 192 168 30.0 that's the lowest address in the range up to 192 168 30.255 which is the broadcast address the two ends are not usable but all the ones in the middle are so this gives you the actual usable address range when you've defined it so it starts off at 30.1 and goes up to 30.254. i'm leaving out the top two act that's just for simplification purposes what i want to show you though is a second alternative subnet breakdown and this is the one i'm most likely going to use in this one we actually have the same network address of 192.168.30 however and that would represent the address i'm changing the subnet mask to 255.255.254 and what that does for you if you look at what i have now highlighted in green and red is we only have 23 bits for the address because i have 254 that last bit in that octet is not one it's zero as shown here in the subnet mask by doing that it rearranges the address part and the device address part so now we have 23 bits but we have nine bits for the actual devices what that'll do is double addresses for devices rather than having 256 we now have 512 again though minus the two it comes out to 510 which is you know more than double the address space that i had before with that one little change of the subnet mask and the new range of all addresses is 512 with the lowest being the dot 0 but 30.0 and the highest being dot 31.255 now we set that extra one bit there because now that one's in play so if that one gets set it covers the other half of that 512. again subtract the two we have 510 which will then result in a total usable address range from 30.1 up to 31.254 and if you add that range up it's kind of hard to do the math it's not normal math here fact that we set one automatically gives you 256 and then we add to it another 254 that comes out to 510 addresses so this is important to understand just by changing that one bit how it changes things around i could take this even further but now we've got to be careful because the address is actually using some of these other bits if i wanted to make it let's say 10 1024 addresses i would have had to pick a different address than 30 so that this bit would not have been needed so i could have made it 28.28 would have worked fine rather than 30 and that means that this bit would have been cleared for the address and then i could have used it for more devices as one example this is the tough part of this and you'll see in practice as i set it up on the particular router a little bit later now one thing i do want to cover is in addition to setting up the addresses in a particular group which is much larger in this case 510 addresses i want to reserve certain groups of those addresses and that's what i'm showing here i'm going to do something very specific now a lot of this is just documentation and then i have to follow through in that documentation when i configure the addresses on the devices and i configure the router the only part that i really have to tell the router about though out of this is what is my dhcp address range and i'm going to tell it this is again based on the previous example i'm going to tell it that my dhcp address range will start at 030.002 that's the lowest address that can be given up of course it still has the 192.168. but then it'll be 30.2 that'll be the low one and the highest will be 31.199 that'll come out if you did the funny math then you get 453 addresses available for your dhcp ranges that's a lot more devices that are available to me for dhcp but a lot of devices are indicated on the initial example i am not going to use dhcp for those i'm going to hard code them i'm going to make them static addresses and i've chosen groups of addresses for doing that so starting at dot 200 or 31.200 and going up to 31.209 a 10 or there's 10 addresses in that range that's where i'm going to put my switches and my routers i have more than one so i'm going to assign those addresses in that range to those devices they're not going to be drawn from dhcp i'm going to do it static hard-coded i'm going to do the same thing for my servers i set up a range of doc210 to dock 239 or a total of 30 addresses those are going to be my servers that i have in my network don't have that many now but someday i may and i'm gonna do the same thing for printers i actually have two printers right now but i'm reserving space for up to 14. will i ever use it probably not but this gives me some flexibility i know now that i'm organized in a way where i always know where to look for printers i always know where to look for servers i always know where to look for the switches and the routers and the dhcp will then have this range to dish out to any device that doesn't have a static address assigned to it it will not touch any of these addresses because they're outside of this address that i will tell the router what i've also done is i've reserved the very first address that would have been usable 2.001 the 30.001 to be specific i'm leaving that unused that is the reason i'm doing that that's for security purposes that's why i put my switches including my router itself up in this address range starting at 200. i don't want somebody if they somehow get some information about my network to look at the first address because if everybody does it and the routers themselves of default to it if you pick a network address of like i did in this case 30.000 then it puts the router at one well you can change that it doesn't have to be at one so i am going to put it at a high address so that it's not obvious it makes it a little more difficult for somebody to try to understand my network and then hack into it it's just a personal choice based upon the fact that i'm a security person by heart and by training as well early on in my career so anyway this table here is how i'm doing it you could do it a million different ways now let's look at the new topology that this will cause i'm calling it topology number two we have the same thing the internet cloud we have the modem we have the router we have the same outside address we have the same address with one difference for the actual router it is no longer 30.200.31.200. i'm pushing it into the upper 256 addresses that i have available based upon that table i just showed you the subnet mask and i've highlighted in red the things that i've changed from network topology number one example that i showed earlier so it changed so 254 is a new number the same thing here well the two devices that are the laptops that are pulling from dhcp it's very likely there's no guarantee that those addresses will be assigned i'm just making a guess that since these two laptops are dhcp those are addresses they could get because that's within the range of dhcp addresses however the two servers that i have here the two workstations excuse me they are going to be at 31.210 and 31.212. now how do i know that because i'm going to set those addresses in those devices they're not going to use dhcp to get their addresses they're outside the range as well for the dhcp and so i hard code those in let's look at the other devices that i showed earlier well now just by pure this could happen there's no guarantee they could be down in the 30 area as well i put them all at the 31 because the dhcp address range has now extended into that 31 part of the overall address range now let's take a look at a common network topology based upon this and this is going to be very close to what my network looks like you have the internet you have a modem you have a router they're in that order connected then i have a switch a main switch with 28 ports on it of course the router is going to have the same address as i said earlier the outside address is going to be assigned by the isp the inside address is going to be assigned by me hard coded as 31.200. the router is then going to be connected to one of the ports on the switch it's basically going to allow me to have that many more wired connections within my home office because i have a lot of wired connections here 24 sometimes doesn't even make it i also have a smaller router now i showed one here that is also wireless it doesn't have to be wireless it could just be like the one that i put in for real which is the the zycel one which has an additional 12 ports on it but i have a 10 gig connection going between my switch and my studio so that i have local connections within my studio address wise this switch has is manageable so it's going to be given the address against static of 201 and this small switch here in my studio is given the address of dot 202 so this is just an example of how they all would would be in terms of the within the device range right this routers and switch area that i've defined earlier in that table now let's go ahead and let's take a look at the configuration of the actual router the asus ax89x what i've done is i've reinitialized my new asus rt-ax-89x router and these are the addresses that it came default with out of the box except for the lan ip address that's an address that it pulled from my local network because this device now thinks my local network is the isp as i showed in my earlier video i also defined however the network ssid names for wireless both 2.4 and 5 gigahertz and i've set up the admin name and the password for admin to this so those are the only things that i've changed everything else was automatically selected by the router in its default configuration which i will now change let's take a look at the client list first this is the dhcp i have one pc connected to it which has the name test 11 and it assigned the address of 168.50.64. that was an automatic assignment because that pc is set up to get its address using dhcp it does show that the interface is wired now let's take a look at some configuration of this and we might change a few things first of all i suggest you go into traffic analyzer and make sure that that's turned on by default if you look here traffic analyzer is off it doesn't use that much resources and it comes in very very handy so if we click on this it turns it on i have to agree to what it's going to do that's fine i'll agree and it's now set up now going forward i will have a history of the actual traffic that's going through here hour by hour by device that actually is connected to the router and you know we'll see what it looks like toward the end and see if we pick up some of this i then want to go ahead and open up the the area called the open nat so in open nat i want to show you something this actually shows the network address translation as i mentioned earlier in the first part of this video where the internal addresses in this case the 192 addresses get converted to something that looks like my isp address in this case here a 172 address range but look at this particular router has it knows that it has to get certain ports passed through it actually creates pass-throughs for certain ports depending on games this is a gaming router and it has these games already connected to it and it knows what it has to set up for these games to function properly these games will work very well because the changes needed to the router pass-throughs will be set properly and you can add new ones to it as well i just wanted to show that that's something that's a nice feature of this router if you're into gaming now the next big one which is going to spend most of our time is in the lan tab down here so if we open up the lan tab the first thing that we will see here is a host name now this is the default host name you can change it to whatever you want though all you have to do is highlight it and overwrite it so let me change it to uh dr dash router 1 just in case i get a router 2. but i also want to change the ip address i don't want this address remember what i designed on my particular configuration i want this address range to be 192.168. that's fine but i want to change it to 30. that's the network address that i want and the ip address it's asking for here is the actual ip address i want to assign to the router itself which is a device and as you recall from my example what i assigned that device to device 200 but i'm going to make it so that we are a net mask of 254 not 255 because i want to get the 510 addresses so i'll change it to four and those are the changes i want to make to this particular part of the land tab the router will automatically know that i am setting up a 512 address range and since i gave it the mask of 254 it will know that 30 has to be included in that it's a little bit of a trick but it's based upon those bits that we broke down earlier it knows that the dot 31.200 when i have a 254 mask has to be in a range that starts at dot 30.0 so let's see what happens when i hit apply it's giving me a warning that it may move my router around and i may have to re-login and i may have trouble finding it but we'll find it because we know what the address is click ok and now we have to wait takes a few seconds to go through and apply these changes it's reconfiguring internal configuration files of the actual router itself and then we'll see what the result is at the end it's telling me that the router is now at 192.168.31.200. so if i go ahead and click on this it may find it or i could just come back up here and go back to this router.asus.com that's a name given that it will automatically be able to find it and there we are i'll have to relog in of course and i've signed in now a lot has changed you don't see it at first because the ip address that's given by the isp stays the same but almost everything else has changed in terms of addressing let me start by looking at the client list we should have one client out there may take a few seconds for it to identify it but let's see what addresses assigned to that client now it's at 192.168.30.119 it picked totally different address for the same system because it has a different address range to deal with now if you looked at the mac address that did not change because that's hard coded onto the network adapter that's built into that pc if i take a look at the lan what do we have here that 168.31.200 is my particular ip for this router and the netmask is exactly what i wanted so and take a look at the dhcp server now i did not look at that before intentionally we saw one of the addresses that it assigned but let's see what it has there now it has a starting address of 192.1 which is good that's where i want it to start but look what it did it went all the way to the end dot 31.254 it basically only excluded the dot one because that's automatic it assumed based upon whatever table they drew this default configuration from that the dot one is going to be used as the ip address for the router but it's not in my case and i guess the logic in here is not smart enough to realize that i put my router at 200 it's shown up here but obviously it didn't account for it there but i'm going to fix that so the address range that i want does start at dot 30.2 however it ends at 31.1 because i have all those reserved addresses starting at 200 to the end address that's available to me of 254. let me go ahead and apply this see if it makes me log in again and of course it makes me log in again i wasn't 100 sure but there it is let me log in now it shows the new pool it starts at 30.2 and it ends at 31.199 and as i showed in the table earlier that gives me a wide range of dhcp addresses that includes 453 different addresses if we go back to our network map in the front and we take a look at the one client that i have connected here it happens to be the same address it didn't see a need to have to change that one so it's still 30.119 if that address had been outside of the dhcp range then it would have had to reassign it so that the pc itself would have gotten a new ip address a new dhcp ip address but it wasn't needed in this case now let's look at a couple of other things in here let's go back to the dhcp server under lan dhcp server and let's take a look at something called enable manual assignments this is a special case right now it's off whichever one looks dark in the center is what's been selected so the no is set let's say i wanted to assign a fixed address within my dhcp address well i can do that i could have left that thing to go all the way to dot 254 and then i would have had to enter every one of my devices that is hard coded into this table you get to pick the device it actually sees the test 11 as the only device you can choose from and i can assign an ip address to it and i can also change its host name to something else and if i wanted to change its dns server domain naming server i could do that that's not recommended at all and then i would i could add another one and another one and another one it's a very manual drawn out process and i've hit if i did that i would hit apply and it would then exclude those from the assignment of the dhcp those would be skipped any ones that are in that table i did it differently i stopped the range early at 199 and then i through documentation and you know the actual uh process i will use i will assign the addresses above that myself and the fact that the dhcp stops at 199 it will never interfere with the ones that i manually create above that address i just can't go past 254 because that is the maximum for the net mask that i've chosen now let's take a look at one more thing here in this lan area called switch control this is important this has the ability to control my special ports on this router this is not covered in the manual that's why i wanted to cover it here so you will see things like the 10 base t which is the rj45 connector and you have the that's 10 gig and we also have the 10 gig for the sfp so there's two more port on this particular router right and i can assign them to special things here for example i can assign them to a particular speed i can bring them all the way down to one gig if i wanted to or i could fix them at 10. i want to fix mine at 10 because i will be using them only at 10. so i'm going to sign both of them and of course the sfp can only go 1 or 10. it can't handle the 2.5 and the 5 that can be handled by the other port but the fact that these are left off i just wanted to cover them here i would then of course apply that it's probably going to log me out again [Music] i knew it was going to log me out again because i saw it reboot you can tell by the lights on the router that it's rebooting when all the lights go off it disconnected from my other switch and then it came back up again and we're back up now those two ports have fixed at 10 gig those are all the changes that i needed to make now this router is ready to go let me see if it caught anything in the traffic and not analyzer and it did we got activity for the last hour only on that one device test 11 and we could see the type of stuff that i did i did a lot of http protocol because i was talking only with the switch through http i had some secured ssl i had some general access i had some microsoft teams for some reason and microsoft.com got called in i'm not sure why all those different ones i could get the full list by clicking on more and i could see all of the stuff that i had there was a dns activity and and several other things that were done by this one pc so i just wanted to show you that that is something that we get when we use it and we have this function enabled well that covers it for this video until the next time [Music] you

Info

Channel: PE4Doers

Views: 43,282

Rating: undefined out of 5

Keywords: ASUS RT-AX89X, Home Network Design, Home/Office Network Design, How To for Small Networks

Id: Y1LZhNIJxq4

Channel Id: undefined

Length: 28min 35sec (1715 seconds)

Published: Sat Mar 12 2022