Subnet Saturday #8: VLSM | Cisco CCNA 200-301

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] [Music] [Music] and welcome everybody to subnet Saturday it's 11:00 a.m. Pacific time here on the Pacific time zone it is so good to have you here if you're just joining us Oh for pete's sake welcome aboard great to have you and what we're doing is we're continuing a journey together through the world of CCNA and also on Saturdays for allocating it just to subnetting ipv4 subnetting one of the coolest topics ever also one of the most important things to be aware of and understand how to do if you're working with computer networks especially when it comes to troubleshooting so our objectives also yeah we're gonna talk about vlsm the objectives of why it is and why we need it I'll give you some concrete examples and then we're gonna leverage some of the tools that we've been learning up to this point and actually do an example with vlsm and as we do that you'll see two things one okay I get why it's required and two based on all these previous videos in this subnet Saturday collection I can do it and that's our goal for today is to understand why and also be able to do it in measurable terms also after we cover vlsm I'll stick around as usual and we'll do some Q&A if you have any questions regarding CCNA related or specifically vlsm or IP addressing bring them save those for me if you want to see them too Liam also I'm looking at the queue here there's a bunch of really great people in this room right now willing to help and answer questions and so to everybody the moderators thank you very much and also those people are just helping out other people and answering questions I'm so glad everybody's here some of some of us are here to learn and some of us are here to teach and one of the secrets is when you teach other people what you know it helps reinforce that in your own mind and it's a win-win which is my philosophy in life these days if it give me a win-win it's a good thing so let's do this let's imagine that you and I have been given have been put in charge of a branch office and let me bring up a topology in the branch office would look something like this so here in this branch office as I move my mic over so I can still be heard I've been told rumor has it that it's good to be heard occasion so at this branch office and we could have bring out this pin maybe we have a corporate office over here here's corporate and they've got the corporate headquarters and then they're connected via some type of network connectivity over to us and this is our branch and what they've told us is this hey you Keith in you if you do me a favor and make all of these IP addresses in your network at this branch office fit and be within this address space of 10.67 80 3.0 with the 24-bit mask so we might ask the question because we're curious right we're always curious hey what's going on at the corporate office there what kind of addressing schemes are using there and how about other branch offices and are you doing summarization and all those questions will be answered as you and I continue subnet Saturday so for this discussion we're just gonna focus our attention on this branch office right here and we've been asked by corporate to make the addresses space here and that IP address space of 10.67 83 so here's what we might do we might say great we can we can do this let's first of all identify how many networks we need now if you're new to the subnet Saturdays there's also a collection a playlist that I put on my youtube channel that makes it easy to find it and just go through them in order it's important to not try multiplication and division generally speaking if you don't understand an addition of subtraction first so that's where we are in this point so you can enjoy the video if you're brand-new glad you're here and I also encourage you to go back and backfill so when you get to this point the second time you say oh I get it block size oh I get it finger game because we're gonna use all those techniques so starting off we'll identify our networks there used to be a sign at used to work at Paramount Pictures back in like 93 94 and I managed a team of technicians but the programming department there they had a sign on the wall it said you start coding writing the software and I'll go see what they want and it's a joke because we should find out what is needed first before we start you know creating something like which building do we put the ladder on before we start climbing so let's imagine we have a few networks and we say well in this network topology here at the branch office we've got several networks let's just label this is a hanging off of gig 0/0 and network B will call that B this network between r1 and r2 and I've drew in a few switches but just imagine that off every routed interface there's a switch or two and there's devices that are all connected and then right here between r2 and r4 it's a directly connected network but that is a network so we'd need a network address there see so so far what we're doing is we're identifying how many subnets we need to create we've been given one major Network we need to go ahead and figure out okay how many subnets are we trying to create so so far we have three a B and C and then we have this link between r1 and r3 that would be D and between r3 and r4 that would be e and over here gig zero zero off of our for which bf let's see a b c d e f let's imagine for purposes of discussion that we need to create six subnets so we're like okay a little reminder here let me go to the big screen a little reminder if we have a mask of 24 bits that's what's given to us that's our starting point and we need to create six new subnets how do we we're going to grow the mask the mask which is 24 bits now is going to be something longer because whenever we're doing custom subnetting were making the mask longer which means we're taking away from host bits and we're using that additional length to help carve out individual subnets sort of like a huge elm street and instead of using just one street name like Elm Street we're gonna carve up into smaller streets like Elm Court LM way LM lei I'm Lane and so forth and so when we do that with custom subnetting we are going to make the mask longer now the question is how much longer do we need to make the mask it's a 24 bit mask now we need six new subnets how many additional bits above and beyond the defo above the what we're given that's 24 doing e so we think it's a quantity question and here's what I remember Keith and us talking about in previous sessions is that whenever there's a question of quantity how many bits we're gonna do this put your thumb up and on the back of your thumb there's a number but I want you to think about what that number is you've been with me through these previous two or three sessions for subnets Saturday you know that on the back of that thumb without digit there is a two so our fingers represent bits we start with two and then we simply go to the number we need now we need six new subnets and the question is how many bits do we need to get there so you put your thumb thumb up in the air and say - not enough we need six you'd put another digit in the air and you see double that for still not enough you put another digit in the air 8'o what that works we can have eight new subnets by just dealing three additional bits and making the mask three bits longer so that's a little bit of review from what we've covered before so our mask which was slashed 24 is now going to be a slash 24 25 26 27 so our mask is give me a slash 27 so let's pick up that game and let's take it to our topology and let's do it so here in our topology if the mask it was 24 and now let's give me a slash 27 let's carve out the subnets so a b c d e f that's our six subnets okay so far so good so our first subnet and this is this is an easy part of starting this is that the first subnet with a longer mask looks like the parent network meaning keith the tougher the network were given as 10 67 83 0 with the 24 bit mask and what that means to us is that the first network is going to be 10.67 dot 80 3.0 it looks i tentacle except for the mask which is gonna be 3 bits longer which is this last 27 so there's our first subnet and my question for you is how do we know what subnet B is so if you want to chat that in that would be awesome but like the first subnets easy it's we identified the mask it's this last 27 3 bits longer because that'll give us eight possible subnets 2 4 8 that's still true but what's the next what's the next subnet gonna be there was a there was really cool it wasn't a circle technique it wasn't a rectangle technique what was that and if you're saying Keith we're gonna take the block size and you just add the freaking block size and that's the next subnet so as you recall the the block size is the last bit that's on in the mask so up here I'll use a slightly different color if this is the third octet and thanks for the feedback in the chats by the way just the third octet and now we're dealing with the fourth octet if it's a twenty seven bit mask it would look like this I'd have 24 bits on all the way up to this point and then 25 26 27 no hi math here and then there's the dividing line and everything over here would be host bits available for host addressing says the mask as I put too many zeros in there all right zero zero oh no that's five zeros yeah so I think there we go so there our mouse could be like that so be 23 24 bits from the first three octets and three from the last octet beyond in the mask and then our block size is 32 and its peak yeah nailed it you guys are rocking it's 32 is the block size and so we're gonna do is take that block size and say well the next subnets gonna be 10 67 83 just using little markings to indicate the first three octet so we're never gonna change here but the last octet is going to be 32 and that's gonna be slash 27 also great and then what's the next subnet gonna be and you might be thinking well Keith you mentioned earlier in a previous subnet Saturday session that we're just gonna keep adding the block size just add the block size add the block size out the block size for each of your subnets that's true so for network C it would be ten sixty seven eighty three dot and then add the block size which hasn't changed till 32 so 32 plus 32 is 64 and it doesn't matter what level of math skills you have or don't have if you ever have a question you can always just do it manually if the current subnet is 32 and you want to verify what that is twice just add them up four and then six great 64 it it just doesn't matter if you want to do it longhand just to verify after you've worked with IP addresses for a few years or a few months even you might have some of that memorized but just do the long math if you need to all right so that's subject 64 and then subnet D would be this this this and then add the block size 64 plus 32 more is 6-9 and that'd be 96 we're doing great and then the next one would be plus 32 more which would be 8 & 9 plus 3 is 12 so 128 so that'd be at that 128 and then for our last subnet it would be plus 32 more which is gonna be 8 plus 2 is 0 well 8 plus 2 is 10 hang in there with me carry the 1 and then this would be 6 and then be 1 so our next subnet would be 10.67 to a 3.1 60 and it's important just to make sure that every sing in the same song about the mask so we don't also include the mask so that mask I / 27 and dotted decimal would look something like this 255 dot o don't want to write over my face it's like it might be an improvement Keith the math the masking dotted decimal would be 255 which means the first 8 bits of the mask are on the second octet for the mask would be 255 which means the second 8 bits of the second octet all those bits are on in the mask and the third octet of 255 means means that I'm excited about writing 55 means that the third octet in the mask or all on so up to that point that's 24 bits and then for these three additional bits we just take 1 28 plus 64 plus 32 do it longhand or you can memorize those after a while but it'd be 224 so a / 27 or this mask and a decimal means the same thing and then in addition what we can do and this is pretty cool good reminder you erase this for a second is we could go ahead and we could calculate the range of the drug ranges of addresses and and here's why that's important we might want to set up a DHCP server with pools of addresses and those pools of addresses would be the range for each of those subnets or if we wanted to assign the IP addresses manually on a server or on a router interface we'd want to know what those ranges were so we could pick an IP address from the correct subnet so because we have these six subnets already listed it's pretty simple to go ahead and just identify the ranges it means simply starting with one and and going almost all the way up to the next subnet and that's the magic so it goes something like this for this subnet 7 today it would be I'm just gonna go for the last octet so the first 3 octets are gonna be 10.67 83 that doesn't change that stays the same and the last octet here for the host range will put range here host range it would be dot 1 for the first host on that subnet and then here's the challenge if we used dot 32 for that you know as I try to as the IP address in that subnet that's the address space for the next subnet so we can't you can't it's like you can't go to your neighbor's house and just say hey I live here too it's like no you don't this is my house that's your house and that's the same thing with IP addresses IP addresses are gonna be in a certain range so this range would go from dot 1 all the way up to 31 and I'll put that here and that is the broadcast address for this subnet that we're looking at so the range would be starting with 1 and going up to the next subnet minus 2 which is because the last IP address is the broadcast address the last useable address which is gonna be dot 30 in this case is what you could assign to a host now this is a fun trick up not trick this is a fun game if you tried to go to an interface on a computing device that supports IP addressing and you said I want your IP address mister Windows PC mister Linux PC mister router interface I want your IP address to be 10.67 to a 3.31 with that / 27 bit mask it's gonna say ant not a valid host address it knows like immediately he's like who told who told you those darn computers superfast all right so the next subnet 32 would start with dot 33 so dot 32 was the actual street name like Elm Street and dot 33 represents one bit on in those host bits the first bit on and that would be the first valid host address on the 32 subnet and the range would be all the way through 64 minus 2 and that's because the next one minus one would be the broadcast address and that would make it all sideways here yeah I need to raise it up a little bit the sight line goes up so dot 63 would be the broadcast and the range would be dot 33 through dot 60 62 and that would just continue and then you could know that now we had a session on routing yesterday oh I take it back today Saturday in our last livestream we had a session on default routes now that was two sessions ago it's all a great blur for me it's all a lot of fun in this in the last session that we had on why do routes have to win twice that was it we looked at the routing table and we were able to determine okay based on the longest match which route would be used and this is the technique that we could use to do that so if we had several routes we could actually plug it in IP address and see what range they fall in and then determine that so this game continues on now and we can just follow that same logic all the way down now there's a huge that's a huge I would say pretty big problem with what we just did and that is so we rushed back to headquarters we say great we have six custom subnets and we actually have room for two more we only use six and we're all good to go and then they said well did you plan for how many hosts you need and we might say what wait wait hold the phone what do you mean did we plan for how many hosts we need and they said well on one of those subnets at the branch office they're gonna need to support 80 hosts so we look back at our notes which we'll do right now and we say to ourselves houston we have a problem and here's the problem we only have this many host bits available 1 2 3 4 5 and so my question for you is if we have 5 bits available for host addressing how many possible hosts can we get out of that it's the finger game again for quantity so let's do that together and I'll put myself I'll gonna leave myself on this little camera and let's do the finger game together and with 5 bits for host addressing put a thumb up in the air and say - we're looking for 5 bits that's where we're going so 2 4 8 16 32 so five bits gives us 30 - oh no and then you have to subtract you because you can't use the actual network address and you can't use the broadcast address so with five bits for host addressing we could only support 30 devices and corporate says so we go to corporate well we can't support you know the IPV phones or whatever whatever this device is you needed in that first VLAN and they're gonna say make it work and with what we just did which is using the same exact mask across all networks we're wasting IP addresses first because some of those subnets may only need five IP addresses or ten IP addresses some may need 80 and what we've done here and when we go ahead and draw this out this is why I put a piece of pizza on the the banner for this session was because what we just did is this we created eight new subnet so this is the parent Network 10 67 83 and what we did is we have the ability now to divide that into eight so network a b c d e f that's all we needed and then we have a couple other subnets that we aren't using an art apology yet but we have room for but each of those subnets only support 30 hosts each so that's like an equal distribution and if we need 80 hosts here and we need ten hosts here they're based on how we carved it up it's not gonna fly we just we don't have enough host bits in that subnet a so here's what we're gonna do to solve the problem what we're gonna do is we're gonna do a slicing of the pie think of the whole network 10.67 dot a320 with the 24 bit mask that as one large piece of pie that add that address space and what we're gonna do is we're gonna carve it up but instead of doing equal slices we'll carve out some bigger subnets for the benefit of networks that need more hosts that's it and for subnets that don't need as many hosts like five or two we'll just make teeny little slices and that's all done by using a different mask at different points in the network you might even call it varying the length of the mask so we'd have a shorter mask for networks that needed support like 80 hosts and longer masks for networks that need to support two or five or ten hosts so we need a cool term for that let that cool term be that cool term might be variable length subnet masks that's what it means and it's it's it's important because we do have to have situations where we can make it work and not waste IP addresses and so I'd like to do is take our knowledge that we currently have a block size which either you have already or you're gonna go back to the playlist and come to speed with that and also the finger game for quantity and I'll show you and we'll walk through together on how to configure a very linked subnet masking to make it work so that was our two goals by the way one was to understand why we need it because in this scenario we don't have enough address space for hosts and secondly how to do it which is coming up so let's clear this board I don't all that work oh my heart goes head love is like all that cool stuff that was on the board gone and let me bring up a tool that we can use also that can help us in this discussion and here's that tool right here and just thinking through this for a moment all right so one of the things that we'd want to do before this is important before we just go out and start carving out subnets here's a new subnets Oh not enough room for a host so sorry first thing we'd want to do is identify how many subnets we need and and how many hosts are supported are do we need to support on those networks now IP addresses for a subnet there's a good chance we're gonna overlook a few by default router interfaces they need a valid IP address in those subnets IP telephones if you have a VLAN for phones they're gonna need IP addresses and probably a lot of them the Internet of Things devices they're gonna need an IP address things like cameras and refrigerators and other things that may be internet connected or network connected to your network things like printers printers if their network based printers are gonna have an IP address other devices certainly a wireless networks where people are joining you might have tons and tons of devices that are trying to get on the network and we need to plan that out in advance so we make sure we have enough space host bits available and the range of addresses that the expected number of clients or devices on that network so we've done some research and in this topology here's what we found out we found out that for subnet a they need 80 hosts that's what this column is right here how big meaning how many hosts how many devices need actual IP addresses whether they learn them via DHCP or whether we're statically configuring what's the total number we need and we came out to the numbers of 84 Network a 34b 24 C etc etc etc so now we have our requirements and we could say also we might want to challenge the design a little bit and say now is it gonna crow beyond 80 within a year or two years because we don't want to have to come back and revisit this and redress I remember I worked at Paramount Pictures like 94 95 I believe that time it was like the time I base it on when movies came out Forrest Gump whenever that just came out that's when I was at Paramount Pictures and great opportunity at Paramount Pictures loved it there and we got bought by Viacom during that time and when two companies they don't partner it really Viacom purchased Paramount Pictures we have to make everything work and there's a lot of redressing and NAT translations they have to go on while we're doing the migration but the key is we want to plan it once well and then roll it out so we don't have to redress it in the future so I'm gonna go ahead and clear the screen off with some of those markings and let's imagine that this is our plan and when we're given a specific subnet range like this or a network address space to play with or to work with in it's important for doing very length subnet masking to go from high to low start with the sub networks that are going to require the most host first and then work your way down to the second one and the third one and the fourth one in descending order that's important that way you're not going to waste IP address space as you go also realize that in a bigger picture we're gonna have some cool games with summarization and making addresses summarize based on branch and location which we'll get to not in this session but we'll get to in subnet Saturdays and we'll make that all work but our focus here is how do we do very little masking to support these five the six networks and each of those networks having that money to that many hosts so I'm gonna clear the screen once more and let's do it and you might say well Keith had how do we start how do we you know how do we how do we start doing this and first of all we have the data we need and the third the next thing we might want to do is say okay well let's start with what we know like a mat like a word problem sometimes getting started with something is just taking some fixed value and then working from that way so if we're doing variable and subnet masking and we need a network that's gonna support 80 hosts let's imagine it's right here networking in fact it is there's Network a we need to support 80 devices on that subnet my question for you is this how many how many host bits do we need to support 80 individual hosts on any network I don't care what the Class A or Class B or Class C or or a what the numbers are how many host bits at the end of an IP address do we need to leave available for host addressing and so if you're saying wait this is like it's like a quantity game it is I'm asking you how what's the quantity of host bits little help there what's the quantity of host bits we need to leave available to support 80 hosts so we play the finger game anytime we need to know how many bits whether it's subnetting or host bits in this case put your thumb up there's a two and we want to get to 80 so two that means one bit is not enough double as we go up four that's not enough 8 16 32 what were we going for you oh yeah 80 so we have five bits which give us 32 not enough hmm now there did another hand another finger 64 Oh six bits still not enough another finger up 128 one seems like a lot but 64 won't do it for us so we need seven host bits to get at least 80 hosts we need seven host bits and that means at the tail end of our IP address space with the mask we need to tell the mask hey buddy you need to leave seven host bits for a host of dressing so let's look at that visually it like this if this is the fourth octet from our mask right here I'll just label that so the third octet goes that way fourth octet goes that way and there's 24 bits that are currently on hmm we need to reserve and I'll put these in a nice blue color we need to reserve all these bits you just count let's count together we said seven bits I'm gonna just do that math again 2 4 8 16 32 64 128 yeah we need 7 bits reserved mm-hmm just making sure I said there I think we need 7 bits available for hosted dressing so 1 2 3 4 5 6 7 so the mask if we use the longest possible mask which would be 24 bits on here plus one bit on there these would be zeros in the mask which mean that I'm up Keith lining them up you got people watching so zero zero zero zero zero this would be the mask and that's required I mean there's not there's not too many options there we have to leave seven bits available for hosted dressing so if we had 24 bits all the way up to this third octet on in the mask Plus this one the new mask would be how long how long would the new mass be if you're saying Keith well if it's gonna be all bits on up to this point right here that's gonna be a 25 bit mask and so that's gonna be the mask for our first subnet and when we take a look at the first subnet we're just going to bring down the parent network and plug it in which is 1067 a 3.0 with a 25 bit mask now you might be saying well Keith's us that looks remarkably similar to what we just did before and it is same game same game we put the mask in and we identify what the mass is gonna be the first Network looks like the parent Network except for a longer mask and let's also shot out the dotted decimal mask so 25 bits would be the first three octets of the mask would be all on and then it would just be this one bit right here on the mask that's on and the rest off which would be 128 plus 0 0 0 0 0 0 etc and the mask and decimal would look like this anybody say well why do we need that well that's how you got to put it in so if you're configuring so if you're configuring a Windows computer or Macintosh or a Raspberry Pi or a Cisco router or switch virtual interface on a multi-layer switch or in a layer to switch you have to put in the dotted decimal mask and so that's how we would when we configure an IP address that's how we would do it we would put it in dotted decimal for the mask the next piece is what is the block size and this is going to be important because we're gonna use it what is the block size if the least significant bit which is right there that's the least significant bit in the mask what's the block size for a slash 25 and I'll give you a moment to think about that we had a session just on block size and we identified that hey the block size is the the value of the least significant bit we follow the bits all the way the masks that are on we find the last one in the mask that's on and that corresponds to the block size and the block size as I'm looking over here you guys rockin fantastic it the block size is 128 all right now how is that going to help us well if we know the block size hold on your hold under your hats what would the next subnet be right here if our block size is 128 and let me give you a chance to think about that what would our next subnet be if the block size is 128 and you might be saying well Keith you just talked about that a few months ago and in our discussion on block size a couple sessions ago you said you just add the block size yes check this out so the next subnet no matter what the mask is going to be doesn't matter the next subnet is gonna be a 128 in that last number because we take the parent network here the first one and we simply add the block size and I'm gonna clean that up a little bit so it's very readable just like that so then the question might be well since we're here why not calculate the range of addresses for this 10.67 to a 3.0 Network with the 25 bit mask well we know the first address is going to be one more in that last octet so this can be dot one and we know the next subnet check it out it's 128 so we can't use 128 that's the next that's like the next house it's like my house belongs to this is here your house is there and we have to stay in our lane here so we can't go higher than 128 so that broadcast is the next subnet minus one so the broadcast for this first network is going to be 127 and the last valid host address is the broadcast minus 1 which is 126 so you could say the last host range is vast host IP address is the next subnet minus 2 that works or you could say it's the broadcast minus one that works or you could say that the broadcast is one less than the next subnet and then any way you want slice it that's how it works and now we have our first range so we could set up our DHCP server we could specify any IP address between dot 1 and dot 126 and they would logically be in subnet a that's how that part works now let me also draw a visual for you here and we'll put it right here I'm gonna compare this block of addresses the 1067 a30 to a pizza now when we did customer when we did subnetting earlier what we chose to do was we used exactly the same mask across all of our subnets and we had eight possible subnets eight identical pieces now what we've just done if and this may come with habit but the maximum number you can get out of one octet is 255 and so we just gave one through 126 which is about half we just gave half of the pizza over to seven a day and that's what that is right there so we need to do because we have a bunch of hosts that need to fit in that space based on our calculations earlier so our next question is okay that range of addresses basically 10 67 83 0 which goes from dot 1 through dot 127 including the broadcast that's all tied up and it can't be used by some other street this is already in use that piece of the pie is already been gone let's take it let's take a look at the next subnet which begins 128 based on the block size being added to this network and let's go ahead and do the calculation again for how many host bits do we need for network B that's the question and I know here it says we need 30 hosts but it totally escapes me on how we would possibly figure out how many host bits at the end of the IP address we need to leave in reserve to support 30 hosts it's just you know how do we do it I have where is this you know voodoo magic how do we calculate the number of host bits needed for 30 and if you're saying use the finger game for quantity every single time we would be right so let's let's calculate how many bits we would need for 30 hosts so we put up our first thumb our first stuff our first digit has a 2 on the back and we're going for 32 4 8 16 not enough 32 and because we have to subtract 2 because you can't use the network or host address our network address or broadcast address we could actually use 5 bits for host addressing and have 30 available host addresses is that true let's do it again so 2 4 8 16 32 - the 2 because we can't use the network and broadcast yeah all we need to do to support 30 host is make sure at the end of the day we leave 5 host bits available for host addressing so let's apply that newly learned information to our variable length subnet masking plan and it works like this and I will get out my eraser tool which I've started using and now we're focused on leaving 2 4 I'm doing the mouth again 2 4 8 16 3 we need to leave 5 bits for host addressing so that I'm going to circle here 1 2 3 4 5 we need to leave those these last 4 bits for host addressing that means our mask would be 24 bits up to this point and it would be on on we just basically the mask is gonna say I'm gonna take all the network address space except for how many hosts you need on that subnet which in this case is 1 2 3 4 5 bits so there's the dividing line between network and host for this specific subnet and we want to represent that down here so what is the new mask it'd be 24 bits here plus 3 more five twenty six twenty seven so we just bring down that mask and that's our that's our network I wish it was tougher but that's that's our network that will support 30 host is the 10.67 a 3.1 28 network with a 27 bit mask we're gonna just two or three more times in the same table to help reinforce that so what would the mask be and dotted decimal well it'd be 255 to the first three octets would all be on 24 bits and then how do we represent these last 3 bits for the mask it'd be 128 plus 64 plus 32 and you just do that longhand that works just you know 128 64 32 and that would be 224 I'm just looking at that verifying that that would be true this is because I've done that a few thousand times but that's the addition between 1.8 64 and 32 great so that's the mask and now my question for you is what is the block size for a / 27 what is the value of that least significant bit in the mask that is on and I'm going to if you're posting that rocking I'm circle I'm squaring enough right here it's 32 the the block size and you know it the reason we call it a block size is because that's the size of the block of addresses that we get to play with it's it's kind of a little pun after you've done it a few times but that block size represents a block of addresses that are supported by that network all right so the block size is 32 so we put it here and then something that we have never covered before how would we know what the next subnet is if the block size is 32 and this is the network we're working from if you're saying Keith no no no no no we've done this before you told us like sessions ago that you take the network you take the block size you add the block size and that's your new subnet that's still true you got it if I was trying to fool you didn't work that's exactly how it has worked that's exactly how it still works and that's how it will continue to work in the future so the next subnet would be 128 plus 32 we'll do the long way off there 8 plus 2 is 10 carry the 1 3 4 5 6 6 160 so the next subnet would be 1 6 0 and now that we know what the next subnet is the range now becomes easy to solve for subnet B and that is here's the network with 128 the first valid IP address is going to be plus 1 so it's going to be 129 and then the last subnet are the last IP addressing in that subnet is going to be the next subnet minus 2 or the broadcast address minus 1 and so we can work it either way you're comfortable with it's going to come out the same each time so the next subnet is 160 so minus 1 is 159 for the broadcast address minus one more is 158 and there we have our range dot 129 3 158 for this network called 10.67 to a three dot 128 with a slash 27 alright nice work good job we're doing variable length subnet masking now in a production environment but simply use a calculator for this you've put in your network how many subnets you need how many hosts you need you hit a button it spits it out and you're good to go but understanding how it works and be able to do it on demand is an important skill because you may be reverse engineering something and it's so important to understand how this works and if you're in certification and they're asking you about hey you've got a host on this IP address based on these five routes in the routing table which one matches and the only way to figure that out is to do this process and so it's very valuable on several fronts I'm glad you're here let's take a look at the next subnet subnet see we need 20 hosts I'm gonna go ahead and clear up a little bit of work here and that's this this was all based on that slash 27 we just did somebody clean some of that up oh oh oh we can also add to the pizza I like beets idea carb City and so for Network B it got a smaller slice here so we just gave Network a a big slice to support 80 hosts we gave network be a smaller slice to support 30 hosts and now we're going to go to 20 so for 20 my question for you is and this is no longer a running joke now it's just common knowledge and getting more comfortable as you do it a few times if we needed to support 20 hosts on the given subnet how many host bits would it take to leave available for those hosts so we'd have enough room it's like the sign maker just trying to leave enough room for the house addresses how many bits would we need to leave a bit leave available to support 20 it's the finger game once again so we're trying to go for 22 not enough for not enough 8 not enough 16 not enough 32 well and then minus 2 so we have to have 5 bits again so we're gonna have some wasted space in that subnet but if we want to support 20 house we have to leave at least 5 host bits because we did the work for that one on the previous example it's gonna be a little faster on this one so we know the mass is going to be slash 27 again same mask what even the same number of bits so masazumi the same here to the block size is still gonna be 32 and we just verify that real quick yep I'm not go down the rabbit hole and then our host range would be if we take a look at the hosts range it would be this the subnet which is 160 so you and I could talk to each other and say hey this is subnet 160 in slang or long-term we say hey its network 10.67 dot 83 dot 160 but if you're working on a network for many out months or years sometimes you might refer to those networks as the last part that are unique or you may call the sales VLAN because usually an IP subnet address is associated with the layer 2 broadcast domain a VLAN so in in productions people say OS the sales VLAN or the human resources VLAN or the development VLAN they're really talking about a layer 2 broadcast domain that has a layer 3 IP address and they may meet they may be just referring to that network address space on top of that VLAN but that's how it works so 160 is the network the first valid IP address is gonna be dot oh well before we go there what is the next subnet let's do that what is the next subnet going to be 4d and this uses the game of you take the existing subnet you take the block size you add it and that's the next subnet and so it would be 160 is the current subnet plus 32 and we would have 2 9 1 192 I believe that's correct and so we'll just put in 192 as the next subnet and that makes it help us it helps us configure the range so the first valid IP address is gonna be this subnet plus 1 which is 161 the broadcast is gonna be the next subnet minus 1 which would be 191 and then the last valid host address is going to be one less than the broadcast which is 190 just like that all right we're making progress and there is some repetition here which is a good thing it means that we're having the opportunity to rehearse the process for doing this and so the next subnet I'd like us to go ahead and tackle is subnet D now subnet D oh let's draw on our pizza so B and C got equal slices equal sized slices right there oh all right so we're carving out the pizza now at some point we are gonna lose the ability to hand out anymore IP addresses because we're gonna use the whole pie once that entire block of addresses is use the 1067 a 3.0 and all of its possible subnets and IP addresses and bits are in use we're gonna run out of space to allocate anything else so that's also a question that goes into the design is can we do this so previously when we carved this up into eight equal subnets we couldn't support 80 hosts but now because we have some other subnets than these less hosts and we're using a variable-length subnet masking we can go ahead and pull off that task so let's do the next network of D and we need ten hosts so my question is regarding the bits and that last octet how many bits do we need to leave available for host addressing if we want to support ten hosts on a given network so let's go ahead and do the math together it goes something like this our goal is 10 2 4 8 Oh 16 is enough so 16 minus 2 would mean 14 available host addresses so if we want to support 10 host addresses we need to leave 4 bits same game is before just quantity in this case how many host bits so let's go ahead and do it and let me get my eraser out and clean this up a little bit and we'll focus on 4 bits and see what that looks like visually so we need to save these 4 bits for host bits and that means the mask as it has 24 bits on up here we could actually have one there one there one there one there and then tell it to leave those 4 host bits alone just to verify that 4 host bits is enough to support 10 IP addresses 2 4 8 16 yep so 4 bits will get us a total come total number of combinations of 16 but because we can't use the all zeros the network address or the all one's which is the broadcast address we subtract 2 but that will give us 14 2 4 8 16 you give us 14 valid hosts so let's do it unless put in the values here the network is going to be 1067 a 3192 the new mask is gonna be twenty four plus one more plus one more plus one more plus one more so IB tray for my five twenty six twenty seven twenty eight based on our mouth here so that's give me a slash twenty eight and what is the block size for us last twenty eight it's the value of the least significant bit in the mask that's on and so in this for a slash twenty eight it would be this bad boy right here so just for visual purposes I'm gonna put the block size here and what would the next subnet be if we have a block size of sixteen so we're starting with 192 the next subnet is sixteen our say the block size is 16 I'll do the math is what I'm telling myself 192 plus the block size of 16 that be 8 9 plus 1 is 10 carry the 1 maybe 208 and there we go our next subnet as I go to the mic our next subnet is going to be 208 and we put that right here so the benefit of that is that if we wanted to know the range for the 192 subnet we would simply say well the the subnets 192 we add one more in that last octet to make it 193 for the first time I hope you dress the next subnets 208 so that means the broadcast for this subnet 7 that D is going to be 2 0 7 and the last valid host address is 1 less than that which is 206 and we could write that out also for the mask in dotted decimal so the mask would be 255 255 25 and then these four bits that are on there be 128 plus 64 plus 32 plus 16 which is a whopping 240 and those numbers for the mask are going to become more comfortable to you as you work more with them because they have to be an order with a mask you're not skipping bits it's not gonna I'm gonna take the 128 bit and the 32 bit and leave the 64 bit off masks are contiguous so the values would be 0 or 128 192 to 24 to 40 to 48 to 52 to 54 and 255 anyway that's just from a matter of in my mind I was actually visualizing those so people remember things differently and so it's not important you memorize them but it's important to be able to calculate what they are so four bits on means 128 plus 64 plus 32 plus 16 which is the 240 right here great so we just gave it a smaller slice to D so I'm gonna go ahead and put down here D D just got it slice of the pie these arrows are these arrows are now lame because they're all over the place let me fix that all right so I'm corresponding these these letters of the subnets to the individual Porsche close to the proportional slice of the pie that they're getting so let's finish this off now we have subnet e subnet e begins with 10.67 283 208 and let's calculate let's calculate together if we need to support five hosts how many bits do we need to leave for the hosts let's do the game two four not enough eight minus two gives us six so basically three bits three host bits is what's required if we want to support five IP addresses on a subnet so we need to leave three host bits at the tail end so we can do that get out my pin here and it would look something like this all right so what did we decide I was just racing got so excited to four okay three bits so we need to leave three bits for host bits and that means the network can use the rest of all that a space if they want it wants to for network addressing so the mask would be 24 bits on the mask there up to that point plus 25 26 27 28 29 and that means we'd have a 29 bit mask which looks like this that's at 29 looks like in decimal and what it would look like in an dotted decimal would be 128 plus 64 plus 32 plus 16 which is 240 plus 8 more be 248 so our mask would be 248 and dotted decimal that represents that those five bits in that last octet are on in the mask it would also mean that our block size is 8 so we write that down here and what would the next subnet be if you're saying at this point you might be saying no Keitha I think I got this this is the same game repeated over and over just with the new mask what's the next subnet what's the range and continue that's exactly right it's the same process just how many bits are needed what's the longest match possible and then identifying the next subnet based on the block size and continuing down so the next subnet would be 208 plus the block size which is 8 and that is 16 maybe 2 so that would be 216 is our next subnet and that allows us to configure our range so the network is 208 the first IP address is always one more W 209 and the next subnet 216 so our broadcast is going to be 215 and our last available host on that sub n is going to be 214 and as I look at my work here yeah that looks correct so not very many host addresses there but we only need five and so let's go ahead and continue that discussion for Network F you might be saying well Keith Network F is the same requirement for a number of hosts so the mask is gonna be the same as up here it is true story and that means the dotted decimal representation of the mass gives me the same true story that also means the block size is give me the same true story and then the range for this one because the network starts at 216 the range for that network for valid host IP addresses this is important if we were gonna you know use a DHCP server set up pools of addresses or we have to know which IP addresses to assign to a computer on that subnet this would be the range it'd be the network plus one more to 6 to 17 and then the o for the ending part here's what we could do we could cheat a little bit and what would the next subnet be after to 16 and if you're saying well Keith you just have the block size and that's true so we'll add 8 there so that's 4 8 plus 6 is 14 carry the 1 that's 2 and then 2 so be 224 and maybe we don't need that network but it does help us to calculate what the range would be for the previous one so for this network here it'd be 217 for the first IP address 223 for the broadcast for Network F and the last valid host address would be one less which would be 222 look at my work and that looks correct so it does take a little as I presented this let me give you an insight to what I wanted to do I first of all just gonna do this all freehand and write out the networks and how many and how many posts were needed and I had some feedback about two months ago early on as I started doing regular streams like every every Wednesday and every Saturday and every Sunday and one of the comments was you could have clarified that a lot more by having a little bit of a table present or the more there's a lot of forethought like given these streams like how do I get the information from my head and my experience into your soul so that you can interpret it or ramp up and really become good at those things that are important to you and those might create this table so I went over the table actually is my fourth or fifth different mechanism or guiding what should I show on the table how straightforward or how challenging should it be and there's like fourth or fifth attempt at getting that done so that's what you're seeing here is what I think would be a great representation of all the techniques we've learned counting with the finger game the block size calculating the new subnet and then based on how many host bits you need which is the big part of variable Inc subnetting leave enough host bits for each of the subnets and when you work from your biggest networks down to your smaller ones that technique works great and it doesn't waste any IP addresses oh let me go ahead and pick up a call from headquarters ring-ring yeah we got all the stuff knitting done yeah me and about a hundred people live streaming right now mm-hmm yep we're all set no worries what you need you need one more subnet for the wind connection to us okay I'll ask the team we'll take a look thanks bye okay so I just got a car just got a call from headquarters and they would ask they're asking us if we can fit one more network into this scheme the variable link masking so that they can support the wind connection to us maybe it's maybe it's metro ethernet or some kind of service provider MPLS service but all they want is a direct peering so a service provider can play a lot of games they can make us at our branch office appear adjacent to some way who's geographically remote like hundreds of miles away or thousands of miles away just by giving us layer two connectivity over their network so what headquarters has asked us to do is to say can we do one more subnet to support effectively a network that only has two devices so this can be our router and their router over the service provider network and let's take a look together and see if we can do it because this is another application of this in the real world that we want to be familiar with I'm gonna erase a little bit so I can have some I'll put my camera on there all right the pizzas gone the longhand math is gone and let me go ahead and clear that off to you all right it's so I don't feel so good this is clean stuff up occasionally all right so we have this network plan and it's going to work for our network and let's draw in some connectivity right here through a service provider cloud that's going to connect us to HQ and all we need is one IP address for here and one IP address for here and the first thing we're gonna say to our headquarter people is why didn't you tell us earlier we would have put that in the plan but we have some space left we haven't used up our entire addressing space so let's go ahead and create Network W a n so maybe this is gonna be deployed and rolled out with software-defined networking or pushed out to the routers it doesn't really matter we still have to know what the IP addressing scheme is going to be so we can have the network push it out so for our way in connection that's going to go off of let's say this is fast ethernet 4/1 here going down to headquarters we need a network a sub network in this space that supports two devices oh wait a sec two devices I know this game how many host bits do we need to leave to support two hosts on a network - OH now if you're in CCNA world that's not enough because there are some corner cases where a point-to-point circuit you can actually use the broadcast and network address but for the purposes of general CCNA if we have one bit for host addressing that's too but you can't use the L you can't use the network address or the broadcast and that means you're down to zero so if we use our finger again go to say two and then another bit for four and then reduce the two that means that effectively to host bits at the end of our IP address available for host addressing is going to be provide us two valid IP addresses so 2 4 - 2 because you can't use the network or broadcast address for valid host addressing that means we need to allocate 2 bits we can do this we have the technology we've done it like seven six times we're gonna do it one more time for our land circuit with another variable link mask based on a requirement of only allowing two hosts or needing two hosts on that network so we will we did the finger game so we know that we need to leave two host bits great that's in stone and that means that we can have all these other bits for the mask beyond and the mask would say those last two bits are host bits and they're available for host addressing so we're starting here at slash at the 224 Network so what is our new math gonna be if there's 24 bits on here plus 25 26 27 28 29 30 that's the slash 30 nice and in dotted decimal that'd be 255 dot 255 dot 255 dot and then you could do 255 minus 3 that would work 252 all it is is it's 20 128 plus 64 plus 32 plus 16 plus 8 plus 4 which is 252 which represents a slash 30 mask and then the question would be what is the block size this is this is a great game it's the game that never ends it just goes on and on my friend soon you'll be custom subnetting with nobody ok ok so what is what is my question what is the block size what is the block size if we have a slash 30 and if you were saying Keith's got this cold it's the last bit on in the mask that value which currently is for that's the block size so we're gonna put that in that's our block size and then for the benefit of range well what would be the next subnet after 10.67 - a 3.2 24 what would be the next subnet if you're saying Keith well this is almost old hat now I mean we've been through subnet Saturday session 1 2 3 4 5 6 7 now we're here at 8 it's adding the block size every time every time just to add the block size okay there's a block size there's our network to 28 in to 24 plus 4 more that's our next subnet so if we know the next subnet that means the range for this new wins ok this new win subnet which is supporting two hosts would start with the subnet ID the network plus 1 which be 225 the broadcast for that network would be dot 227 as the next subnet minus 1 and the last valid host address on that subnet would be one less than the broadcast would be 226 those are indeed the two hosts that are allowed that would work on that subnet which is the 10.67 to a3 so we call back headquarter who say yeah no problem boom we have this network for you it's the 10.67 to a 3.22 for network with a 30 bit mask and then you can toss a coin does the h does headquarters get dot 225 or do you r do e or do we take our just headquarters get 226 and we take the other one and then you'd put the IP address there so that's B 10.67 dot eighty come on Keith that's my CCIE number I should be able to remember that so on this interface to be 10.67 dot eighty three dot 225 we'll take the first one slash and it'll be s / 30 and then over here they would take dot 226 on that same subnet and there's no more room there's no more room on that subnet but we don't need any more room it's a point-to-point link it's a there's only two devices that need IP addresses and there we go and we're not wasting address space and we have a little bit more space in our pizza so we gave half the pizza to network' we gave a big chunk of the pizza equal chunks to B and C a smaller chunk to D and even smaller chunk to E and F and then we gave a very tiny chunk right there over to the Lancer c't and we still have some room left let me let me compare my notes and make sure that these are all correct because that would be important to just gonna look at the broadcast dresses because I yeah okay good good good good and one more thing Oh check one twenty two twenty four and the reason I want to check this is because if I put this up for posterity I want to make sure that every single person who looks at it is getting the accurate scoop yeah that's correct so it's correct with your help I appreciate it that's the process for doing custom custom subnetting and variable length subnet masking within a very confined address space that we were given and as we continue in our journey together with subnet Saturdays and with C seen in general we'll take a bigger approach at the headquarters office what are they doing why they give us this address space and how can do things like summarization and some other techniques that are used in production networks and the Internet to make the networks all manageable so that is it for me for the lecture part of this not lecture part for this discussion I've had with you regarding variable length subnet masks couple tips number one if you are new to subnetting I strap I welcome you to encourage you to join us for the playlist it's called the subnet Saturday playlist it's on my keith barker youtube channel I'll grab it and just go down in order and make sure you're comfortable with all those topics and techniques and that well when you hit this one if this was your first one it's a whopper so when you've been to get to this point you'll have the skills of the finger game the block size binary the mask how it works and you'll be more comfortable and prepared to tackle all of this also if you need a refresher if it's your first time through the whole series you might want to take a second look at that and enjoy it and we're gonna be using it and this applies so many places in routing tables which route is going to be matched it applies when you're trying to figure okay here's an IP address what subnet does it live in and so we'll cover that in specifics as well as we go and forward and go forward so I'm gonna take a short break a very short and then if you want stick around for some Q&A here's my request one is well first of all I think the moderators and everybody who's been answering questions and helping out oh my gosh it's been so great I've seen a lot of answers going over here on this Q&A slide of the chat thank you very much I'm so glad everyone's here so for the questions which we'll cover in just a moment if you have questions regarding variable X subnet masking that or anything in these subnet Saturdays that we've covered up to this point I would love to go ahead and get those questions if you don't have any questions on that but have questions related to CCNA 200 301 that level from any of the domains please feel free to ask those also if you've asked questions earlier instead of scrolling through the whole history I'm just gonna go ahead and look at the new questions that have at Keith Barker so if you do it at Keith Barker select my name and then I can easily see him I don't wanna miss anybody and that'll be an easy way for me to not pick up on some else's conversation now when we come back from the break - and we have a chat and I'm answering questions and talking about few things I have a couple cool things I'd like to share with you and talked with you about one is um I'm I'm up in my game I'm gonna build it I have a this is us a recording it's a house here in Las Vegas Nevada that I rent and I rent it primarily for just content creation and I work full time for CBT Nuggets as most of you know and this is my full-time gig I'm gonna be moving this studio to my other other house to my house where my wife live and we're gonna create what used to be a like a workshop I work another I'm not a carpenter type person we had this workshop with all these tools and a lot of room it's like 14 feet by 19 feet I think so it's pretty big I started gutting it yesterday pulling cabinets off the wall taking stuff out or just demolition demoing it and by the end of the year my goal is to actually build a studio purpose-built with a couple areas one for sitting and chatting one for doing this kind of work you know labbing and technical pieces and also one for a space that I could do almost anything in that I can do for live streams so anyway that's exciting I'll tell I think told you all about that hmm I was gonna tell you about that during the QA also my son Paul if you on discord which I invite you to join by the way it's a great place to chat and ask for ask questions on disk effect I'm just gonna do it now and then we'll take a break and go to Q&A on discord I've we're making we have six sections for recommended topics for videos and they're all CCNA topics like season a blueprint modules for sections and then we had a request or an idea that came in saying maybe we create a separate category with six separate channels regarding questions and and other discussions on those topics and that way if you have a request for hey I love to see if you do on this or that you can put in the appropriate section and that way I don't lose them I can sort through those and pick and choose and say okay that'd be a great topic let's do it and then the separate separate channel we could have a whole discussion area for you know questions and and challenge questions like what does this stand for what's that just to kind of have fun and get the brain going all the rest as you pursue your CCNA studies alright with that I'm gonna take a short break really really short and just grab a drink of water be less than 30 seconds thank you all if you need to bolt please feel free to do so and if you wanna stick around for Q&A I'd love to have you as well and if this is your exit point I'll see every in the next live stream or video meanwhile I'll see you in a few moments for the Q&A thanks everybody [Music] life is a winding road no telling where it goes driving through days and nights won't stop the traffic light alright we are back whoo I have a lot of fun so fun I enjoy chat with you and enjoy taking your questions I enjoy for my own benefit revisiting custom subnetting very linked subnet masking and every time I revisit it gets easier and easier so I'm grateful for you joining me in the journey and we've got about a hundred people who are alive right now so to each and every one of you glad you're here I'm glad you're here alright so I'm gonna start looking now at any new questions where it says at Keith Barker and I can go ahead and address them if there are needs just this just a little bit bring the mic over to so up hopefully that's not too loud alright and if I don't see any questions that's totally cool I appreciate all the I'm just curling back up there's just tons and tons of questions and feedback and it's been fantastic and Darshan's saying I enjoyed the pizza yeah me too and we have a few small slices left from our topology all right what if headquarters Daniel says thank you for that question Daniel is seeing what if headquarters calls back and wants the subnet larger than four now like 16 I had initiated that some of the overlaps yeah so if sometimes you're gonna have a network environment where it doesn't work meaning if they want if have headquarters for example they wanted eight subnets that supported 40 hosts each and they only gave us a slash 24 to start with there just are not enough bits to calculate to have all the separate subnets and have the number of hosts they want so if we try to create another interface on a router and we put an IP address if it's connected to a network and then we put another IP address on that router another interface that's part of that same network it's gonna say overlap that's when we get that message that hey this IP address overlaps with an existing network because you're trying to have two router interfaces in the same logical network based on the range of IP addresses and that's why that message is popping up so there are some migration techniques that can be used with secondary addressing it's not pretty but you can actually use the secondary option and apply a secondary IP address to a single interface and then you could have two DHCP scopes one for each of them and then migrate them over it's never never clean or easy to do that it'd be better to ideally have enough VLANs I have enough subnets and host space for all your anticipated needs but that's why they have network engineers because if we understand this and when you say okay I have a interface I'm configuring it says I'm overlapping why is that it's because you've got you're trying to put a second interface with an IP address that you maybe thought was in a different subnet but it's not it's in the same subnet that the routers already connected to and that's where knowing the ranges and the IP addresses is going to help out all right Scott welcome Scott glad you're here Scott's asking I'm not sure I understand why we should start with a largest subnet first and here's what I have you guys a great question as an exercise you can start with the smallest and give it a run so would have usually starting with the biggest first just makes it nice and clean a little bit better but I would have take this scenario that we just did right here and go ahead and do it in the reverse order and it it's it's just best practice and you're not going to waste as many IP addresses if you do it this way so uh you know it's got I'm gonna I don't think that I have actually done this in the reverse order for probably many many many many months maybe even years so I would actually let me ask you this go ahead and give that a shot do it in reverse order and see how that flows because I think there's some gotchas and possibly some wasted space that's going to come up as a result but I wouldn't know that tight research that further so the best practice is to start with your biggest and then work down and that's why I taught it this way so if you take that as assignment I'd be absolutely excited about your results that hey you could do either way it doesn't matter and I'd be happy to pass that on but best practice that I've always followed is start with your biggest subjects first and work down thanks for the question all right where can we find me on discord if I could have somebody in the room who knows that URL or create an invite if roadie and discord create an invite and and post it here that'd be great I also will as part of this video in the comments I will post a link for the discord server as well so we'd love to have you but chances are that somebody in the room is going to post that for me before I get there but I'll still let it after the fact thank you for the question is the discord up yes it is up Andy so we'll get that link for you and we're learning I'm learning about rights and security and it I watched a lot of videos I watched a video from like a 22 year old guy it was great so I watched this video I set it up and then I made a change - I tore it all down set it up again so the one that's up now is like the second iteration but I went and watched one of his live streams on Twitch and it's it's amazing 20 he look like he's 21 or 22 I went to his channel I watched a stream I first of all II liked him I subscribed tonight I chatted I said thank you very much I just watched your like 40 minute video on discord servers I was able to set mine up got a lot of great tips thank you very much he said yeah glad you're able to do it I love the fact that people are willing to share tell people how it works and the purpose of this channel is to focus on CCNA primarily making sure that we're teaching content so that so I can come in not just have a good time which is always fun but also learn quite a bit about this their stuff they're learning or studying so in CCNA sometimes you read a book or you watch some videos you're just gonna see one perspective and by doing in this case we just did whiteboard for all this custom subnetting but normally I do a hands-on approach to verify and show and demonstrate like default gateways or that video ooh with proxy our thesis kicked my butt anyway I'd like to verify that way you can a person watching you say oh yeah I get that and I'm better understanding this and having a good time with it and I'm 55 I'll be 56 next month and I love it I love passing on what I know and I'm always learning so now my new learning thing is all about Sdn which I'm having a blast and I'm you can let me share with you how I'm gonna use that in this channel there's a whole module for CCNA on Sdn and I'm going to first of all not master it in the next few months but get really good at it in the next few months to understand the pieces and the parts XML and yeah mole and rest comp and net conf and the api's and postman and ansible and all those things and how they work and DNA Center all the rest and then I can boil down on the important aspects regarding CCNA to really help you if you're new to software-defined networking to really get it that's what I like doing so that's my intent Oh Edwin's saying what slices left are you referring to in the pizza so we have this address space here that we have carved up all the way through the next subnet would be 228 I don't let me get our different pen so the next subnet let me get my face in there too hello so the next time would be 228 so that's a slice left so if we need more wind circuits maybe we have a backup circuit from our two that's going out and these are the network the next subnet would be 228 there's our next one and the block size would be 4 so 2 2 28 plus 4 is 2 32 that's our next edit so this one right here would be dot 2 29 through 230 and the broadcast be 231 and that's an example in measurable terms of more slices that we have in the pie now I'm looking at that and thinking is that our space yeah yeah so that'd be a slash maybe a slash 30 that 228 and that would be in our 10.67 to a 3.2 28 I was just confirming yeah we're not so if you get past 255 and there was a problem because the octet doesn't go that high but that's what I meant by additional little slices that we have in our PI that we could use for IP dressing thanks for the question all right let me scroll up a little bit and pick the next one here and [Music] here it is from Kenny hi Kenny have you had any heard a feedback on the new CCNA exam anyone know who's taking it recently how was it so I haven't taken it yet my intention is to wait just a few more weeks in case they have any bugs or issues with it I have watched some YouTube videos from people who have taken it and and they are following the NDA which is great they're not disclosing what they did get or didn't get so be aware of the fact that if when you do pass hopefully no one's gonna disclose what they actually saw but in the domain there's six domains I would encourage us a learner to go through all of them and say do I know this do I know this if it says configure OSPF I'd want to make sure I could configure OSPF and and be able to do it and then then when they ask you a question here's what I love let's imagine you're in testing and they ask you a question about which of these five IP addresses fit in this subnet or which route would be used and you say yeah I can figure this out you take the block size for the mask you calculate the ranges and you say oh it's that guy I mean you move forward as opposed to worrying about how they're gonna word it you can answer the question and what else so I was gonna mention their O in the testing environment this is important breathe just breathe when you show up for that exam early when I take an exam whether it's for any vendor I make sure I know where the testing center is what time of day I'm going to go make sure you get there 15 minutes early maybe 20 sit in the parking lot just breathe your study has been done you've prepared just breathe and breathing is a really good technique just to make sure you can be on the best game you possibly get sleep a little bit the night before not a bad idea I've been told not to cram the night before I do i cram I'm always cramming so I've got a lot of stuff on my plate these days and so I I believe that if a person is a nice long study path it's all gentle and everything else great but if there's a piece or two that you don't know at the end it might be handy to take a look at that example from 2001 my first CCA which I passed them the first time it was a two day exam I'll make this quick the whole video is up on YouTube go check it out but the first exam is a two-day event and again I got a trim it down for this so I don't spend 20 minutes talking about it there's a 2-day event you go for the first day and then when you come back the second day if you got enough points the first day they say yeah you can stay if not they tell you in that second morning sorry didn't you know you get enough points you have to leave and so that that first day I I rushed through I was doing the best I could a lot of hiccups along the way and then when I went in for the second day I was able to continue but before that second day my alarm clock in the room this is when we used alarm clocks in 2001 before Siri and all those things but my alarm clock it was the clock was an hour off I didn't realize that so I said it and it went off an hour early my advantage and I thought you know what I better study he was IPX SPX Network you know average like two decades ago IPs this is the Novell protocol was on the exam along with ATM and dick and token ring switching and datalink switching and other stuff anyway so he studied I said I'll have got an extra hour I'm just gonna I'm gonna go and lab this up so I had my computer I was using I don't know if I had gene history at the time or not I think I logged into life gear so I had to do so i right i tunneled out connected to some life gear and I practiced with some IP x SP X network statements and sure enough that day when I was gonna do it I needed that knowledge I and I need to do it quickly so I didn't have time like why isn't this working why isn't advertising whose is this network type not right for IP X so anyway long story short I still cram a little bit if I have an exam I will prep I will prep I also study study study and then usually the night before and sometimes the morning of I was just review my notes just to get my brain going and remember those things that I studied and then go in I wouldn't study in the car when you get there that's probably too much but breathe get to the testing site take a nice deep breath relax and just think I get to see the exam I get to see the actual exam which is kind of cool and then then crush it and also if you get a question you don't not comfortable with or not sure about it's okay happens like I remember seeing some questions like I have to stop myself and chuckling I have no idea what that answer is I've never heard of that before or the case where that I'm wondering did the test writer know the behavior like you fillet or - if a layer 2 switch doesn't have a default gateway what's it gonna do does the test rider know it's gonna pry it's gonna do a ARP request for a non-local address if he's trying to respond questions that shouldn't be asked at that at the CCNA level but those are some of the questions I asked myself and I remember what test them taking and thinking you know they want they want the straight answer so here's what I've heard from people who have taken the YouTube videos I've seen these tests are very very fair they are like the Devin ed exam very fair they asked you in the blueprint to cover a certain number of things and learn those things and that's they test it on same thing for CCNA very straight up and fair nothing like really weird so that's great news that's so Kenny hopefully that helps a little bit all right in an MPLS branch office subnet what would be the best approach for vlsm if they have a firewall mostly so if if usually a customer if the service provider is using MPLS we won't know it let me show you and let's imagine this is us is our headquarter site you bring my pin back if we have a service provider and they're providing us MPLS services they can provide us layer two services or they can provide us layer three services but layer two we're basically peering back and forth with the headquarters office and if we're if they're offering layer three services would be appearing with the service provider but either case if they have MPLS here I can spill MPLS multi-protocol label switching and they're doing layer 2 VPNs or layer 3 VPN is transparent to us we don't know all we're doing is we're peering with a routing protocol like OSPF with them and then they're taking our routes along with their 50 other cuts our 500 other customers and what they're doing is they're making sure that our traffic gets our routing information gets propagated between our two sites and there are other customers there driving traffic gets propagated to their respective sites so normally the branch office it wouldn't be label switching we'd just be running a routing protocol either peering with headquarters or peering with the provider the provider that we call the provider edge but we wouldn't actually do MPLS ourselves as we interface with that service provider either way so good question next question is there an IT is saying by the way the chart was great thank you very much I was looking for the optimal way to get that done I appreciate that feedback I will continue to follow that mode all right and there's a question from Alan about CBT Nuggets and content there I I will address that separately we're working on encore and other courses at CBT Nuggets where I work full time at the CCMP level CCNA has already done it's like 52 hours of training really good Jeremy Chara myself network Chuck great stuff and then for encore which is at the professional level we've got same people plus Jeff Kish and Knox hutchinson so we have five trainers that are doing various parts of that I don't know when it's gonna be I'm hoping for April my parts on track so was just the best it's gonna be amazing it is amazing the stuff that we've seen already it's great great stuff all right all right Adolphe thank you for that and angelo the push flag on tcp hmm if you would Angelo for that question would you if you put that in a recommendation in the discord server I'd be awesome I don't want to lose that I'd like to take that idea if enough people want it and create a short stream or a video on it and as far as a CCNA course online my full gig these days at CBT Nuggets I love it they treat me great I have a lot of autonomy and working with a great team I'm loving everything there so as far as creating a separate course this this these live streams and other content that's on CP YouTube I'm making it primarily to be free at the moment I'm not monetizing anything so it's all just free and just for people to help reinforce what they're learning and learn new things and that's this is close to what I'll make as far as an online course is the YouTube channel here which isn't gonna be a complete course everything you'd ever need to know cuz I probably won't go into the weeds but regarding cable types and fiber connectors and other things that are covered in the full CCD course but I want to cover those things which I feel are really important regarding skills that are important to know and understand so thanks for the question alright overproof a overproof 876 is asking I mentioned pursuing the cease the CCNA cyber ops should I wait for the new cisco certified cyber ops associate exam that's a great question i so cisco was gonna tear down all their CCNA s and then what was left up there was the cyber ops but they're calling it the cyber ops associate so they can still say yeah we pulled down all our CCA's I need to look in to see if the exams are different so in the past CCNA cyber ops was two exams security fundamentals and security operations and that would get you your CCNA cyber ops but now they're calling this cyber ops associate I have not looked into whether or not they have a new exam for it or if they have the same old two exams so that's something that you could just take a look at a Cisco comm career certifications cyber ops associate and then take a look at the exams if they're still asking for the cyber ops fundamentals um yeah if they're still looking for the fundamentals and the operations exams those two it's the same two exams that have been out so there wouldn't be a reason to wait but that's a great question I hadn't I didn't I didn't I had not heard that they are going to be updating those exams because that is a fairly new certification as it is so I will look into that as well alright thanks for the questions everybody right Aang I don't if you could share that squeak squeak it squeaked alright nason are the waste of IPs that could support a subnet potentially a security concern for a network I mean like a rogue device behind a firewall and that's a great question if we have a subnet that supports two four eight sixteen thirty-two let's say we're using five host bits and we can support 30 hosts but only twenty of them or 25 of them are needed we have some other addresses that somebody could insert like I say a raspberry pie this would be an internal deal because they have to get to your network so you could have an employee or something on the inside who's physically connecting to the network if it's wired to get in and they could use an additional IP address but there the reality is that if we need 20 IP addresses we wouldn't want to or if we need if we have 30 devices we probably wouldn't want to have just 30 available IP addresses because there's gonna be something that comes in like tomorrow that's gonna need an IP address we'd want to give ourselves a little wiggle room so that wiggle room the extra space doesn't really cause a security concern here's what would be a concern security concern easy for me to say is that if we had in TCP there is something called a three-way handshake which many of you are probably familiar with it goes something like hey here's a synchronization request in the TCP header it says the syn request I'd like to talk with you and the other party says sure I'll talk with you sends an ACK back an acknowledgment and it sends its own sequence with it so they called a syn ACK although it's really like an accent because the acknowledgement and then the sin in the same packet and then the third follow-up is the final acknowledgement so syn syn ack back and then boom we know we're talking and then what do you wanna talk about and then they go on to establish a formal session with an HTTP server or SSH or whatever they're communicating with so a hacker or an attack tool can often do scans of the network and there's multiple ways of doing scans we could well discover on the network week send ping packets out to the whole subnet so are you home are you home using ICMP are you home are you home are you home and then the attacker says who responded now a firewall and other devices on the network may not respond to a pink in fact Windows Firewall I believe in this default condition won't respond to a ping they don't want to let anybody know they're there which is a good security measure but that's one way another so if the ping doesn't work because people are not responding to pings we could do a TCP syn request and we could send it to every IP address on the network and then if a device is listening on a given port it could respond or it might send a message back saying I'm not open on that port which means hey if you're not open on that part that means that you know I know you're there or check this out in preparation for all of that if we're doing our pre quests to everywhere on our network as part they follow up ICMP message or a follow up TCP 3-way handshake attempt as a scan if we do an ARP request and somebody responds we know they're there either that device is there because they responded to our ARP request that layer you know for resolving layer to address or we had proxy ARP involved and some of their device was responding on his behalf but either way we know that somebody respond and that's another way to start mapping the network so long long story short too late for that if we were doing analysis of our network and we saw that we had five subnets let's say 10.1 10.2 10.3 10.4 10.5 but we did not have subnet 10.6 or we didn't have a subnet like a custom subnet that was used in our in our very link so I'm asking if we saw scans or attempted connections to that address space the whole subnet where we don't have any devices red flags because somebody is looking where they shouldn't be looking and they're trying to find addresses in that space and there's no address space there including non-direct for doing requests over networks looking for certain devices that would that would raise the red flag nobody I mean we shouldn't have anybody resolving a name to an IP address that's in a subnet that we don't use and we shouldn't have people sending packets to a subnet that we don't use and so it's very likely malicious and we would track that town with our tools and say ok someone is not someone we could identify the MAC address involved even if it's spoofed we could address identified a source where it came from as somebody's trying to do a mapping of our network so getting back to the question if we have 30 available hosts host address spaces and well you seen 20 in a certain subnet that doesn't really pose a security risk by itself it's just a few additional addresses that are available on that subnet all right and I think that's a confirmation let me take a look at the next one raging crypto is asking can you go over the route summary on those networks and those networks I'm not sure exactly let me give you an example of a gross over summary a gross anything is too much right oh that's a gross abuse of you know your permissions or privileges or that's a gross use of your roll here's a gross summary and it goes something like this and we'll have a separate section on just subnet summarization let's imagine that headquarters and I will bring a pin up let's imagine that headquarters instead of having to learn all these routes which is one two three four five six seven routes instead of having learned in those seven routes which aren't that many but if we wanted to reduce the number of routes we'd have to learn we could go ahead and have a summary route at the headquarter location that said this to get to ten anything go ahead and forward it to your next hop router there are three now the reason that's a gross over summarization is because yeah we're summarizing with one route attend anything that all these routes these subnets can be reached but what about 10.10 dot zero and 10.20 dot zero and we just play that game for like eleventy billion years there's a whole bunch of other networks that that summarizing those it covers which is way beyond just this network so a perfect summary would be this if corporate asked us to use this dress space we can have one route and on the route it would say IP route to get to ten sixty seven a 3.0 slash twenty four send it to our three that is actually a perfect summary for all of these networks because all these networks fit underneath that address space and so corporate could have specific summary routes like this for all their branch offices and from a higher hierarchical perspective we could create additional summarizations so that we can reduce the routing tables and also let me share with you the ultimate summarization on our three let's imagine our three has the connection to headquarters and it's also the access for the internet for everything else on our three here is the ultimate summarization we get rid of my face there it is 0.0.0.0 which is the default route and the next top would be HQ and so what that does that simply says okay everything everything that's not in my routing table says are three everything is not my routing table I'm going to go ahead and send order to HQ and let them take care of it and if this is a stub meaning a an area where another stub portion of the network where it has no other access to the internet or anything else except right here through our three that's a perfect way to go and so this default route effectively is a summary for everything that is not local here on this network all right thanks for that question and that was from raging crypto thanks raging crypto I don't know if you hear that it's fun fun noise all right to me Demetri I was asking what why you say that the test has a bug what do you mean by that if you could reach that rephrase it just a little bit to make sure that I understand where the question was tied to I'm not sure where that's what that's a follow-up to it but I would love to okay let's see if there's any other questions for me scrolling down I've got another question from Daniel this class effect variable length subnet masking like a Class A or Class B or a Class C Network and no it doesn't so as long as you have routing protocols which is pretty much everything except route rip version one that supports variable length subnet masking you're good to go so in our network here we did at n6780 3.0 with a 24-bit mask as the parent network that's already submitted officially because a 10 network officially is a Class A address so the first octet is the network the last three octets are the actual host address by default and so we've already custom subnet at it but the subnetting process works exactly the same you take where you're starting and you start making the mask longer leaving enough host bits available and keep working through it great question all right fat justice thank you for the super chat also and also Alan thank you very much the super chests are nice thank you very much not required not X did I I appreciate everybody being here in your time and volunteering on the channel help other people so fat justice and Alan Bend we thank you very much all right another question from dharshan okay it's more of a statement rather than a question so I'll go into the next one another question is asking I saw something the other day a PC had two different IP addresses on separate IP blocks using a single NIC so just guessing if there's a computer that has two different IP addresses a Cisco router can do that with whistlin is a secondary IP address so it's one physical interface but it has two IP addresses in two different subnets and that's usually to support two different networks in the same VLAN so life isn't always pretty in the world of IP networking so if you have one VLAN one layer to broadcast domain and you're migrating or you ran out of room let's imagine that that you had 30 hosts available and you find out oh my goodness we need 60 you could put a secondary address in the next subnet on that same interface and then that one VLAN logically have to layer 3 network address spaces and then they would each have their own default gateway on the appropriate subnet logically and it's not pretty if you look at a service provider network they'll like cable modem this is and you do start dupe academic packet analysis on cable modem and you're directly connected to their network you're gonna see IP addresses from lots and lots of different subnets like how that happened these those packets aren't on the same subnet I know what they've got is they've got large VLANs in the case of cable modem they'd be their own technology for doing it but when there's the layer 2 broadcast domain that you're connected to with all your neighbors and probably their neighbors and their neighbors it's very likely supporting more than just one IP sub-network but to be clean and have nice accurate networking we generally want one VLAN one subnet and then not have to play any tricks and as soon as I say that I realized that we have to play tricks sometimes to make things work like when Paramount Pictures about Viacom like two and a half decades ago or it was we had to play tricks we had to lie to both sides with NAT to give connectivity and we had to migrate and so those are all real things in the production environment that have to happen from time to time so thank you for the question do you know all right let's see if there's anything else and Paul you're very welcome Paul Fischetti it's great to have you appreciate that Angelo's asking great question Angelo's asking why do you not consider the network between the two routers the course switched let me just bring up the topology and let's talk about that for a moment so on this device here if this course which if this is an access port in VLAN 10 and this is an access port in VLAN 10 it is one network between R 1 and R 2 so that could be like the 10 0.12 Network or whatever it is between them if the course which is participating in routing it could have a VLAN interface for VLAN 10 and that VLAN interface could be maybe this is dot one over here dot two over here or maybe the course which on its VLAN interface that's the layer 3 switch to virtual interface interface VLAN 10 if you have 10 0.12.10 if we chose to go ahead and make this interface here on core 1 a layer 3 interface the physical interface and we chose to make this interface here a layer 3 interface then we'd have network I'll say network X and network Y because they would be too logical separate networks if these were layer 3 interfaces the other option is also um yeah here's one more option and you guys are you guys are good for this so let's go ahead and do it the other option would be you back off some of that almost there yay I just hit my buffer limit so if this is VLAN 20 on this port and this is VLAN 30 on this port as access ports then r1 and r2 would be in different VLANs they wouldn't be neighbors and then core one could have interface VLAN 20 and peer with r1 and r2 are yeah then our 10 core one could have interface beyond 30 and it could pair with our two and if we did that then it would look like this r1 right there they bring my face up here so it'd be r1 core 1 and then r2 so logically these would look like routers if we did that by simply putting in different VLANs so this is VLAN 20 this is v1 30 and the course which has logical SBI's in each of those VLANs and it would just be like another router in the path so there's like three ways to carve that up we just talked about all three and that answers your question I believe which was why isn't there an additional network between r1 and r2 it's just being on how its configured so that's a fantastic question I love it I still remember my first trainer that I learned multi-layer switching from Johnny Bass he's still around I still see him at Cisco live every year I make it a point to go say hi he teaches at Cisco live great guy it was when we had separate I'll save you the history lesson but he it was amazing to me I was like oh I get it these switched virtual interfaces just pop in and and back in those days we had routes which modules with logical layer 3 interfaces but it's good stuff it's good to know how it really works and then it's like tinker toys you put them together in any way that you want so if you had topology needed to build or modify if you know your options layer 3 interfaces on a multi-layer switch or switch virtual interfaces it's it's fun it's a lot of fun and let me take a look at the next question all right another questions from Bhaskar is asking what is out-of-band management uber oob great question and let's look at the topology and talk about that for a moment it's really important and let's do this let's imagine that HQ on a good day wants to be able to manage all these devices and so they've got a management computer and they've got a terminal emulator we'll just to go old school on this they've got a terminal emulator and they can connect to this PC I'm sorry to this router and all the routers and the multi-layer switches and the access layer switches that's because only access layer switches they have an IP address in that subnet and they have a default gateway that teaches them how to reply back to HQ so HQ is happy they can manage all of these devices and what that's called is that is referred to as in band management meaning we are using the data plane the packet flow from the management computer to communicate and work with all the devices in band management so what happens if we lose the MPLS Network just goes down it's gone and then the HQ says well how do we manage those devices and then somebody says boy we should have planned for some out of band management meaning an alternate path not the primary data plane that every else is using some alternate path to go ahead and manage those devices so one option is we get a server that we could put and the wiring closet at that remote location or perhaps in the if it has a small it won't have a data center at the small location but where we keep the gear like the routers and stuff in that same air-conditioned and monitored room we could have a server that maybe is connected out through the PSTN which is the public switch telephone network old school or maybe we have this device with internet connectivity through DSL or cable modem but it's some other method that's not going through the service provider MPLS network so if they go down then headquarters can go ahead and connect to this box right here this terminal server and then that terminal server can you to have console access or IP access to those other devices and to keep it really out-of-band we might want to make one so let's let's say we use V them mmm 25 we create VLAN 25 vielen 25 just for management so we have a separate VLAN just for management we have a separate box that's using methods other than the MPLS Network the service route of network to go ahead and get there so that we have out of band management it's really important by the way so I appreciate that question the opportunity to chat about it because there's nothing more frustrating than losing your connectivity to the network can you manage my first experience with that I've had many some where my fault somewhere my first experience was like in 1986 1987 as it's in my memory because I know what happened I like did that to myself what I was going to do and so out of bed management's a great idea and the only way to test it is to actually test it make sure it works so I was connecting I was doing some update to like seven devices on the topology was in Woodland Hills California that didn't see me valley which was about 20 30 minutes away and my plan was to connect to the edge of the network in those days it was modems best option I had and a modular old-school modem so I was connecting to the edge device and then I was from there are going to connect to the furthest device make a configuration change reboot it and then go the next I like seven devices to configure and I was gonna work my way back to the device that I was connected to initially and then my last step would be make the changes there well in my haste as a young person in those days I was nineteen eighty yeah in nineteen eighty five or six I connected and I was so excited about getting going I forgot which device I was on and I made the configuration change on the edge device first and when I pressed enter my screen no longer responded it's like tried to rekey so the change I made was on the edge device it didn't go well and as a result I had no mother I had no further access to the rest of the network No no other out-of-band methods for managing it so I don't recall whether I had to driving that night or I waited yeah I think we resolved it that night because production started the next morning and anyway there's a good lesson to learn about the camera moved there and so out of bad management is a great idea not free but definitely worth it and want to test all right so Demetrio I apologize they don't understand your question still but if you want to post that in one of the forms at on the discord server I would be more than happy to have the team at the community look at that and make sure we get your answer your question answered my apologies for not knowing what that question is at the moment and the see follow up on a question is from do you know on a VLAN on a VLAN that supports two different broadcast domains you know so let's talk about that for a moment so a VLAN really doesn't support two different broadcast domains between friends it doesn't do it it's a it's one broadcast domain so whatever logical layer three networks we want to pile on top of that one broadcast domain a broadcast from any of those networks any device in any of those logical layer 3 network address spaces that we put into that VLAN those are going to be seen by every other device in that same VLAN but I get it I get you're saying so if we have one VLAN and two subnets is there any performance impact or repercussions thank you yes there are if you have let's say you have 5 500 devices in one layer to broadcast domain so you have 200 250 from subnet a 200 from 50 from subnet P and they're all sitting when broadcast domain you're back to a position where you have one broadcast from one device like yelling in a room with 500 499 other people there hey Bob I'm looking for your layer to address everybody I mean everybody who's on that network has to say what broadcast this may be interesting and so they they because the layer 2 addresses the broadcast and they open it up they see it's an arp request then they open up the arp request they say oh you're looking for Bob's address not me and they discard it well if we have 500 devices and we're are peeing and that happens quite a bit we have other broadcast traffic - besides ARP there's a huge impact on the other devices so you want to keep your broadcast domains reasonably small hopefully less than 200 also for security reasons if you have an attacker and he's got access to 500 devices on that one broadcast domain and then he does mac off or a Mac Mac flooding on the switch so switch forgets where devices live starts flooding all frames - all portes that's gonna cause problems and more for security the attacker can eavesdrop on all that traffic which is not desirable okay let me see if I can pick up where I left off see if there's any other questions all right mhm Tech in the UK glad you're here in fact I'm still glad everyone's here all right one other question is asking is there only one layer one layer 2 and layer 3 not layer 4 I hear about layer 1 2 3 all the time but I don't know that's a great great question and that probably I'll tell you what for that question for a full a better understanding of that check out the playlist the CCNA playlist the first 2 or 3 videos will cover that but effectively logically there are 5 functioning layers in the tcp/ip protocol stack and it goes something like this you have a customer a user with a computer that understands tcp/ip and they send a request now in that request they're gonna be leveraging the application layer usually like a web service so the Bob's looking to go to a website in his I in his packet at the application layer it's gonna be making an HTTP request HTTP is an acronym stands for hypertext Transfer Protocol it's basically the language of love for a web server and web plant to talk to each other and then at layer 4 that's the application layer so we don't call it layer 5 we just call it the application layer then below that we have something called the transport layer and that's based on the type of protocol used it's able to like TCP can set up a reliable connection-oriented protocol our conversation so TCP transmission control protocol is a layer 4 protocol UDP user Datagram protocol doesn't really care about keeping track of its neighbors and keeping track of the session but it is also another layer for protocol there's also others like GRE generic router encapsulation and IP sex ESP is there as well so there's other protocols at layer 4 and then at layer 3 that's IP headers IP routing is done at layer 3 based on IP addresses and then layer 2 on Ethernet is done with layer 2 MAC addresses not referring to out products but rather media access control headers layer 2 addresses physical addresses Hardware addresses and switches make forwarding decisions there and then the bottom line is physical which is referring to you the bits and the signals of that data actually being moved on the network so check out that playlist I think it'll help a lot especially the first two or three videos in the series for the CCNA playlist the master playlist it'll help help with those as well and the reason it matters too is because as we start looking at securing our networks and we're using application layer firewalls what they mean is you have a firewall that can actually look at the upper layers and see what's going on so is this just a Facebook just looking at the webpage or is this a Facebook instant messenger or messenger or is this a Facebook file transfer and application will a application where firewalls will know details about what's going on so they can control that traffic at the application layer yep I've been there Daniel thank you for that and Demetrio glad to have you here Australia's in the house and the link for discord I tell you what um I can't find the link for discord what I'll do is I will put it on this video in fact let me just grab it I'll just grab it right now I've got it in a Word document so I can just bring up that Word document and we'll have here in a second I mean well just talk amongst yourselves let me clear off my screen there we go not so hard copy I can use a mouse and I'll go over here and I'll do a ctrl V and boom there you go thanks for your patience love to have everybody in discord who wants to be there there's a rule section just check out the rules make sure you're comfortable with the rules which basically say it'd be a nice person help other people don't share anything that is commercial or paid we're not giving away people's hard-earned content these YouTube channels totally free now that if you have like a PDF or or other content from other vendors who is is paid for please don't share anything like that also don't know brain dumps no sharing or breaking the disclosure agreement with Cisco or any else for getting what you share and also protect your personal information so here's the scoop on that many of you may want to connect and do study groups so I things like that but be very careful about publicly sharing any personally identifiable information that would include phone numbers personal emails anything that might be really enticing for an attacker to compromise your security so to do that you could you could exchange emails privately if you wanted and then you could email each other and do it that way but it's a good idea to be very concerned and careful with your personally identifiable information I get all there's a the hackers are getting better and better all the time once I used to work yeah this is safe I used to have a top secret clearance don't anymore that was many years ago and the office of business manager OMB OPM OPM be anyway they got compromised there's millions of records that were stolen including background checks for a lot of people had top-secret clearances hundreds of thousands of people so there's a lot of information there like everything yeah who's your best friend in high school and they gave us some credit monitoring tools for free for the rest of our lives for us and our families that we could keep very close track on whenever anything is looked up or revealed or on the dark web that comes up regarding our email addresses our phone numbers and so forth I'm grateful for that not grateful that the data got stolen but I'm grateful for the protections they've given me after the fact so one day I got an alert it said yeah on the dark web here's what was stolen they tell you exactly what was received or transferred or gotten and it was a mailing address for a house that I don't live at anymore so there's a little bit old and yes is my name and my mailing address which was a house address and so a day later somebody shows up I'm not that house anymore but there's a person at that house and they came asking for Keith Parker yeah looking for Keith Barker I've got a no subpoena what do you call it the own show have you show up in court maybe a subpoena I've got a subpoena and a check for him and the person who knows me at that property said yeah he doesn't live here hard stop don't reveal anything and then that person called me and said yeah they were looking for you and I said yeah that information was just leaked on the web maybe like a really short period period earlier and so I knew it was a scam it was not right if somebody looking for me they can find me I'm in official places I'm not hard to find like go to Keith Barker networking I might be I might be here so anyway there's the hackers are getting better and better I don't know where that would have led to whether it was a scare tactic with the IRS is coming and if you need to settle right now or what the check thing was about I think it was just to have her accept it or for them to take one step further but if it sounds too fishy or too good to be true either way it probably is all right so yeah manage your personal information carefully and Dinos asking are out-of-band management ports on the control plane so out of Matt out of band management is just more of an idea than actually a port so the control plane is how a device is learn about stuff like how do five routers know how to route well they need to be trained on how to forward we could do aesthetic routes or we could run a dynamic routing protocol like OSPF and they can dynamically teach each other and that is the control plane them learning about how to forward using a dynamic protocol as an example is an example of the control plane us managing those devices is an example of the management plane and it's on that management plane or we have access to our devices and can communicate with them that we want to have the out-of-band which is referring to out-of-band management so that we can still manage those devices even if our primary networks go down and that's also true for software-defined networking we want our controllers to be able to talk to those devices in the event that we have a failure or someone the network we don't wanna lose complete access to those devices from a management perspective so it's not going to be a specific port out-of-band management is more of an idea and it can be implemented so several different ways alright Daniel thank you for that and Gabriel is starting a new job next week mostly layer 2 and layer 3 can you recommend any any reads or other documentation what I love about especially if it's the first job in the field and getting in is that you're gonna learn most people get hired because of a basic awareness of how the network works or the technology is and then when you get in is your real opportunity to become a master so I would ask the person that hired you is there anything that I can do now that would help prepare me for when I start next week if you've got the job already just say hey I'm ramping up just gonna get dialed in is there anything specific I can start studying or looking at now that can help me hit the ground running when I start and be sincere and then if they give you a recommendation do it I did the same thing with EDS back in the early 80s electronic data systems I was interviewing and I said what can I do now to help me prepare to be actually hired for the job I didn't get the job yet as write at school and they said it was Anita Martinez and she said yeah well HP LaserJet Sark aynd of a new thing here's the manual if you guys start studying on those and I did I took it home started reading Corona wires fuser assemblies the voltages the positive negative charges still remember all that stuff because I dug in and then when I met with her for my final interview before they made the hiring decision she asked me so tell me what you know about you know HP LaserJet printers and I did and she goes okay yeah good and I think I got the job because I was willing to do that so once you get that first job the secret is whatever technology they have how can I provide more value how can I provide more value for this company if knowing this would that make me more valuable if it's something cool these one learn do it on your own like I want to learn how to build a drone great do that on your own or I want to do I want to do Raspberry Pi development and build raspberry PI's and make robots and hacking things do that on your own but look for what they have and how you could improve and provide more value to that company because the secret is when you start learning something more and studying it if you can apply it that's the juice right there it's because you could even apply is like like a SAS I I haven't touched in a in a while I've been working with the firepower threat defense system more recently but if I have to go back to an older AAS a like version nine or something I could do it only because I've had lots of practice on it be there was a need where I was and I just started working with it and that's what I've encouraged you to do so start to become a master on whatever they would like you to do do more than you're paid for yeah I'm not talking about worked 14-hour days if they're only asking for 12 it's only a slight joke but do more than you're paid for jump in with enthusiasm being willing to learn spend your own time and getting better and better and what you may discover is that it's gonna be hard for a company to keep you more than a year or two because your skills grow as your skills grow your value increases to a point where you might be really worth a lot more elsewhere and sometimes it's just you know they've got a budget 4x and that's what they want so always do the right thing be ethical and just keep on climbing IT is a great great option okay I ranted on that let's see here oh that link doesn't work Michael Taylor saying that link doesn't work mmm let me try it right here real quick yeah hey it's working for me so mm-hmm let me let me verify that works from a couple different places and if you have a proxy server or something else that's filtering traffic they might cause it to stop but I will double check on that for you thank you and I'll post notes if I find a problem with it I'll post that with this video oh okay Michael I should have read your second comment sorry about that it's working great all right what is the difference between a static and default route raging crypto that's a fantastic question what is the difference between a static and a default route let me show you let's start off with a default route and this is a great question that's why I'm happy to and it's right in the world of CCNA that's why I'm happy to do it let me clear that and let's imagine that our three is the connection let me give her this too all right that'll be better so let's imagine our three is the router that has access to the rest of the world so the Internet is a big place we'll call that label at AI and we're running a routing protocol in our organization maybe we're running OSPF so we go to each router and we type in router space OSPF space process ID it gets a router ID based on the highest the if we configure a router idea it takes that or if there's no router ID hard-coded it takes the highest IP address on the loopback interface if you don't have a loopback interface it takes the highest IP address on any other interface and if there is no IP address anywhere OSPF says no it does it says I can't I can't identify a router ID so you're gonna this park right here until you get an IP address somewhere configured or in an interface so once we enable OSPF we then go ahead and do network statements we've covered that in previous sessions so every router here knows how to reach every one of our subnets in this space so far so good and then we decide well I'll put Bob here Bob may want to go to the Internet maybe he wants to go to his favorite web site and let's commit fav uww fav com that's his favorite site now if that's a real domain and it's an accident so Bob wants to go to fave calm and when router floor receives that packet well let's actually talk about the truth what really has to happen for that to really work because we're in little chat mode here you and I having a conversation so let's let's look at all the pieces and it won't take that long and in law's some of this may be a good reinforcement so Bob's computer at Bob Bob sits down types in wwwo that's on my face it's on my face all right Bob types in WWF calm and then he what is Bob do next after he types in WWF a calm uses his favorite browser you know maybe it's Safari or Chrome or in an explorer or edge or or Firefox or whatever it is so he types it in and they press his enter as I was going for he presses enter and behind-the-scenes his browser assumes that he is gonna go to an a web server let's imagine that this is the web server so in the layers that were asked about earlier there's the application layer so when we think of layers think of a logical process that has to be gone through it means hit a like surgically slice and dice to be very tough to find application layer as a but protocols services run the application layer and one of those services is called HTTP and HTTP is the language of law it's like the program that's used between Bob's computer and the web server and so Bob's computer when Bob presses enter is going to format an HTTP request that says I'd love to see a web page from you but before that happens that's the up layer before that happens it's going to go through some other logical processes and one of those is at layer 4 and it's going to use TCP so TCP transmission control protocol is the layer 4 protocol that cares that's the one that does the how're you doing it's sort of like going to a grocery store and making small talk before you start talking with somebody TCP says syn syn ack ack hey we're talking what do you want to do so tcp is used by HTTP now we don't get to choose that we don't get to say I want to go to a web page but I don't want to use TCP it's baked into the application of your protocol so if we're using HTTP so if Bob is using a browser and Bob's going to this website Bob's computer is using HTTP or possibly HTTP for security and below it at layer 4 TCP then as that packet as that information continues down to the wire let's say this represents the actual network that Bob is sending on there's going to be layer 3 information that's added and that layer 3 information this is the network layer oh I should be consistent here let me be consistent so layer 4 is the transport layer and layer 3 is the network layer and at layer 3 we're using IP and B specific version 4 not version 6 usually like I don't know 10 years ago they said ipv6 is coming it's ipv6 has been out for so long and it's still not the major protocol that we use on the Internet say I P version 4 is which is what we've been talking about exclusively in our subnet Saturdays so at the a at layer 3 Bob's computer is going to use his own IP address as the source address and I'll put it right here so and I'm gonna line this up so it lines up with this guy right here so the source address is gonna be Bob's computer so Bob is sitting here at 10 dot what is his address 10 dot 0 dot 4 dot 10 that's his address just let's pretend it is and he's got a 24-bit mask so in his source address he's gonna say I'm at 10.04 dot 10 and the destination address is going to be something it's going to be the address of the server now behind the scenes bob has to fake Bob's computer has to figure out what the heck is the IP address for WWF AVI calm and as a result we have to do a little Segway because behind the scenes the but Bob's computer says I don't know that already I haven't learned that yet I need to know what ww5 comm is what that IP address is so as a side story which I'll put in pink hair it makes a DNS request Bob's computer does DNS at the transport layer uses UDP and have specific ports assigned to it and then what Bob's gonna do is Bob's going to send an IP packet source from Bob and destined to the DNS server so as part of the configuration on Bob's computer someone something had to tell Bob who the DNS server is DNS stands for DNS domain name system it's how we figure out what the IP address is behind an IP address and that could have been learned by Bob's computer via DHCP or it can be statically configured but either way Bob is making this little interim step to make a request an IP packet to that DNS server so let's say the DNS server is over here and let's say it's 10 dot 0 dot 2 dot 44 so that's the IP address the DNS server so the destination address would be the DNS server and then at layer 2 I'll come back to black here Bob for the DNS request is going to use the source MAC address that's built into this computer so Bob source mac is it layer 2 and the destination layer 2 address is going to be Bob's default gateway and that's because Bob said I'm on 1004 my DNS servers on 1002 different network and so I'm going to go ahead and use my default gateways layer 2 address and add layer 2 it's gonna have the source MAC address of Bob and the destination oh I should use ping for that let me then keep that consistent color for this little side conversation that he's having so at layer 2 the source address the source layer 2 MAC addresses gonna be Bob and the destination layer 2 MAC addresses gonna be our 4 gig 0/0 and then at the physical layer which is also called layer 1 and layer 2 is often referred to as the data link layer so Bob's computer is gonna send those bits on the network the switch is going to forward it to the right layer to off the very report the accessport router for is can make a routing decision up to the DNS server our two is gonna help with that process and then the DNS server is gonna get the request WWF if comm it may have to go out on its own to figure it out but it's gonna get the answer eventually send it back down back to Bob the client and now he knows the IP address it's like what all that just layer two of the IP address of fave calm yes and Bob's gonna catch that for future use so in the future if he needs to go to fave calm he'll know what that addresses so now that I've introduced the DNS piece it's done and we can go back to his conversation between Bob and his favorite web server now that he knows that layer 2 address okay so on our road trip here now Bob knows the layer 2 address of fave comm we'll say it's 20 3.67 dot eighty three dot 100 just for grins and it's a globally routable address on the internet and so at layer 2 so at layer 3 for the IP header the source address is gonna be Bob at 10:04 10 and the destination is gonna be 20 3.67 dot eighty three dot 100 and then that layer so this is layer 3 then at layer 2 Bob is gonna say whoa this network is different than my network and actually the truth is bob has no clue about the destination mask all it's doing Bob is the saying bolt I'm on 1004 and my first three octets don't match the first reactance of where I'm going so it must be a different network even though we have no clue what the remote masks are all we know is that what our mask is what we believe the street is and then we're gonna forward to a default gateway if we need to get off our local subnet so it later to it be Bob's layer 2 MAC address for the source and for the destination it would be our one our for again our fours gig 0 0 just like that and then the bits would be spit and the bits would be spit out the switch would look at the layer 2 destination address make a forwarding decision layer 2 over our 4 who would see it and say this isn't for me it's for 2367 83/100 but I have a route and that is where we can come in with the idea of a default route in OSPF what we could do is go to our three we've covered this in a previous session and on our three we could say default information originated always and that way our three is advertising to everybody here that there's a default route and so our four would say I don't have a specific route for this network but I have a default route and let's imagine the default route is coming this way and our two is forwarding this way and our one has a default route and forty this way and then our three gets it and then hopefully our three has a default route going out and that leads me to your question it's like what it's all based on the question about default route and static route this default route right here on our three it could be learned statically like this static static that's inside my brain nobody nobody should see that IP route with space is here the obi-wan kenobe route which is that it means nothing has to match and then the next hop address oh I forgot what it was I'll put HQ IP whatever the headquarters IP address is off this link or whatever our service provider is whoever the next hop is we create that static route and that is an example of a static route because it's definitely configured and a default route it's a statically configured default route and our for and r2 and r1 we didn't have to stat if we can figure it there because we told our three to advertise that via OSPF so on our 1 2 and our three our r1 r2 and r4 they learned the default route dynamically so on them it wouldn't be a static default route it would be a OSPF learned route if we're using OSPF and so these guys forward it and then there's another little trick here at r3 if we send out a source IP address of this guy right here our service providers are not going to let it through because it's a private address from the RFC 1918 address basis private can't use that on the Internet week it's not routable on the Internet not because you couldn't route it's because they won't route it service providers do not allow private address spaces to hit the literal internet I mean they may be sharing with us and stuff for their own purposes but the real internet does not allow that RFC 1918 private addresses so at this point what we'd also do is a little game called NAT or its cousin called Pat which we have a separate stream on and with NAT or Pat we would take this source address swap it out temporarily to a reroute able address on the internet this r3 would remember that translation the packet would then go to fab comm fav comm the reply would come back to that and added address r3 would untranslated the packet back to Bob who didn't open it and say yeah great webpage now in reality before that web page hits because we're using TCP we would have a three-way handshake so we'd have the syn request going to the server the syn ACK coming back and then the acknowledgment for all that traffic and it happens in you know milliseconds or less it's amazing networks are amazing and that's just for the three-way handshake but that this general flow of the traffic and how it works is exactly how it works so that is sort of like the story of the kid who goes to his dad and says dad where did I come from and the dad says ok time time for the talk so he says to him has books and manuals and diagrams and spends three or four hours talking about the birds and the bees and then at the very end the I says you have any questions Jimmy Jimmy says no and dad says why do you ask he goes well Johnny next door said he came from the hospital I am directly remember reminded of that joke because the question was static default route a static route versus the default route and I went on and on to elaborate on a bunch of cool stuff that I thought school and I hope it helps the reinforcement will help too because in real networks doesn't matter if they're in the cloud or if they're on pram or in your office or at your home this is all the network works and that's what I want you guys to know all right so that was from ragin crypto thanks for that question all right and not a great answers from a lot of people thank you thank you thank you oh thank you while they're saying that that link I gave you doesn't work if you do it within discord but if you do it from a browser it'll get you there so thank you for solving that for me I appreciate that Wilder thank you very much and I think that's I think that's it all right hey I had a lot of fun it's been subnet Saturday so the first you know hour of this was focused on very length subnet masking we identified two basic things number one if we take a pizza pie and we slice it up equally we may not have enough room for all the hosts on a given subject we can optimize space that we have allocated to us by doing custom sub knitting with variable length masks and they refer to this as a vlsm variable length subnet masking we walked through a couple examples of it and also we tagged on one for the land connectivity with just two hosts as well as a little bonus point I've thoroughly enjoyed having you for this livestream it's been a lot of fun tomorrow same bat-time same bat-channel 11:00 a.m. Pacific time we're gonna go ahead and cover another CCNA level topic and I will be announcing that unsocial probably either this afternoon or early in the morning well I say early in the morning at least a couple hours before the live stream so you can see what that topic is and see if there's any interest in grabbing it so I see a few questions left in the queue I'm gonna go ahead and take a look at those with my fingers and texting and I'll leave the stream running for a few minutes so I can do that otherwise have a great great rest of your day I've got 110 people online right now thank you to everybody who's hanging out with me it's great to get to know ya and I'll see you in the very next string thanks everybody [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music]

Info

Channel: Keith Barker

Views: 15,370

Rating: 4.964045 out of 5

Keywords: 200-301, 200-301 ccna, 200-301 cisco, 200-301 videos, 200-301 exam, 200-301 ccna certification, 200-301 study, cisco, ccna, networking, cisco ccna 200-301, cisco ccna certification, cisco ccna training, subnet, subnetting, subnetting made easy, subnet mask, subnetting tutorial for beginners, subnet mask explained, subnetting in computer networks, ip address, host bits and network bits, subnetting host bits, vlsm subnetting tutorial, vlsm, vlsm subnetting, vlsm tutorial

Id: olFe16vcA10

Channel Id: undefined

Length: 146min 12sec (8772 seconds)

Published: Sat Feb 29 2020