WEBVTT

00:00.000 --> 00:02.445
>> Let's talk about routers.

00:02.445 --> 00:04.440
This chapter, we're
going to focus on

00:04.440 --> 00:06.420
how routers learn
what they know.

00:06.420 --> 00:08.760
The whole Internet is based
on a series of routers

00:08.760 --> 00:09.780
that direct traffic from

00:09.780 --> 00:11.875
my system to anywhere
in the world.

00:11.875 --> 00:13.500
We want to figure out how it is

00:13.500 --> 00:15.750
routers know the
magic that they know.

00:15.750 --> 00:18.780
One of the main ways that
routers know is that they can

00:18.780 --> 00:21.450
be told through a creation
of manual static routes.

00:21.450 --> 00:23.430
Which means a network
administrator is

00:23.430 --> 00:25.590
going to create a series
of statements and say,

00:25.590 --> 00:27.630
okay, if traffic is going to be

00:27.630 --> 00:30.130
on the 10 network,
go this direction.

00:30.130 --> 00:33.530
Obviously, that's not what's
happening on the Internet.

00:33.530 --> 00:36.110
But for certain situations
in my internal network,

00:36.110 --> 00:38.090
that may be something
that's used.

00:38.090 --> 00:39.860
Usually, we allow our routers

00:39.860 --> 00:41.165
to learn about their network and

00:41.165 --> 00:42.530
other networks through a series

00:42.530 --> 00:44.260
of dynamic routing protocols.

00:44.260 --> 00:45.780
They're a handful.

00:45.780 --> 00:47.524
We'll talk about RIP,

00:47.524 --> 00:51.635
OSPF, and BGP in
the next section.

00:51.635 --> 00:54.755
BGP is what the Internet
routers are using.

00:54.755 --> 00:56.360
We'll also talk
about a feature that

00:56.360 --> 00:58.295
many routers have called NAT,

00:58.295 --> 01:00.635
which is network
address translation,

01:00.635 --> 01:04.985
and it's best friend, PAT,
port address translation.

01:04.985 --> 01:07.340
Then we'll talk about
access control lists

01:07.340 --> 01:10.350
which are how we add
security to routers.

01:10.930 --> 01:14.690
For static routes, we can
use command route add,.

01:14.690 --> 01:17.975
There's also route p for
persistent, and route print.

01:17.975 --> 01:20.795
These are commands you'll
want to know for the exam.

01:20.795 --> 01:22.895
When we're creating
static routes,

01:22.895 --> 01:24.520
we use the command route add.

01:24.520 --> 01:26.165
What we want to configure

01:26.165 --> 01:28.310
is how to get the
destination network.

01:28.310 --> 01:30.725
If I want to get to the
destination network,

01:30.725 --> 01:33.820
on what interface on the
router should traffic be sent?

01:33.820 --> 01:35.505
Where is its next stop?

01:35.505 --> 01:36.875
It's a little bit challenging

01:36.875 --> 01:38.810
or not so much
challenging as it is

01:38.810 --> 01:40.670
time-consuming to go through and

01:40.670 --> 01:43.465
configure static routes
in all your routers.

01:43.465 --> 01:47.120
However, if I do have a
specific pathway that

01:47.120 --> 01:50.030
doesn't change frequently or
it doesn't change at all,

01:50.030 --> 01:52.250
it might be good to
use a static route in

01:52.250 --> 01:53.510
that instance because

01:53.510 --> 01:56.035
dynamic routing
protocols are chatty.

01:56.035 --> 01:58.925
They generate some additional
traffic on the network.

01:58.925 --> 02:00.710
If you have a route
that doesn't need to be

02:00.710 --> 02:03.185
learned or isn't something
that comes and goes,

02:03.185 --> 02:05.495
then a static route
is probably best.

02:05.495 --> 02:08.450
For many of the routes you
need your devices to learn,

02:08.450 --> 02:11.730
a routing protocol is
probably the way to go.

02:12.640 --> 02:15.995
There are three main ways
of routing protocols;

02:15.995 --> 02:18.305
one is called the
Distance Vector,

02:18.305 --> 02:19.880
then we have Link State,

02:19.880 --> 02:22.985
and then we have our
Exterior Gateway Protocols.

02:22.985 --> 02:25.160
The ones you and I are
most likely to work

02:25.160 --> 02:28.490
with are distance
vector or link state.

02:28.840 --> 02:31.400
For distance vector routing,

02:31.400 --> 02:33.785
these routers make their
decision on the best path

02:33.785 --> 02:36.680
based on how many hops away
and in what direction.

02:36.680 --> 02:39.440
For instance, a distance
vector router is

02:39.440 --> 02:42.170
always going to prefer
two hops to three hops,

02:42.170 --> 02:44.300
even if the three
hop direction or

02:44.300 --> 02:46.960
three hop link is at
a much faster speed.

02:46.960 --> 02:50.030
Distance vector routers
are older than RAP,

02:50.030 --> 02:53.165
which is routing
information protocol.

02:53.165 --> 02:55.535
We're on RIP version 2,

02:55.535 --> 02:57.200
but it's still fairly dated.

02:57.200 --> 02:58.550
The thing about RIP and

02:58.550 --> 03:00.920
distance vector routing
protocols is that they're

03:00.920 --> 03:02.780
very easy to set up and they

03:02.780 --> 03:05.590
don't generate a lot of
traffic on the network.

03:05.590 --> 03:08.705
They're pretty manageable
for a very small network.

03:08.705 --> 03:11.720
Quick and easy, wheel-like
quick and easy.

03:11.720 --> 03:13.290
The way these routers learn from

03:13.290 --> 03:14.695
the network is from
their neighbor,

03:14.695 --> 03:16.940
and their neighbor learns
from their neighbor.

03:16.940 --> 03:19.010
That's a method called
routing by rumor.

03:19.010 --> 03:21.680
In the illustration,
you can see router C is

03:21.680 --> 03:24.595
connected to the four network
and to the three network,

03:24.595 --> 03:27.180
B is connected to
the three network

03:27.180 --> 03:28.334
>> and the two network,

03:28.334 --> 03:32.280
>> A is connected to two
network and the one network.

03:32.280 --> 03:34.440
Each router only knows about

03:34.440 --> 03:35.870
its directly connected network.

03:35.870 --> 03:37.700
C only knows how to get to

03:37.700 --> 03:39.740
the three network and
the four network,

03:39.740 --> 03:42.290
B only knows how to get
to the two and three,

03:42.290 --> 03:44.330
A only knows how to get
to the one and two.

03:44.330 --> 03:46.760
Ultimately, you can
see that C is hey,

03:46.760 --> 03:48.530
[inaudible] this information and

03:48.530 --> 03:50.555
it's passing its
routing table onto B.

03:50.555 --> 03:53.030
It sends its routing
table onto A until they

03:53.030 --> 03:55.730
get updates about the
various networks that exist.

03:55.730 --> 03:57.350
That's routing by rumor.

03:57.350 --> 03:58.790
The problem with that
is that it takes

03:58.790 --> 04:01.715
a long time for what we've
referred to as convergence,

04:01.715 --> 04:04.925
which means learning if
there's a network change.

04:04.925 --> 04:07.910
Another problem is
we see that router C

04:07.910 --> 04:10.285
is directly connected
to the four network.

04:10.285 --> 04:12.375
Because B is one hop from C,

04:12.375 --> 04:14.010
if you look in B's routing table

04:14.010 --> 04:15.260
and what's highlighted in green,

04:15.260 --> 04:18.620
it says, okay, I'm one hop
away from four network.

04:18.620 --> 04:20.480
A says, well, I'm two hops

04:20.480 --> 04:22.130
away from the four
network because I'm

04:22.130 --> 04:26.165
one hop from B who's one
hop from C. So far so good.

04:26.165 --> 04:29.240
That's how routing by
rumor is supposed to work.

04:29.240 --> 04:33.140
Let's say that that link
between B and C goes down.

04:33.140 --> 04:34.370
B can no longer get to

04:34.370 --> 04:37.135
router C and can get
to the fourth network.

04:37.135 --> 04:38.915
B starts to listen to A,

04:38.915 --> 04:42.025
and A says, "I'm two hops
away from the four network."

04:42.025 --> 04:44.190
B says, "Well, I'm
a hop away from A,

04:44.190 --> 04:45.710
I must be three hops."

04:45.710 --> 04:47.105
C listens and says,

04:47.105 --> 04:50.030
"I must be four hops," and
then B hear C and says,

04:50.030 --> 04:52.145
"I must be five
hops," and A says,

04:52.145 --> 04:53.585
"I must be six hops."

04:53.585 --> 04:55.220
Basically, what's happening is

04:55.220 --> 04:57.470
a process called count infinity.

04:57.470 --> 04:59.330
It winds up happening
if there are

04:59.330 --> 05:00.830
no controls in place to keep

05:00.830 --> 05:02.630
these routers from
learning from each other

05:02.630 --> 05:05.575
going different pathways
when there's a downlink.

05:05.575 --> 05:08.580
One of the things
that cracks me up is

05:08.580 --> 05:11.635
the way the RIP deals with
that count infinity issue.

05:11.635 --> 05:14.570
It says infinity as a number 16.

05:14.570 --> 05:17.285
Sixteen is a high as
we go to infinity.

05:17.285 --> 05:19.790
What that means is once
we count to the infinity,

05:19.790 --> 05:21.230
process, B says,

05:21.230 --> 05:22.580
"I'm 15 hops away",

05:22.580 --> 05:25.145
then C says, "Oh, that makes
me an infinite distance."

05:25.145 --> 05:27.125
Therefore, there is a downlink.

05:27.125 --> 05:29.825
That's one of the ways we
deal with count to infinity,

05:29.825 --> 05:31.690
and that's called
poisoning the route.

05:31.690 --> 05:33.210
The other thing about poisoning

05:33.210 --> 05:34.920
the route is poison reverse.

05:34.920 --> 05:37.640
It basically means that
once that route is down,

05:37.640 --> 05:39.455
C sends a message out saying,

05:39.455 --> 05:41.660
"I'm 15 hops away
from network 4," and

05:41.660 --> 05:44.300
then B and A automatically
know that's a dead network.

05:44.300 --> 05:47.885
That's really how we
counteract count to infinity.

05:47.885 --> 05:50.840
There's also something
called split horizon

05:50.840 --> 05:53.060
which means that if
you look at counter C,

05:53.060 --> 05:54.290
it's sending information about

05:54.290 --> 05:57.095
the four network on its
Ethernet zero interface.

05:57.095 --> 05:59.810
What split horizon means
is it's not going to learn

05:59.810 --> 06:01.250
information about
the foreign network

06:01.250 --> 06:03.230
on its Ethernet zero interface.

06:03.230 --> 06:05.960
It's not going to send
information to B and A and

06:05.960 --> 06:08.795
learn information from B and
A about the specific link.

06:08.795 --> 06:10.790
Basically, these
are just controls

06:10.790 --> 06:12.259
that are built into RIP

06:12.259 --> 06:13.670
that can be enabled to deal with

06:13.670 --> 06:16.500
that problem called
count to infinity.

06:17.200 --> 06:20.405
With link-state
routing protocols,

06:20.405 --> 06:22.685
the most common is called OSPF,

06:22.685 --> 06:24.930
open shortest path first.

06:24.930 --> 06:27.050
Nice thing about OSPF is

06:27.050 --> 06:29.375
rather than learning about
the network from neighbors,

06:29.375 --> 06:31.700
OSPF allows each
router to learn about

06:31.700 --> 06:32.960
the network on its own and

06:32.960 --> 06:35.029
>> create its own
topology table.

06:35.029 --> 06:37.070
>> Every router
directly communicates

06:37.070 --> 06:38.660
with every other
router through what

06:38.660 --> 06:42.290
are called LSAs or
link-state advertisements.

06:42.290 --> 06:43.850
It continues to make sure that

06:43.850 --> 06:45.110
the network is available through

06:45.110 --> 06:47.510
these little link-state
advertisements because they are

06:47.510 --> 06:49.280
essentially constantly
checking in

06:49.280 --> 06:51.510
to make sure that
they're still there.

06:53.270 --> 06:55.490
When that router doesn't hear

06:55.490 --> 06:57.575
the LSA from a specific router,

06:57.575 --> 06:58.760
it assumes and it marks

06:58.760 --> 07:00.710
that router as being
dead or not available,

07:00.710 --> 07:01.580
and then learns

07:01.580 --> 07:03.275
different pathways
throughout the network.

07:03.275 --> 07:04.760
The problem with this is

07:04.760 --> 07:07.145
that it's very
resource-intensive.

07:07.145 --> 07:10.250
RIP is good for smaller
outdoor routers

07:10.250 --> 07:12.695
that don't have a lot of
processing capability.

07:12.695 --> 07:15.574
But with link-state routers
or link-state protocols,

07:15.574 --> 07:17.225
you don't have a lot of memory,

07:17.225 --> 07:19.520
and that's a lot of
processing capability to

07:19.520 --> 07:22.670
build these topology tables
to track this information.

07:22.670 --> 07:25.100
It's very resource-intensive and

07:25.100 --> 07:27.050
is designed for larger networks.

07:27.050 --> 07:29.240
Then you have Border
Gateway Protocol,

07:29.240 --> 07:30.800
and we really aren't
going to get into

07:30.800 --> 07:32.660
the border gateway
routers because

07:32.660 --> 07:33.680
these are the routers that are

07:33.680 --> 07:35.060
used throughout the Internet.

07:35.060 --> 07:37.740
That's a discussion
for another day.