Video Transcript: What is a switch, router, gateway, subnet, gateway, firewall & DMZ
Hello, friends, first of all, thank you so much. We are now a family of 500 thank you for all your support. Please keep growing this family. Today, in this video, we will understand some networking basics. After my previous video on Virtual Private Network, many of you requested me to make a similar video on other networking fundamentals. This particular video would cover all the networks basics which we encounter in our daily lives. We probably use it, but we don't know exactly what it does and how it works. So today we'll understand what is an IP, what is a switch, what is a subnet? What is a router, Gateway, what is firewall, DMZ, Port Forwarding and Tan. And we will cover this in two legs. First, we will understand the component specific to a LAN, which is local area network, and then we'll move on to Wan, which is a wide area network. And we'll understand this yet again with a very relatable example of a school. So let's get started. Please subscribe to my channel and hit the bell icon. So friends, we will do a side by side comparison between a LAN and a school wherever possible. I'll try to correlate the concept so that you can easily understand so what is a LAN? LAN is a local area network, which means that you will have a network, a set of devices talking to each other within a limited range. The best example of a LAN is your home network, wherein you have several laptops, mobiles, your printers connected to each other, and then you are also talking at the same time to the outside world through internet, which we'll cover later. So what is an IP? First of all, so an IP is a logical address to identify or locate your specific machine on a local area network. So suppose, in this case, the laptop IP address is 192.1, 68.10.20. This is a logical address and even any device which wants to talk to this particular laptop can send a message to this particular IP address, correlating that to a school. Suppose we have this particular school, and this school boundary can be considered as a LAN. It is a local area within which we have three different classes, class 10th, class, 11th and class 12th and we have various students within these classes. You can consider these students as different devices, like a laptop, a printer or a mobile. Every student in every class has a unique role number with which he or she is identified. That particular roll number can be identified as an IP address. Moving on, the next concept is a switch. What is a switch? So switch is a device which sits within your local area network and helps you talk to various devices within your local area network range. Suppose, if you want to print a copy of your file onto from a printer, then you can simply send your request, and switch will identify that, okay, this request needs to go to this particular IP address, so switch specifically works within a closed range of a local area network. So in in a school, if suppose a class 10th student wants to go and meet a student of class 12th, he has to first go to this tune, and he has to take permission and tell him that I want to talk to this specific student. And this is his role number. And based on that, this tune will pass on the message or allow this particular student to go and meet the student of class 12th, so a tune can be correlated to a network switch. But what if
student of this particular school wants to go and meet a student of a school next to this particular school, but that school is outside the boundaries of this particular school? In that case, this student has to go and meet the main security guard here, which is there at the main gate, main security gate, and he has to ask permission of this particular security guard, and only then he can go and meet someone outside the school boundaries. So this is security guard. Is nothing but a router. So a router is a network device which sits between our local area network and the outside network, which is a wide area network. So suppose our mobile wants to connect to the internet, then this mobile will send request to the router, and then this router will connect to the outside internet. So to draw some analogies, IP of any machine can be a roll number of any student. A switch can be this tuned, and a router can be the main security guard, which allows you to. Go outside, the outside your school, or go outside the network. But the question arises, how a machine would know whether a machine sits within the local area network or it is sitting somewhere outside the main local network. How a machine can understand that? That can be done through yet another concept, which is which is called as subnet. So subnet is called as a sub network which sits within the local area network. And it is not an IP address. It might look like an IP address, but it is not. It is a set of flags which defines the overall range of a local area network. I'll tell you how. So suppose the IP address of this particular laptop is 192.168.10.20, and the IP address of this printer is 192.168.1.2 between these two sits the subnet. So subnet for this particular local area network could be 255.255.0.0. What does this mean? These are the flags. These two, 255 flags denotes that this particular local area network has a fixed range of 190 2.168 so any device which falls within this particular IP address range would potentially be the device in the local area network. If suppose this particular IP address matches, then these two zeros denotes the free range. There can be any number sitting in these last two categories, because these are zeros. So it can be 1.2 or it can be the mobile 192.168 .25.30 so subnet decides your local area network range, and if you want to correlate with a school example, then the roll number of one student and the roll number of another student can identify, we can identify whether they belong to the same school. So a student of class 10th can have a roll number like s1 which denote the school 10.15.5, and the roll number of the 12th student could be s1.x.2.20.9, so what would be the subnet range for this you can identify. So this would be 250, 5.0, dot 0.0, because we are only comparing this first bit, if it matches with s1 with s1 that means that these two students are from the same school, and they can, you know, they can talk within this school network. So to summarize, any network device potentially needs three things, IP, subnet and I and Gateway. Now you will now you will wonder, what is this gateway? Gateway is nothing but the IP address of this router. So router and Gateway are one and the same thing. The IP address of the router is actually
called as the network gateway. So this IP address, along with this subnet and this gateway, can pretty much talk to any other network, network device within the LAN or outside the LAN. So hope I am clear on this concept. Now we will
move on to the leg two of this video, wherein we'll understand some concepts on the wider area network. So let's start. So hope we are clear on leg one, which covered the LAN concepts. Now we will move to the next leg, which will cover some concepts related to router and wider area network. So let's start. So router has basically four core functionalities which it has to deliver as a gateway device. First is Nat, which is network address translation. Second is DMZ, which is de militarized zone. Third is firewall and fourth is port forwarding. These are all interrelated. We'll understand how. So we now know that router is the gateway through which a local area device can talk to a device outside the network but, but what is network address translation? The name pretty much describes it. So whatever request comes from the local area network device, the IP address of this particular device is not exposed to the internet router changes this network device address to a different address, which then goes on to the outside network. As you can see, the IP addresses of these network devices outside the local area network are different. These are all starts from 72 dot 63 where in our subnet it starts from 192.168 that's why, whenever any device goes out. Side to talk to another device via the router or the gateway, then that particular network address gets translated. So a normal flow would be a device would go to the router. Router will request that particular data from a device in the wide area network, and then that would be sent back to the device. But what if a device which is completely isolated somewhere in the network wants to talk directly to this particular device in the local area network? That cannot happen. That's a security risk. That's why the firewall comes into picture. Firewall is nothing but a set of passive rules which are defined to enable the set standards of communication between the internal and the external network. Through this firewall, only a specific set of communications can happen, and these sort of ad hoc request cannot. That's why, if you want to allow any sort of communication through this firewall, what are the options you have? So you have two options, you can either configure a DMZ or a port forwarding. We'll understand these two concepts quickly. What is a DMZ? DMZ is demilitarized zone. Demilitarized zone is a zone created within the local area network, wherein it has it is specified to the router that whenever any ad hoc external network connection wants to try to establish a connection with the local area network, you simply pass on that connection to the DMZ. So if any request comes from an ad hoc device it is, it comes to the router, and router simply send it to this demilitarized zone. And if there is any device which is sitting here in the demilitarized zone, that device can directly talk to the device outside the firewall. But then the security of this particular DMZ and the device sitting with within this DMZ is the responsibility of DMZ, or the device, to correlate DMZ with a school. Example, we can correlate
it like this. Suppose a parent or a guest wants to meet certain student in the school, he will come to this particular security guard and request for that meeting. And if there is a DMZ setup here, it would be actually a kind of a reception here. So what security guard can do, security guard can simply ask this particular guest to go and wait in this particular reception so that the student can come here and meet the guest or the parent. Port forwarding is another mechanism through which you can you can allow the communication from outside network within the local area network, through the firewall and the router. In the port forwarding concept, you do not create a separate DMZ, rather, you specify exactly on which particular port of this particular device or this particular device the communication needs to happen. What is a port? Any machine which is there in the network talks to different machines to different ports. So take, for example, whenever you hit a website on the browser, by default, it goes to the web server default port, which is port 80. You hit a tomcat server, it goes to default 8080, if you want to connect to an Oracle database, the default port is 1521, for every application you need a port to communicate. So suppose this particular device wants to talk to this particular device. Then in this device, there can be a designated port for which this communication can be allowed, so that can go into the firewall rules and it can be written that whenever this particular device sends a request to this particular device within the local area network on specific port 80, then this particular communication should be allowed without stopping anything. So this is the concept of port forward. So just to summarize, we understood the local area network. We understood what is an IP, what is a switch, how these talk to each other. Then we also understood what is a router, what is a gateway. We also understand how we use subnet to identify whether a device sits within the network or is actually from outside the network. Then we moved on to the wider area network. We understood how firewall works, how how DMZ and port forwarding are the two mechanisms with which we can allow external traffic into the internal network. We also understood how network address translation helps. So friends, I hope you liked this video and now you understand these concepts in a in a better way. Please go and subscribe to my channel and hit the bell icon. Please Like and Share this video as much as possible and help us grow this community further. Thank you so much and keep hustling.