Video Transcript: What is a switch, router, gateway, subnet, gateway, firewall & DMZ

Hello, friends, first of all, thank you so much. We are now a family of 500 thank  you for all your support. Please keep growing this family. Today, in this video, we will understand some networking basics. After my previous video on Virtual  Private Network, many of you requested me to make a similar video on other  networking fundamentals. This particular video would cover all the networks  basics which we encounter in our daily lives. We probably use it, but we don't  know exactly what it does and how it works. So today we'll understand what is  an IP, what is a switch, what is a subnet? What is a router, Gateway, what is  firewall, DMZ, Port Forwarding and Tan. And we will cover this in two legs. First,  we will understand the component specific to a LAN, which is local area  network, and then we'll move on to Wan, which is a wide area network. And we'll understand this yet again with a very relatable example of a school. So let's get  started. Please subscribe to my channel and hit the bell icon. So friends, we will  do a side by side comparison between a LAN and a school wherever possible.  I'll try to correlate the concept so that you can easily understand so what is a  LAN? LAN is a local area network, which means that you will have a network, a  set of devices talking to each other within a limited range. The best example of a LAN is your home network, wherein you have several laptops, mobiles, your  printers connected to each other, and then you are also talking at the same time  to the outside world through internet, which we'll cover later. So what is an IP?  First of all, so an IP is a logical address to identify or locate your specific  machine on a local area network. So suppose, in this case, the laptop IP  address is 192.1, 68.10.20. This is a logical address and even any device which  wants to talk to this particular laptop can send a message to this particular IP  address, correlating that to a school. Suppose we have this particular school,  and this school boundary can be considered as a LAN. It is a local area within  which we have three different classes, class 10th, class, 11th and class 12th and we have various students within these classes. You can consider these students as different devices, like a laptop, a printer or a mobile. Every student in every  class has a unique role number with which he or she is identified. That particular roll number can be identified as an IP address. Moving on, the next concept is a  switch. What is a switch? So switch is a device which sits within your local area  network and helps you talk to various devices within your local area network  range. Suppose, if you want to print a copy of your file onto from a printer, then  you can simply send your request, and switch will identify that, okay, this request needs to go to this particular IP address, so switch specifically works within a  closed range of a local area network. So in in a school, if suppose a class 10th  student wants to go and meet a student of class 12th, he has to first go to this  tune, and he has to take permission and tell him that I want to talk to this  specific student. And this is his role number. And based on that, this tune will  pass on the message or allow this particular student to go and meet the student  of class 12th, so a tune can be correlated to a network switch. But what if 

student of this particular school wants to go and meet a student of a school next  to this particular school, but that school is outside the boundaries of this  particular school? In that case, this student has to go and meet the main  security guard here, which is there at the main gate, main security gate, and he  has to ask permission of this particular security guard, and only then he can go  and meet someone outside the school boundaries. So this is security guard. Is  nothing but a router. So a router is a network device which sits between our  local area network and the outside network, which is a wide area network. So  suppose our mobile wants to connect to the internet, then this mobile will send  request to the router, and then this router will connect to the outside internet. So  to draw some analogies, IP of any machine can be a roll number of any student.  A switch can be this tuned, and a router can be the main security guard, which  allows you to. Go outside, the outside your school, or go outside the network.  But the question arises, how a machine would know whether a machine sits  within the local area network or it is sitting somewhere outside the main local  network. How a machine can understand that? That can be done through yet  another concept, which is which is called as subnet. So subnet is called as a  sub network which sits within the local area network. And it is not an IP address.  It might look like an IP address, but it is not. It is a set of flags which defines the  overall range of a local area network. I'll tell you how. So suppose the IP  address of this particular laptop is 192.168.10.20, and the IP address of this  printer is 192.168.1.2 between these two sits the subnet. So subnet for this  particular local area network could be 255.255.0.0. What does this mean?  These are the flags. These two, 255 flags denotes that this particular local area  network has a fixed range of 190 2.168 so any device which falls within this  particular IP address range would potentially be the device in the local area  network. If suppose this particular IP address matches, then these two zeros  denotes the free range. There can be any number sitting in these last two  categories, because these are zeros. So it can be 1.2 or it can be the mobile  192.168 .25.30 so subnet decides your local area network range, and if you  want to correlate with a school example, then the roll number of one student and the roll number of another student can identify, we can identify whether they  belong to the same school. So a student of class 10th can have a roll number  like s1 which denote the school 10.15.5, and the roll number of the 12th student  could be s1.x.2.20.9, so what would be the subnet range for this you can  identify. So this would be 250, 5.0, dot 0.0, because we are only comparing this  first bit, if it matches with s1 with s1 that means that these two students are from the same school, and they can, you know, they can talk within this school  network. So to summarize, any network device potentially needs three things, IP, subnet and I and Gateway. Now you will now you will wonder, what is this  gateway? Gateway is nothing but the IP address of this router. So router and  Gateway are one and the same thing. The IP address of the router is actually 

called as the network gateway. So this IP address, along with this subnet and  this gateway, can pretty much talk to any other network, network device within  the LAN or outside the LAN. So hope I am clear on this concept. Now we will  

move on to the leg two of this video, wherein we'll understand some concepts on the wider area network. So let's start. So hope we are clear on leg one, which  covered the LAN concepts. Now we will move to the next leg, which will cover  some concepts related to router and wider area network. So let's start. So router has basically four core functionalities which it has to deliver as a gateway  device. First is Nat, which is network address translation. Second is DMZ, which is de militarized zone. Third is firewall and fourth is port forwarding. These are all interrelated. We'll understand how. So we now know that router is the gateway  through which a local area device can talk to a device outside the network but,  but what is network address translation? The name pretty much describes it. So  whatever request comes from the local area network device, the IP address of  this particular device is not exposed to the internet router changes this network  device address to a different address, which then goes on to the outside  network. As you can see, the IP addresses of these network devices outside the  local area network are different. These are all starts from 72 dot 63 where in our  subnet it starts from 192.168 that's why, whenever any device goes out. Side to  talk to another device via the router or the gateway, then that particular network  address gets translated. So a normal flow would be a device would go to the  router. Router will request that particular data from a device in the wide area  network, and then that would be sent back to the device. But what if a device  which is completely isolated somewhere in the network wants to talk directly to  this particular device in the local area network? That cannot happen. That's a  security risk. That's why the firewall comes into picture. Firewall is nothing but a  set of passive rules which are defined to enable the set standards of  communication between the internal and the external network. Through this  firewall, only a specific set of communications can happen, and these sort of ad  hoc request cannot. That's why, if you want to allow any sort of communication  through this firewall, what are the options you have? So you have two options,  you can either configure a DMZ or a port forwarding. We'll understand these two concepts quickly. What is a DMZ? DMZ is demilitarized zone. Demilitarized zone is a zone created within the local area network, wherein it has it is specified to  the router that whenever any ad hoc external network connection wants to try to  establish a connection with the local area network, you simply pass on that  connection to the DMZ. So if any request comes from an ad hoc device it is, it  comes to the router, and router simply send it to this demilitarized zone. And if  there is any device which is sitting here in the demilitarized zone, that device  can directly talk to the device outside the firewall. But then the security of this  particular DMZ and the device sitting with within this DMZ is the responsibility of  DMZ, or the device, to correlate DMZ with a school. Example, we can correlate 

it like this. Suppose a parent or a guest wants to meet certain student in the  school, he will come to this particular security guard and request for that  meeting. And if there is a DMZ setup here, it would be actually a kind of a  reception here. So what security guard can do, security guard can simply ask  this particular guest to go and wait in this particular reception so that the student can come here and meet the guest or the parent. Port forwarding is another  mechanism through which you can you can allow the communication from  outside network within the local area network, through the firewall and the  router. In the port forwarding concept, you do not create a separate DMZ, rather, you specify exactly on which particular port of this particular device or this  particular device the communication needs to happen. What is a port? Any  machine which is there in the network talks to different machines to different  ports. So take, for example, whenever you hit a website on the browser, by  default, it goes to the web server default port, which is port 80. You hit a tomcat  server, it goes to default 8080, if you want to connect to an Oracle database, the default port is 1521, for every application you need a port to communicate. So  suppose this particular device wants to talk to this particular device. Then in this  device, there can be a designated port for which this communication can be  allowed, so that can go into the firewall rules and it can be written that whenever this particular device sends a request to this particular device within the local  area network on specific port 80, then this particular communication should be  allowed without stopping anything. So this is the concept of port forward. So just to summarize, we understood the local area network. We understood what is an  IP, what is a switch, how these talk to each other. Then we also understood what is a router, what is a gateway. We also understand how we use subnet to  identify whether a device sits within the network or is actually from outside the  network. Then we moved on to the wider area network. We understood how  firewall works, how how DMZ and port forwarding are the two mechanisms with  which we can allow external traffic into the internal network. We also understood how network address translation helps. So friends, I hope you liked this video  and now you understand these concepts in a in a better way. Please go and  subscribe to my channel and hit the bell icon. Please Like and Share this video  as much as possible and help us grow this community further. Thank you so  much and keep hustling.