That was very good explanation! I'm network engineer so it was easy for me to understand but even someone who doesn't have that expertise should have gotten a rough idea of what's going on.
whoops-- i thought i mentioned BGP as a path vector protocol. in fact, there are two link-state protocols in common use that i know of: OSPF and IS-IS. (i think i did say that, but it hit the cutting room floor :) EIGRP and RIP are distance vector rather than path vector protocols. (we could've gone into that as well, but it already seemed plenty long enough!)
Richard Mortier Dammit you're right, distance vector, not path vector. And does anybody use IS-IS? I've only encountered OSPF, perhaps because IS-IS is a layer 2 protocol and there is a move towards layer 3 routing in the distribution layer switches. (Or maybe because I never see the ISP side of things). Anyway, nice walk through, though I think I'd have been lost without a CCNA, CCNP background.
trefod thanks! back in 2001/2 when i spent 6 months at Sprint's IP research group, i wrote code to monitor their IP backbone routing protocols (github.com/mor1/pyrt) -- they used IS-IS then and i believe they still do (though no doubt someone will correct me if i'm wrong :) it was pretty interesting -- though IS-IS was updated to carry IP prefix information (RFC1195), it still runs over CLNP so i got to see bits of both. (if you're really interested, we used the data we collected to analyse the reliability characteristics of their backbone -- see www.cs.nott.ac.uk/~rmm/papers/pdf/imw02-linkfailures.pdf for the results :)
The way I understand it in the UK is a "rowt" vowel sound is used when something is drilled like a hole using a "rowter" (router). Things like network connections that define the route use the "root" vowel sound, because my network router does not drill anything. So that is the simple way of differentiating between drilling a hole or driving along a road to somewhere.
At this point, for the consumer / prosumer level, what's the difference between a switch and router? At the Enterprise level, I know and there's dedicated hardware to make the latency so insanely low on the switch but for everything else, say for a homelab, with software, can't you have a whitebox do both?
You guys did another video on how an attack could take down the internet. Sounds like a BGP attack could do even worse damage or reroute everyone to your store 😁 Curious if any hackers have used BGP to much things up or profit?
Dunno if you got a reply to this, but: There have definitely been cases of nation state-level actors causing "funny" routing to happen so they can conduct surveillance on a target, and also of criminal organizations rerouting traffic for dodgy purposes. I don't have any citations handy, but it shouldn't be too difficult to rustle some up with some Googling.
So when trying to match the destination address to the longest matching prefix in the routing table, what algorithm is used? I thought it just had the prefixes in a topological order such that when you can do linear search and do find a match, it is definitively the longest matching prefix.
I seem to remember from my networking class that the prefix's are sorted according to length in descending order such that the first match is the correct match.
You'll notice the prefixes also contain a slash, followed by a number. That number is the key. It tells you how many bits long is the prefix. For IPv4, where the addresses are 32 bits, what happens is: 1. Start off with the assumption that the matching prefix is 32 bits long. 2. Are there any prefixes this long in the table? 3. If so, get the one that matches it. 4. If not, assume the prefix is one bit less, and go back to step 2, unless you've already checked 0 bits, and there's no match. 5. If there's no match even in 0 bits, drop the packet (since it's destination is unknown). Now... Many modern routers also go one level deeper, in that they allow you to have the same length prefix defined multiple times, once for each interface, thus allowing you to reduce the overall load on the network - you send one packet on one interface, and the next on another, thus allowing the two other routers to process more packets (i.e. not just yours). EDIT: It's important to note that for the sake of optimization, many routers "sort" the table in advance, upon creation/modification, and merely check records in it in a single complete pass.
boenrobot Tyranisaur As long as routers _behave_ in the way described in the video they can interoperate, so they're free to _implement_ that behavior any way they choose. I'm sure different routers do it slightly differently. The thing that jumps immediately to mind is building a bitwise trie (prefix tree). When you reach a terminal state in a search of the trie, that nodes is necessarily the longest prefix for the search parameter (IP address, in this case). This would make runtime independent of the number of addresses stored in the trie. However, it's possible they have something tricky they can do with hashing that provides an even faster implementation. It's also worth bearing in mind that routers aren't (normally) general purpose PCs, and the big routers in particular are highly specialized machines. That means that they may include hardware specifically designed to accelerate the operations needed to do forwarding table lookups.
So if a router has to hold a table of 4 billion possible entries for IPV4 would all routers have to be updated to handle the 3.4×10^38 possible entries for IPV6?
It depends on what role you play on the internet. If you had two ISPs connected to your home router you could simply insert routing table entries manually pointing a specific route at one of the two interfaces connected to those ISPs. If you're an ISP you can decrease or increase BGP local preference, or manipulate other metrics BGP uses for best path calculation, to manipulate which route is chosen as best. The key takeaway here is that you can only manipulate the routing decisions that happen within your own network. You can never arbitrarily choose what path a packet should take, only what the next "hop" for that packet will be.
I expect there's quite a few fellow Australians snickering through the whole video. In Australian English "route" and "root" are pronounced the same, but "router" is pronounced "row-ta" regardless of whether you're talking about woodworking or computing, and "routing" is pronounced "row-ting".
So when a new router is installed, does it first run a shortest-path algorithm itself or get information from routers close to it to understand where it is on the network?
It and the routers it would talk to have to be configured. OSPF will not communicate with an arbitrary router; in fact there is a lot of configuration that needs to be identical for neighbour relationships to form (even Hello timers), not to mention encrypted authentication. Why? Because otherwise, you could simply connect a rogue router with a bunch of extremely-specific addresses that point to nowhere and flood a network with garbage routes in no time. Worse, the infiltrator would have ALL the information about ALL the networks and endpoints known by the corresponding OSPF process (in short, the routing table)!
When you take a new router out of the box and plug it in, it immediately does absolutely nothing at all. You have to tell it about your network. That is, what interfaces you want to use, what networks those interfaces are responsible for, and how it should advertise what it knows to the other routers. If you plug in your "router" you bought from your local consumer store, it politely asks your isp where it should send all of the packets not relevant to it's subnet. I have no idea how they did a video on routing without even mentioning gateway of last resort. What they failed to mention about the routing table is that routers are usually configured with "and if you reach the end of your routing list, send it here, it's not your problem anymore." That's known as the gateway of last resort, or simply, gateway. Every network device on network maintains a routing table, if you want to see the one for your computer running windows, open a command window and type route print -4. What your computer does when you type a web address into your browser is check that ip against it's list, running down until it finds a match, then, when it hits the last one it goes "aha! here's where I send this" and off it goes. Then your home router takes a look at it and checks it against it's routing table, finds it doesn't have any idea where it goes, and sends it up to your ISP. That's where the magic of routing protocols really happen.
^ A couple of errors: 1. A router doesn't have to have a default route, it can simply discard packets it doesn't have a matching route for. In fact this is the recommended practice; using default routes or default gateways are only common in consumer environments. In fact, this is the primary difference between a router and a switch: while the latter is designed to broadcast a frame for an unknown destination, the former is designed to drop packets that aren't a match. 2. "Every device on a network maintains a routing table" - not true. Only Layer 3 devices that participate in routing & forwarding do. For example, (L2) switches do not contain a routing table (most switches these days are L3 capable, for line-rate routing between VLANs and other purposes). 3. The computer doesn't have an exhaustive list of all IPs on the internet - that's equivalent to running full BGP on a desktop machine! Theoretically it has a hosts file, but this isn't really used in practice any more; the OS just sends a DNS request out: the router forwards it without caring. Once the DNS response is back, the OS can then initiate a connection with a specific IP address: the router again forwards it without regard for what it is for. From a consumer-grade router's perspective, it doesn't know which end is the "ISP", it's just got two interfaces with two IP addresses, possibly one public. It simply maintains its own routing table between these two.
Karn Kaul I'm trying to understand the relation between routing tables and the link state protocol. Where the actual search in the routing tables comes in? It feels like two different ways of solving the problem of "where to send". When the router receives a packet, it'll then get the match with the highest subnet mask or it'll apply the link-state protocol? I might be a little confused here, so i'd appreciate your answer!
Karn Kaul Network device. Please tell me what layer 3 is called in the OSI Model. Whats that? It's called the Network Layer? Well then, guess it wasn't an error so much as semantics. I'll say it again, this time being perfectly clear. Every Layer 3 device on the network maintains a routing table. Full Stop. If you don't believe me, check it yourself. In the Windows Command Line: route print -4 Hosts file doesn't even play into this. That's DNS, you are jumping around the model. DNS is at the application layer. Remember, if you can interact with it with human language, it's an application. From a consumer grade router's perspective, it knows exactly which end is the ISP. It's the end with the default gateway. GOLR is the route it uses for networks not under it's responsibility. Grossly oversimplifying it, the side it NAT/PATs over is the ISP. If we are talking pure routing, in the perfect beautiful world that doesn't exist, you would be correct in saying it doesn't know which side is the ISP. We don't live in that world.
If you are doing a CCNA when he says prefixes he means subnets. He does not define prefixes. These describes how many networks are seen within the range rather than how many IPs are in the range. Eg there are x prefixes of subnet y bytes . Should have put RFC but google CIDR and VLSM with rfc.
So, why is it that connecting to UA-cam straight from my ISP is buggy (videos will stop streaming or flat out crash), but going through a longer, more complex route (VPN), it works just fine? My best guess was that the way UA-cam streams makes something along the regular path think it's done sending, so it gets dropped, but I don't know much of anything about networking.
ISP's etc can cache UA-cam videos. It's part of UA-cam's system to reduce strain on the internet and their network. But ISP's being ISP's they can mess it up and are somewhat prone to failures. There are ways to disable it and avoid your ISP without a VPN. Look up some browser extensions.
Richard Smith I'm pretty sure it's finally been ruled illegal, here in the states, to force companies to pay more for bandwidth. And it does irritate me when that happens, thus the VPN (one of many reasons I got it). Of course, either way I know that it's not UA-cam now, so thanks for your reply!
Dykam Not the caching, the throttling. Pretty sure a court ruled that Comcast's requirement for Netflix to pay for equal priority on pipes was unlawful, setting the legal precedent. Of course, I don't use Comcast, but it shouldn't take much more for it to be considered unlawful to extort companies in such a way (assuming this common carrier thing ever gets concluded).
how do they descide the shortest path, do they have extra information on the distance to other routers?...as i'm writing this i just realized they probably use pinging and use the time as distance or something like that to determine the shortest path. is this reason even close?
nothing so dynamic since the ARPANET days-- the way i illustrated it made it look like hop counts (ie, every link "costs" the same amount). in practice, links are actually assigned integer weights when the routers are configured, and those give the costs. (the weight for a link may well be initially set based on some combination of the delay and capacity of the link though, and then subsequently tweaked to get the traffic flowing in your network how you want.)
We had an issue in 2012, where a router from the ISP Dodo sent every route it knew to the upstream Telstra router which then decided that the Dodo router we the best path for most internet traffic, slowing the internet through most of Australia.
That's the way it's supposed to be. Though I fear people used to the natural firewall effect NAT has and forget to set up an appropriate firewall. IPv6 has unroutable addresses as well, so that's not exactly the case.
5:09 but thats just the same as looking up almost the entire IP address no? in the example hes just leaving out the last byte? if the router is looking up the longest prefix, isnt it basically looking up the entire IP address (out of the 4 billion table?)? how is this the 'more efficient' method?
(row´ter) (n.) A router is a device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Routers are located at gateways, the places where two or more networks connect. Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.
I guess the British pronunciation makes sense because it finds a rout. But now that I think about it, I think in the US rout (as in a path) can actually be pronounced either way.
Does anyone know why UA-cam has been so slow lately?? Here in Florida I get about 90 Mbps down and 10 Mbps up via Ethernet. i have tried clearing history in Firefox but that doesn't work. Chrome does the same. the loading bar in the UA-cam video just stops and the video starts buffering. is it just me?
bulldogg110 Because UA-cam competes with Comcast's own cable services. It's very unlikely it's UA-cam, UA-cam has no idea whether you are using a VPN or not. You probably connect to the VPN, which is fine for Comcast, and then the VPN connects to UA-cam, on their own non-comast ISP.
I don't connect to a virtual private network. switching DNS servers wouldn't work either. meh, its probably me, but UA-cam is known to go under maintenance often.
bulldogg110 Ah sorry, I had a conversation about this earlier last week and I guessed I mixed up the conversations. I never have any issues with UA-cam, and I'm on here *a lot*.
I'm still baffled by the idead of the X11 server and it's future. I'd love an explanation on common Linux/Unix components (cups, modules, X11) if you ever run out of ideas.
Wait, so the English says "rooter", how do they pronounce "route"? If it's "root" then how do they distinguish between "root" and "route"? That bit at the beginning was pointless.
The two "UA-cam" networks should have been *192.168.0.0/17* and 192.168.128.0/17, not 192.168.127.0/17 and 192.168.128.0/17. 192.168.127.0/17 is technically 192.168.127-254.0-255, whereas 192.168.0.0/17 is 192.168.0-127.0-255. 192.168.128.0/17 would then take the top half of the /16 subnet with 192.168.128-255.0-255
192.168.127.0/17 is 192.168.0-127.0-255, i.e., the same as 192.168.0.0/17. (127d = 0111 1111 b) The reason the latter prefix notation is "better" is that, by convention, any bits that are not part of the prefix are made 0. However, they both indicate the same range of IP addresses.
Yes, if you're talking about strict CIDR subnet notation, 192.168.127.0/17 does technically indicate the lower half of the subnet, but it's sloppy notation because it's a random address in the middle of the subnet and not the actual network address, which is 192.168.0.0/17. The way he wrote it is no different than 192.168.43.177/17. However, many devices don't automatically calculate the network address, and they will throw an error if you try to plug in 192.168.127.0/17. Some will also assume a range by calculating how many hosts can be in the given subnet mask and add that to your input, therefore 192.168.127-254.
root is singular. route is plural. so "rooter" is incorrect. root have many routes... there 4 its a router! (as in many root's) and if your and aussie like me.. "rooter" is one who has a great time (alot) ;)
Call me nuts but did he illustrate with a private address space??? 192.168.x.y is a network space you see a lot behind NAT routers. edit, nevermind, he admitted it when he explained.
Yes, but IANA has several "private" blocks, some of which are supposed to be used for for documentation (and by extension, examples like this one). tools.ietf.org/html/rfc5737 So with a little studying, the presenter could have used those instead. A lot of people know the 10/8, 172.16/12, and 192.168/16 prefixes, whilst the other ones like 192.0.2.0/24 are not talked about as often.
+Jim Fortune Yes, I think they really should do a subnetting video. It's what TCP/IP relies on and people may well have come across it as part of their IP address on their computer. It's certainly been seen by the average user far more than BGP, RIP or OSPF will have been. It's neat how it works.
Wow, that seems like it could have been an enormous security risk (and perhaps still is). Imagine if that Pakistani network wasn't trying to block UA-cam, but instead redirected requests to a site they built to be identical to UA-cam, and which prompted users to update their flash player. Users thinking they were on UA-cam would download and run a file with much less fear of malicious software being installed. Even if it only happened for a moment, it could affect thousands of people.
...except noone but Google has UA-cam's private TLS key. Therefore browsers all over the world would warn their users, hey, you're not actually connecting to UA-cam like you thought you were. The digital signature isn't right. But they could execute a wicked DoS as the video and you propose. The security in the Border Gateway Protocol (BGP) is fairly lax and depends on peers trusting each other. There are also filter mechanisms to prevent propagation of false routes. If for example I've been delegated two netblocks, say 24.48.72/24 and 24.48.96/24, and I advertise I can handle traffic for 128.205/16 (SUNY at Buffalo), my peers (probably one or two ISPs) can disallow propagation of that, or any prefixes other than the ones they know can be reached through me. I might do that to set up load balancing, overflow traffic, or redundancy in case of link failure. In practice though, no IPv4 prefixes longer than /19 are propagated via BGP, according to ISP policy...so those example network prefixes above are too long (for BGP).
0:35 My man predicted the future.
"All this has happened before, and all this will happen again." So say we all. The great Facebook outage of 2021.
Excellent video, I love when they're about real topics not just theory.
This is mindblowing! And here I am, shouting at my router when the internet is slow. I had no idea :(
"...rooting is something completely different in Australia"
na ye... ye.
??
That was very good explanation! I'm network engineer so it was easy for me to understand but even someone who doesn't have that expertise should have gotten a rough idea of what's going on.
ok?
I just love you guys! I understood more in 14 minutes than i did in 4 hours in university. The BGP Problems were covered so simple but perfectly.
I love this channel. Has such good quality informative videos!
Hoping to see some more computer network videos the next few days, they're my favourite!
Is anyone else imagining a bunch of guys sitting in a room shouting "hello" at one another?
Is it me you're looking for?
LuciferDeathbringer I can see it in your eyes, I can see it in your smile.
***** You're all I've ever wanted, And my arms are open wide
No, noone else.
BGP is a path vector protocol. There are similar protocols in private networks, like Eigrp and Ripv2. The link state protocol is called OSPF.
whoops-- i thought i mentioned BGP as a path vector protocol. in fact, there are two link-state protocols in common use that i know of: OSPF and IS-IS. (i think i did say that, but it hit the cutting room floor :)
EIGRP and RIP are distance vector rather than path vector protocols. (we could've gone into that as well, but it already seemed plenty long enough!)
Richard Mortier Dammit you're right, distance vector, not path vector. And does anybody use IS-IS? I've only encountered OSPF, perhaps because IS-IS is a layer 2 protocol and there is a move towards layer 3 routing in the distribution layer switches. (Or maybe because I never see the ISP side of things).
Anyway, nice walk through, though I think I'd have been lost without a CCNA, CCNP background.
trefod thanks! back in 2001/2 when i spent 6 months at Sprint's IP research group, i wrote code to monitor their IP backbone routing protocols (github.com/mor1/pyrt) -- they used IS-IS then and i believe they still do (though no doubt someone will correct me if i'm wrong :) it was pretty interesting -- though IS-IS was updated to carry IP prefix information (RFC1195), it still runs over CLNP so i got to see bits of both. (if you're really interested, we used the data we collected to analyse the reliability characteristics of their backbone -- see www.cs.nott.ac.uk/~rmm/papers/pdf/imw02-linkfailures.pdf for the results :)
trefod Yes, some organisations use IS-IS - it's the routing protocol of the OSI model (most of the world and internet follows the TCP/IP model).
Well explained,clear and concise - Thanks Dr Richard Mortier
finally some insight about how internet works! great job! should do more videos about internet
Strange how the famous American song Route 66 is sung in the British way!
+EgoShredder It is actually pronounced either way in America.
The way I understand it in the UK is a "rowt" vowel sound is used when something is drilled like a hole using a "rowter" (router). Things like network connections that define the route use the "root" vowel sound, because my network router does not drill anything. So that is the simple way of differentiating between drilling a hole or driving along a road to somewhere.
Inventors of the web, the internet and the hardware and those who teach it like sir on the vidoe- they are geniuses. Humankind is truly smart:-)
Excellent, concise description, thanks.
Could you explain how internet server providers work?
Keep up the good work!
Really interesting, I'd love to hear more on this! I found it to be just the right level of detail :)
I hope I live to see the day when BGP has been replaced by something safer…
Great vid. Thanks for making this.
At this point, for the consumer / prosumer level, what's the difference between a switch and router? At the Enterprise level, I know and there's dedicated hardware to make the latency so insanely low on the switch but for everything else, say for a homelab, with software, can't you have a whitebox do both?
Can you do a video on subnetting please?!
You guys did another video on how an attack could take down the internet. Sounds like a BGP attack could do even worse damage or reroute everyone to your store 😁 Curious if any hackers have used BGP to much things up or profit?
Dunno if you got a reply to this, but: There have definitely been cases of nation state-level actors causing "funny" routing to happen so they can conduct surveillance on a target, and also of criminal organizations rerouting traffic for dodgy purposes. I don't have any citations handy, but it shouldn't be too difficult to rustle some up with some Googling.
>want more visits to your store
>do BGP attack to reroute everyone to your store
>realise you just DDoSed your store
Egypt did it during the Arab Spring. They forced providers to reconfigure BGP. Much of the country could not interact on the internet.
false.
Its about time we get a new TCP stack with built in encryption!
Hi, can you make a video on subnetting?
I learned something new today.. thank you for this video
I wonder who control routers configuration? ISPs? Are they well protected?
So when trying to match the destination address to the longest matching prefix in the routing table, what algorithm is used? I thought it just had the prefixes in a topological order such that when you can do linear search and do find a match, it is definitively the longest matching prefix.
I seem to remember from my networking class that the prefix's are sorted according to length in descending order such that the first match is the correct match.
You'll notice the prefixes also contain a slash, followed by a number. That number is the key. It tells you how many bits long is the prefix.
For IPv4, where the addresses are 32 bits, what happens is:
1. Start off with the assumption that the matching prefix is 32 bits long.
2. Are there any prefixes this long in the table?
3. If so, get the one that matches it.
4. If not, assume the prefix is one bit less, and go back to step 2, unless you've already checked 0 bits, and there's no match.
5. If there's no match even in 0 bits, drop the packet (since it's destination is unknown).
Now... Many modern routers also go one level deeper, in that they allow you to have the same length prefix defined multiple times, once for each interface, thus allowing you to reduce the overall load on the network - you send one packet on one interface, and the next on another, thus allowing the two other routers to process more packets (i.e. not just yours).
EDIT: It's important to note that for the sake of optimization, many routers "sort" the table in advance, upon creation/modification, and merely check records in it in a single complete pass.
boenrobot Tyranisaur As long as routers _behave_ in the way described in the video they can interoperate, so they're free to _implement_ that behavior any way they choose. I'm sure different routers do it slightly differently.
The thing that jumps immediately to mind is building a bitwise trie (prefix tree). When you reach a terminal state in a search of the trie, that nodes is necessarily the longest prefix for the search parameter (IP address, in this case). This would make runtime independent of the number of addresses stored in the trie.
However, it's possible they have something tricky they can do with hashing that provides an even faster implementation.
It's also worth bearing in mind that routers aren't (normally) general purpose PCs, and the big routers in particular are highly specialized machines. That means that they may include hardware specifically designed to accelerate the operations needed to do forwarding table lookups.
So if a router has to hold a table of 4 billion possible entries for IPV4 would all routers have to be updated to handle the 3.4×10^38 possible entries for IPV6?
Is it possible to specify preferred route when sending network packet? Or better force it to travel specific route.
It depends on what role you play on the internet. If you had two ISPs connected to your home router you could simply insert routing table entries manually pointing a specific route at one of the two interfaces connected to those ISPs. If you're an ISP you can decrease or increase BGP local preference, or manipulate other metrics BGP uses for best path calculation, to manipulate which route is chosen as best.
The key takeaway here is that you can only manipulate the routing decisions that happen within your own network. You can never arbitrarily choose what path a packet should take, only what the next "hop" for that packet will be.
Very simple and understandable! Cheers :)
Dr Mortier you are a magician
Didn't start numbering from 0, unsubbed!
JK, I love this channel.
0 indexing is as God intended.
??
I expect there's quite a few fellow Australians snickering through the whole video.
In Australian English "route" and "root" are pronounced the same, but "router" is pronounced "row-ta" regardless of whether you're talking about woodworking or computing, and "routing" is pronounced "row-ting".
this dude is fucking awesome
Does LSR protocols like e.g. OSPF not promise loop free routing, I thought ?
so is there a way to make an map of every computer and router if you get acces to that database?
I'm not sure but maybe this is what you're looking for? internet-map.net/
I'm curious about the shortest path algorithm.
Great video!
I wish there were subtitles on all of these vids
So when a new router is installed, does it first run a shortest-path algorithm itself or get information from routers close to it to understand where it is on the network?
It and the routers it would talk to have to be configured. OSPF will not communicate with an arbitrary router; in fact there is a lot of configuration that needs to be identical for neighbour relationships to form (even Hello timers), not to mention encrypted authentication. Why? Because otherwise, you could simply connect a rogue router with a bunch of extremely-specific addresses that point to nowhere and flood a network with garbage routes in no time. Worse, the infiltrator would have ALL the information about ALL the networks and endpoints known by the corresponding OSPF process (in short, the routing table)!
When you take a new router out of the box and plug it in, it immediately does absolutely nothing at all. You have to tell it about your network. That is, what interfaces you want to use, what networks those interfaces are responsible for, and how it should advertise what it knows to the other routers.
If you plug in your "router" you bought from your local consumer store, it politely asks your isp where it should send all of the packets not relevant to it's subnet.
I have no idea how they did a video on routing without even mentioning gateway of last resort.
What they failed to mention about the routing table is that routers are usually configured with "and if you reach the end of your routing list, send it here, it's not your problem anymore." That's known as the gateway of last resort, or simply, gateway.
Every network device on network maintains a routing table, if you want to see the one for your computer running windows, open a command window and type route print -4.
What your computer does when you type a web address into your browser is check that ip against it's list, running down until it finds a match, then, when it hits the last one it goes "aha! here's where I send this" and off it goes. Then your home router takes a look at it and checks it against it's routing table, finds it doesn't have any idea where it goes, and sends it up to your ISP. That's where the magic of routing protocols really happen.
^ A couple of errors:
1. A router doesn't have to have a default route, it can simply discard packets it doesn't have a matching route for. In fact this is the recommended practice; using default routes or default gateways are only common in consumer environments.
In fact, this is the primary difference between a router and a switch: while the latter is designed to broadcast a frame for an unknown destination, the former is designed to drop packets that aren't a match.
2. "Every device on a network maintains a routing table" - not true. Only Layer 3 devices that participate in routing & forwarding do. For example, (L2) switches do not contain a routing table (most switches these days are L3 capable, for line-rate routing between VLANs and other purposes).
3. The computer doesn't have an exhaustive list of all IPs on the internet - that's equivalent to running full BGP on a desktop machine! Theoretically it has a hosts file, but this isn't really used in practice any more; the OS just sends a DNS request out: the router forwards it without caring. Once the DNS response is back, the OS can then initiate a connection with a specific IP address: the router again forwards it without regard for what it is for.
From a consumer-grade router's perspective, it doesn't know which end is the "ISP", it's just got two interfaces with two IP addresses, possibly one public. It simply maintains its own routing table between these two.
Karn Kaul I'm trying to understand the relation between routing tables and the link state protocol. Where the actual search in the routing tables comes in? It feels like two different ways of solving the problem of "where to send". When the router receives a packet, it'll then get the match with the highest subnet mask or it'll apply the link-state protocol? I might be a little confused here, so i'd appreciate your answer!
Karn Kaul Network device. Please tell me what layer 3 is called in the OSI Model.
Whats that? It's called the Network Layer?
Well then, guess it wasn't an error so much as semantics. I'll say it again, this time being perfectly clear.
Every Layer 3 device on the network maintains a routing table. Full Stop.
If you don't believe me, check it yourself. In the Windows Command Line: route print -4 Hosts file doesn't even play into this. That's DNS, you are jumping around the model. DNS is at the application layer. Remember, if you can interact with it with human language, it's an application.
From a consumer grade router's perspective, it knows exactly which end is the ISP. It's the end with the default gateway. GOLR is the route it uses for networks not under it's responsibility. Grossly oversimplifying it, the side it NAT/PATs over is the ISP. If we are talking pure routing, in the perfect beautiful world that doesn't exist, you would be correct in saying it doesn't know which side is the ISP. We don't live in that world.
In the example table at 5:26, is a computer smart enough to know "Oh, the two that it could match both go the same way, let's send it that way"?
Is this the basis of how proxy servers work? In terms of BGP?
No, not really. Proxying is another topic unto itself, and forced proxying even more advanced than that.
I took Networking is high school and Video is really Bringing about Memories.
If you are doing a CCNA when he says prefixes he means subnets. He does not define prefixes. These describes how many networks are seen within the range rather than how many IPs are in the range. Eg there are x prefixes of subnet y bytes . Should have put RFC but google CIDR and VLSM with rfc.
So, why is it that connecting to UA-cam straight from my ISP is buggy (videos will stop streaming or flat out crash), but going through a longer, more complex route (VPN), it works just fine?
My best guess was that the way UA-cam streams makes something along the regular path think it's done sending, so it gets dropped, but I don't know much of anything about networking.
ISP's etc can cache UA-cam videos. It's part of UA-cam's system to reduce strain on the internet and their network. But ISP's being ISP's they can mess it up and are somewhat prone to failures.
There are ways to disable it and avoid your ISP without a VPN. Look up some browser extensions.
Dykam
Alright, thanks! It's not something that only happens with UA-cam, so that will definitely be of help.
Richard Smith
I'm pretty sure it's finally been ruled illegal, here in the states, to force companies to pay more for bandwidth. And it does irritate me when that happens, thus the VPN (one of many reasons I got it). Of course, either way I know that it's not UA-cam now, so thanks for your reply!
ssholum The caching isn't illegal (it is in cooperation with UA-cam), and AFAIK the practice of capping I think still is legal.
Dykam
Not the caching, the throttling. Pretty sure a court ruled that Comcast's requirement for Netflix to pay for equal priority on pipes was unlawful, setting the legal precedent. Of course, I don't use Comcast, but it shouldn't take much more for it to be considered unlawful to extort companies in such a way (assuming this common carrier thing ever gets concluded).
how do they descide the shortest path, do they have extra information on the distance to other routers?...as i'm writing this i just realized they probably use pinging and use the time as distance or something like that to determine the shortest path. is this reason even close?
nothing so dynamic since the ARPANET days-- the way i illustrated it made it look like hop counts (ie, every link "costs" the same amount). in practice, links are actually assigned integer weights when the routers are configured, and those give the costs. (the weight for a link may well be initially set based on some combination of the delay and capacity of the link though, and then subsequently tweaked to get the traffic flowing in your network how you want.)
Surprised that the first ever router virus/network crash wasn't mentioned
We had an issue in 2012, where a router from the ISP Dodo sent every route it knew to the upstream Telstra router which then decided that the Dodo router we the best path for most internet traffic, slowing the internet through most of Australia.
Why does my router keep discontentng re connects runs fine for a while then disconnects again red lights orange lights flashing
Remember the time when every PC was connected directly to the internet? You could almost ping any ip in the world :O
This is still the case with IPv6.
That's the way it's supposed to be. Though I fear people used to the natural firewall effect NAT has and forget to set up an appropriate firewall. IPv6 has unroutable addresses as well, so that's not exactly the case.
Mostlyharmless1985
While that is true, in general you can. There have always been exceptions.
what does router mean in Australia??
rooter* to give someone a root... shag... sex.
Rooting is sex. It just sounds the same.
www.google.com/
In Australian slang to "root" means to have sex (similar to the word "f***").
oh, of course
Roto-rooter?
5:09 but thats just the same as looking up almost the entire IP address no? in the example hes just leaving out the last byte? if the router is looking up the longest prefix, isnt it basically looking up the entire IP address (out of the 4 billion table?)? how is this the 'more efficient' method?
Can you guys do a video about IP addresses and subnet masks.
Nice info!
Whats a rooter
?
(row´ter) (n.) A router is a device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Routers are located at gateways, the places where two or more networks connect.
Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts.
Someone who has sex, or obtains privileges on a a unix or linux system. This video however is about routers.
Very interesting.
so theoratically you could disrupt the whole internet with one network?
I guess the British pronunciation makes sense because it finds a rout. But now that I think about it, I think in the US rout (as in a path) can actually be pronounced either way.
10:39 Packet! He said Packet.
That's astounding! So ISPs just built/own the rights to a bunch of regional subnets? Mind Blown.
Ha! Ha! Their routes were rooted! (Not as in rootkit.)
At the very begining.. Yea, in Australia we use American pronunciation, and yes.. rooting is something very different....... very :P
Very
Does anyone know why UA-cam has been so slow lately?? Here in Florida I get about 90 Mbps down and 10 Mbps up via Ethernet. i have tried clearing history in Firefox but that doesn't work. Chrome does the same. the loading bar in the UA-cam video just stops and the video starts buffering. is it just me?
Might be throttled by your ISP.
Comcast wouldn't care to throttle that. i think its UA-cam. plus why would my ISP throttle UA-cam and not other sites?
bulldogg110
Because UA-cam competes with Comcast's own cable services. It's very unlikely it's UA-cam, UA-cam has no idea whether you are using a VPN or not.
You probably connect to the VPN, which is fine for Comcast, and then the VPN connects to UA-cam, on their own non-comast ISP.
I don't connect to a virtual private network. switching DNS servers wouldn't work either. meh, its probably me, but UA-cam is known to go under maintenance often.
bulldogg110
Ah sorry, I had a conversation about this earlier last week and I guessed I mixed up the conversations. I never have any issues with UA-cam, and I'm on here *a lot*.
no no no, Roots are what hold trees in the ground.
??
I'm still baffled by the idead of the X11 server and it's future. I'd love an explanation on common Linux/Unix components (cups, modules, X11) if you ever run out of ideas.
FEARbraveheart What do you find baffling about X11?
It's router, not router, god damn it.
So which one is it?
Frostbite1003 The one over yonder, god damn it.
My whole town actually had an internet outag
A "rooter" sounds like a utility for gaining root access.
The noise of this pen is dreadful…😵💫 The explanation however is great.
Wait, so the English says "rooter", how do they pronounce "route"? If it's "root" then how do they distinguish between "root" and "route"?
That bit at the beginning was pointless.
context?
The same way Americans can differentiate between rout and route - context. In fact, rooter is also a common American pronunciation as well.
Very interesting
The two "UA-cam" networks should have been *192.168.0.0/17* and 192.168.128.0/17, not 192.168.127.0/17 and 192.168.128.0/17.
192.168.127.0/17 is technically 192.168.127-254.0-255, whereas 192.168.0.0/17 is 192.168.0-127.0-255. 192.168.128.0/17 would then take the top half of the /16 subnet with 192.168.128-255.0-255
192.168.127.0/17 is 192.168.0-127.0-255, i.e., the same as 192.168.0.0/17. (127d = 0111 1111 b) The reason the latter prefix notation is "better" is that, by convention, any bits that are not part of the prefix are made 0. However, they both indicate the same range of IP addresses.
Why, the 17th bit is the first bit of 127 = 0 and 128 = 1, and we only look at the 17th bit. How could one bit have three different states?
Right. The 17th bit of 192.168.127.0/17 is 0, and the 17th bit of 192.168.0.0/17 is also 0. Therefore, they are the same prefix.
Yes, if you're talking about strict CIDR subnet notation, 192.168.127.0/17 does technically indicate the lower half of the subnet, but it's sloppy notation because it's a random address in the middle of the subnet and not the actual network address, which is 192.168.0.0/17. The way he wrote it is no different than 192.168.43.177/17.
However, many devices don't automatically calculate the network address, and they will throw an error if you try to plug in 192.168.127.0/17. Some will also assume a range by calculating how many hosts can be in the given subnet mask and add that to your input, therefore 192.168.127-254.
Thought that's what I said. :)
rooter means something different in australia Hell yeah,
root is singular. route is plural. so "rooter" is incorrect. root have many routes... there 4 its a router! (as in many root's) and if your and aussie like me.. "rooter" is one who has a great time (alot) ;)
I think TOR would make an interesting video.
was it youtube that was banning Pakistan from viewing their site? or was it Pakistan trying to block youtube in Pakistan that caused this problem?
amigojapan It was Pakistan trying to block UA-cam in Pakistan.
Kasper Guldmann this seems like a terrible vulnerability that the internet may have against an attack from another country.... in virtual warfare....
ranker
arr the day the NSA installed there LAN Turtle
Yes, here it Australia that is definitely something different....
Call me nuts but did he illustrate with a private address space??? 192.168.x.y is a network space you see a lot behind NAT routers.
edit, nevermind, he admitted it when he explained.
Yes, but IANA has several "private" blocks, some of which are supposed to be used for for documentation (and by extension, examples like this one). tools.ietf.org/html/rfc5737 So with a little studying, the presenter could have used those instead. A lot of people know the 10/8, 172.16/12, and 192.168/16 prefixes, whilst the other ones like 192.0.2.0/24 are not talked about as often.
#7m0s The packets are called HELO packets not HELLO.
LOL, BGP messed up youtube access pretty bad!
i see MUX logic gate in a router system
EIGRP FTW!
Nice
After 1 year of Cisco certification classes and exams, I can conclude that about 30% of this is bs.
I've never seen a slash used in an IP address
Never mind. He explains about minute 10
en.wikipedia.org/wiki/Subnetwork
Thanks for the cite.
+Jim Fortune Yes, I think they really should do a subnetting video. It's what TCP/IP relies on and people may well have come across it as part of their IP address on their computer. It's certainly been seen by the average user far more than BGP, RIP or OSPF will have been. It's neat how it works.
nice.
THA ROOTER
:D
first rooter!
Why are you confused me so much straight at the beginning?! This is not how educational vids should be lol 😅
Farewell.
The "route" (root) of all evil is Pakistan!
Got the pun? :-)
So if I root my phone in Australia, am I a sexual deviant?
Please stop using permanent markers the sound they make is terrible! :(
Wow, that seems like it could have been an enormous security risk (and perhaps still is). Imagine if that Pakistani network wasn't trying to block UA-cam, but instead redirected requests to a site they built to be identical to UA-cam, and which prompted users to update their flash player. Users thinking they were on UA-cam would download and run a file with much less fear of malicious software being installed. Even if it only happened for a moment, it could affect thousands of people.
...except noone but Google has UA-cam's private TLS key. Therefore browsers all over the world would warn their users, hey, you're not actually connecting to UA-cam like you thought you were. The digital signature isn't right. But they could execute a wicked DoS as the video and you propose. The security in the Border Gateway Protocol (BGP) is fairly lax and depends on peers trusting each other. There are also filter mechanisms to prevent propagation of false routes. If for example I've been delegated two netblocks, say 24.48.72/24 and 24.48.96/24, and I advertise I can handle traffic for 128.205/16 (SUNY at Buffalo), my peers (probably one or two ISPs) can disallow propagation of that, or any prefixes other than the ones they know can be reached through me. I might do that to set up load balancing, overflow traffic, or redundancy in case of link failure.
In practice though, no IPv4 prefixes longer than /19 are propagated via BGP, according to ISP policy...so those example network prefixes above are too long (for BGP).
That's a very good point about the TLS key. Thanks for the info!
Please concider to swap the dampn marker/highlighter type of pens, can't watch these damn video....the NOISE!!!!