Can you explain what a "Network Tunnel" does❓ | Time to Level Up now.
Vložit
- čas přidán 30. 09. 2020
- Network tunnels are critical today, including overlay and Software Defined Networking (SDN). Learn the basic concepts of tunneling in this short video, as part of the VPN playlist.
Free CZcams Playlists from Keith:
▶ Master Playlist for Cisco CCNA 200-301 ogit.online/sloth
💻 Cisco CCNA 200-301 IPv4 Subnetting ogit.online/subnet
💬 Join our Discord server (free) ogit.online/Join_OGIT_on_Discord
🏪 Keith Barker Amazon Affiliate Store www.amazon.com/shop/keithbarker
And…
🏫 Keith’s Content at CBT Nuggets ogit.online/Keith-CBT
#KeithBarker #CCNA #200-301
I'm a computer science student and this video helped me understand tunneling so much better thank you. Reading out of a textbook is rarely the best approach to learning something!
Thank you Evan Price!
This is SUCH a great demonstration of tunnelling for a student to understand tunnelling. Thank you.
One of my favorite quotes:
"If you can't explain it simply, you don't understand it well enough." -Albert Einstein
Keith is an amazing teacher
Thank you Michael Taylor!
I logged in to my account just to give this video a like - enough said. Explaining concepts so clearly is something few people can do - thanks!
Excellent example... Just noticed CCNA is tagged, thank you so much
I love the way you explain. Thank you for the video.
Keith, I passed my ccna on Tuesday. Your channel played a big part. Thank you for the great content. I will be signing up with cbt nuggets for ENCOR.
Great job! So happy for you, congratulations!!!
Configuring GRE and IPSec is very fun. That was my favorite section when I was studying for the CCNA. That and FHRP's. Thank you Keith for all of your hard work!
You're very welcome!
Forgive my unprofessional language for a moment here, but I have to say it... you are just so fucking good, Keith.
I've been reading and watching videos trying to wrap my head around tunneling for about an hour now, then I found your video and 8mins later, I'm crystal clear about what's actually happening when we discuss tunneling.
It's no longer this abstract concept in my mind, but instead is clearly defined now.
Thank you, Keith.
You are truly amazing man.
The cups was perfect to help visualize, thanks
Inner Tunnel & Outer Tunnel
Phase 1 --> Phase 2
Great teacher as always - Lots of Love 💝
Thank you office 2crazy!
Thank you Keith
Keith is always outstanding with his content. Thank you for this informative nugget.
Happy to do it, thanks for the feedback Mohammad Julfikar.
Awesome video! i really appreciate the analogies, thank you so so much!
Glad it was helpful!
Great explanation with no skipping of details, well done.
Many thanks!
I finally understand what a tunnel is.
Best explanation i have ever seen..............
Nice and simple explanation. Hoping to see more of this. :)
Thanks, will do!
Thanks a lot Mr. Keith for simplifying it in best possible way, learning a lot from you everyday.
Hopefully I'll be in States by the end of 2021😊.
- Lots of love from Afghanistan ❤
Thank you Omid Ahmadi!
All the best to you and your family.
Great explanation…thank you
You are welcome!
That's funny, I work with a number of different Optical Carrier Networks, one of them is an OC-12 Transport called Jungle-mux, unrelated to tunneling, but made me chuckle :)
OMG!!!! THIS IS THE MOST SIMPLIEST PROFESSOR EXPLANATION IVE EVER SEEN...USING STACK CUPS WOW!!!...KUDOS! Keith
Thank you nvv21!
Thanks so much
Brilliant as always thanks
Very welcome
Awesome explanation
Happy to help! Thank you!
You are the best Keith. Thanks for this.
Thank you InfoSec Pat! Always great to see your name pop up! Hope you are well.
Keith Barker you’re welcome. Thanks, it’s always great seeing videos. All well and I hope the same with you.
what a video, thankyou Keith !!
Your Welcome!
thank you so much for your clear explanation. please how you were able to see the original(insider) packect? Is it because the GRE protocol is not encrypted by default?
That is what needed. Although I am not fluent in English, I've got you straight. Thanks a lot
Thank you @user-yu4og4cp6o!
Thank You 💕 Keith for Good content
Happy to do it, thanks for the feedback Ranjitkumar.
Tunneling well explained!
Thank you Rajnish P Sinha!
Thank you Keith, you simplified the best way possible. More visualization please whenever you can, as it helps a lot. :)
Thank you Wanaaje's Channel!
@@KeithBarker yw sir.
thanks keith
You're Welcome!
So this is why unpacking my Amazon deliveries is like Matryoshka dolls.
Nice explanation carry on for better future
Thank you Sohail Anjum!
By t=30s, I recognized that Keith is a supurb teacher.
6:51
Today I learned how they made the "low battery" sound on my Samsung
i had discovered VPN tunneling trying to solve an extremly slow connection to Office 365 servers using our company VPN thanks to the "route add" command for every ip range (using a script) but i have no idea how to do the same for IPv6 on Windows 10
So basically, VPN client software creates a virtual router inside my PC and turns it into the default gateway to access the internet, so any packets have to first go through that.
Then this virtual router which uses the same network card but has a different private IP, wraps these IP packets in a TCP segment and sends with its IP address and TCP port, to the VPN server it knows and trusts, then this server removes this padding and forwards the IP packet with its own IP and port to the internet
this cleared up things a bit. you just throw the packet out and say "hey, i need it to get to that destination. i dont care how, figure it out" and let the internet infasctructure do it for you, instead of planning it our ahead of time with a routing protocol.
Can i also say it's like someone walking to their destination where they could be kidnapped, robbed, or murdered. But then you buy that person a vehicle so that they can arrive at their destination safely?
Good imagery on encapsulation, I always thought of it as nesting dolls lol
Thank you! 😊
Nice quote on t-shirt
Thank you shaikh Adil!
Very nice explanation Keith. I just have a question - How does router 1 know what destination address to put? As in, does it contain some mapping of what local subnet is behind what router? Also, as an extension to this question, if router had formed multiple GRE tunnels with many other routers, then would it have to maintain this mapping for all remote routers. If so, where does it keep this mapping? If not, how does it know which local subnet is behind which router? Thanks a lot!
Thank you for the question @utkarshmishra1928.
Depending on the vendor, and the type of VPN (remote access vs site to site) there are many options including:
On the VPN client, using selective routing regarding which destination IP addresses/subnets should be sent through the tunnel.
For site to site, statically configuring the networks reachable between the two sites
For site to site, dynamically sharing routing via a routing protocol to identify which network are reachable via the tunnel
( and there are more options as well).
Hope that helps a bit, from a high-level perspective.
I love your shirt. Where did you get it?
Thank you for the question Michael. It is a song from this group www.thesingerandthesongwriter.com/home
Had the chance to see them perform a house concert in Vegas last year, and that is where I got the shirt.
Hello kieth thanks for the videos as always,
I have request can you make roadmap how to master network security in 1 year or less?
Great suggestion! "Mastering" is a strong word for such a broad topic. Let me give that some thought.
Thx, wait for Explaination what is UndertheHood... with role of GRE / IPsec / SHA256/md5/ ikev1 vs ikev2 ... for me it's like a bunch of Terms. without final conclusion. BTW thx.
Thank you for the question Clxxcv 420. More videos coming.
How does our router know when to pass packets through tunnel ?
Thank you for the question Surya045. It will be based on the routing table on the router.
Keith can you explain what that wireshark filter means ip.id==0xc3c9 please :) also how does this effect MTU will packets be fragmented due to extra header increasing the size?
IPv4 ID Used Only for Fragmentation
Although RFC 1122 suggests that the IPv4 ID field has other uses,
including datagram de-duplication, such uses are already not
interoperable with known implementations of sources that do not vary
their ID. This document thus defines this field's value only for
fragmentation and reassembly:
>> The IPv4 ID field MUST NOT be used for purposes other than
fragmentation and reassembly.
Thanks Michael, So if you filter on that ID in wireshark it displays only packets that have been fragmented ?
Also from RFC 791:
Procedure:
IF TL =< MTU THEN Submit this datagram to the next step
in datagram processing ELSE IF DF = 1 THEN discard the
datagram ELSE
To produce the first fragment:
(1) Copy the original internet header;
(2) OIHL
@@shezzy97 Yes going by how the RFC describes it.
I think Keith used it as an easy way to filter out all the noise on the network and follow the TCP stream still capturing the packets that had (2) IP headers.
In which if you did a follow stream via the GUI, it might only follow the session at the starting point of the addition of the ip header and end when it was decapsulated on the other end. By using the ip.id field he followed the underlaying network so it was end to end including the tunnel (e.g. another header being slapped on the packet) if that makes sense.
Thank you for the question shezzy97. And thank you Michael for the great replies.
In the captures, I wanted to look at the same packet before, during, and after the tunnel. Each IP packet has a unique ID, so I used a display filter to show that same packet in each of the 3 captures.
Is tunneling always used between routers when passing data?
Thank you SuperBoi45!
On a local area network (LAN), the norm is to NOT use any tunnels, just forward the traffic on its way to the destination IP.
Some exceptions exist, such as VXLANs and a few others, but again most of the traffic between routers is NOT through a tunnel.
Hope that helps.
So. The idea of tunnel is just misleading. There is no dedicated private route that these packages take , as in a paper mail being transported through a underground tunnel and not the highway. The packages go through the same internet with their addresses being concealed. They should not call it a tunnel, the word "wrapper"/"Packaging" would be a better fit. that would avoid a lot of confusion.
Maybe i misunderstood but do these VPN service provider have their own private routes that transfer the data or is our "concealed and encrypted" data still going through the public internet ? If it is going through the public internet, then what is so private about a Virtual private network ? Would you please help me understand. Thank you
Thank you @user-wu7xh1fc2q!
please speak slowly for no english language people :)
Thank you Roberto BUFANO! I appreciate the feedback. Have you considered using the "Playback speed" controls in CZcams? I think setting it to .75 may be helpful for you.
Thank you again for the feedback.
This is an outstanding video, sir! You're doing the Lord's work 🫡
Thank you Leeroy Jenkins!
Omg you are like a kindergarten teacher🫶 I was struggling and you saved me with perfect analogy! I subscribed!!!
Thank you @user-nm7wj6se6e!
Thank you very much
Happy to do it, thanks for the feedback Spiral Dynamics.