In this episode, I want to do a quick review of a lot of important denizens of our local area network Ergo land reviews. So what I'd like to do right now is run through a lot of stuff on switches and routers and such that hopefully you would already know. But for completeness, let's just go ahead and do a quick review starting with switches. So what I have here in front of me is a pretty standard net gear switch. Now remember switches, filter and forward data based on MAC addresses. So switches tend to pretty much work automatically out of the box.
However, there are some features that we're going to see on the exam, I want to just make sure you know, so let's go through those. The first one is the concept of a VLAN. Now normally, when I'm talking on this one switch, it has one broadcast domain. So if somebody sends out a broadcast it goes out to every other port. However, if we want to, we can actually split up that single broadcast domain into multiple broadcast domains known as VLANs. So in essence, what I can do is I can set up a VLAN and VLANs have numbers, you know, I do like VLAN, one VLAN.
Two, you really can't say like VLAN Timmy, it doesn't work that way. But then once I create these VLANs, I could then assign ports. And in this case, I could say, I could take the first this is a 26 port switch, I could take the first 12 ports and make it to be VLAN one and the rest of the ports B to VLAN. Two and it would be as though I simply had two completely separate switches. So to see this, what I've got is the configuration screwed up. So let's take a look over here.
Now this machine is right out of the box I have done really no configuration to it whatsoever. I also need to warn you is there are tons of settings in here that I am not going to be covering a quick review, we're just going to hit the ones that I want to make sure you're aware of for the exam. So first of all, let's go over to switching. Now, if you take a look on this system, I'm going to click on VLAN here, you'll see that It has three built in VLANs number one, which is the default VLAN. And then these two others, which I doubt I would ever use voice VLAN and audio VLAN. The reason they're doing that is because it's very common if you're using voice over IP to put all your voice devices on their own separate VLAN, and in this case video as well.
Now, once you have these VLANs made, and I could make my own VLANs if I want, but let's just stick with these three for the moment, what I can now do is begin to assign different ports to different VLANs. So I'm going to come over here on this particular machine. And see right here when I click on ports, you can see right now, they're basically not on anybody at the moment or what we would call untagged. So if I want to put Port 13 on a particular VLAN in this case, to I'm going to go ahead Nope, there it is hit Apply. And I now have put Port 13 on to the second VLAN. The important thing you need to understand with VLANs is that the moment I put that Port 13 onto a separate VLAN, it will be as though disappeared from the switch.
The only way I could get other people to talk to it is if I put more ports on to that same VLAN. So VLANs are absolutely critical tool. It is the way we do what we call layer two separation of networks, and it's an important security feature. Now the other security feature I want to talk about is flood guarding Now, one of the dangers with switches is that you can accidentally plug them together in such a way that you can create loops or what we call bridge loops. Now a bridge loop will basically knock a network down instantaneously. So what we've developed with any good switch is something called Spanning Tree Protocol or STP.
So the nice part about STP is you pretty much just have to turn it on. And let's go back in here and let's make sure SDP is even lit up on these guys. So on this particular one, I there's a little tab for SDP. And as I look here, right now, SDP is disabled. So I'm going to go ahead and turn that on. Now there's SDP.
And then rapid STP. And we pretty much just use rapid SDP. And then bpdu flooding is just if we move boxes around, it knows how to track that type of stuff. So really, all I need to do in this particular case, is make sure that this guy's turned on. So those are the two big things about switches, I want to make sure that you're aware of number one, this is where we set up VLANs. And then number two, make sure that you're comfortable with the concept of STP and that it prevents loop floods.
So that's a very, very good thing. So let's go and do this one more time, except this time, let me replace this with a router. It's sweet Which is filtering forward based on Mac address or layer two routers filtered forward based on IP address or layer three. So the term layer three switch is a very common term that can be used interchangeably with the word router. So if routers filter and forward based on IP addresses, routers are going to act as the doorway or the interface between different network IDs. So let's take a look at this.
So here's a router that I have right now. And in this particular case, this simple router is separating two different network IDs on one side is 192 160 842. And we'll just put zero in there lots of computers in there. So it'll be 192 168, four dot one for the router itself, dot two dot three dot for whatever. And then on the other side, it's going to be 10 dot 1112 dot zero. So the router itself, spans and filters and forwards IP addresses between these two different network IDs.
Now, don't think routers can only do two for example Let's do this again. Except this time, let's span three different network IDs. So here's a router that's separating three different network IDs, routers can have lots and lots of different interfaces in them. Anyway, let's go back to our original drawing. Now, if a router is acting as what we call a gateway, it is acting as the interface between your local area network and the big internet itself. So we call that a gateway router.
A gateway router will always be running network address translation or Nat. In that case, our internet service provider gives one IP address to the router and then the router converts that into a private IP address range, which then passes out to the individual computers on the local area network. Now, since this router is already connected to the internet, it is very common for us to do something called a firewall. A firewall is a piece of software that is commonly run on a gateway router, which protects us from the evils of the internet. So it can be forward and filter based on port numbers based on IP addresses, URLs, all kinds of different stuff. So we would call this a network firewall because the gateway is running the firewall software and protecting us from the evil of the internet.
So this was a quick and dirty review of some of the terms that you're going to be seen on the exam. I hope you're familiar with all these terms, and can appreciate that I'm doing a very light touch to it. However, if there are any terms that I've just brought up that you're unaware of, I wouldn't think it would be too bad of idea to consider, for example, my network plus video series to help you dial in and make sure you really understand what these switches and routers really do.