Project 1 : PFSense Routing
-
@Pete-S said in Project 1 : PFSense Routing:
I have no idea what you want @WrCombs to accomplish. You should probably draw the network diagram.
I want there to need to be a non-default route
-
@scottalanmiller said in Project 1 : PFSense Routing:
@Pete-S said in Project 1 : PFSense Routing:
I have no idea what you want @WrCombs to accomplish. You should probably draw the network diagram.
I want there to need to be a non-default route
OK, one scenario I can think of is this:
You have an Edgerouter on your LAN, 192.168.1.0/24, that gives you internet access.
Now you want to add your server fleet (VM host) to the LAN and protect them behind a pfSense firewall/router.All your servers are located on the server LAN, 10.100.1.0/24.
-
How can you let the W10 client have access to the server LAN, for instance 10.100.1.2, by changing the Edgerouter config?
-
How can you access the server LAN from your W10 client directly (without sending that traffic over the Edgerouter)?
-
-
Just remember @WrCombs that you can set up static routes both on the client VMs or the router VMs. Most of the time, you'd want this to be set up on your routers because it's more manageable this way plus you can use dynamic routing protocols at scale. However, in some real-life scenarios like remote access VPN with split tunnelling, a route to the secure remote network needs to be added on the client machine itself (with L2TP at least).
-
@Pete-S said in Project 1 : PFSense Routing:
@scottalanmiller said in Project 1 : PFSense Routing:
@Pete-S said in Project 1 : PFSense Routing:
I have no idea what you want @WrCombs to accomplish. You should probably draw the network diagram.
I want there to need to be a non-default route
OK, one scenario I can think of is this:
You have an Edgerouter on your LAN, 192.168.1.0/24, that gives you internet access.
Now you want to add your server fleet (VM host) to the LAN and protect them behind a pfSense firewall/router.All your servers are located on the server LAN, 10.100.1.0/24.
-
How can you let the W10 client have access to the server LAN, for instance 10.100.1.2, by changing the Edgerouter config?
-
How can you access the server LAN from your W10 client directly (without sending that traffic over the Edgerouter)?
-
Wouldn't updating the Edgerouter Routing Table control that?
if not then I have No idea, This is a static routing environment so, My guess would be to change the routing table to show the next hop to 10.100.1.2 is to go through 192.168.1.123. -
Assuming the switch is a dumb switch and is not programmed, I have no idea. How would you ?
The whole reason behind doing this is to understand it, and the more I do it the more and more I get confused, for what ever reason I can't learn networking outside of the basics.
-
-
@WrCombs said in Project 1 : PFSense Routing:
Assuming the switch is a dumb switch and is not programmed, I have no idea. How would you ?
I think you must be confusing a switch with a router, because the switching being "dumb" (aka unmanaged) or managed has nothing to do with the equation. A switch is a switch, the behaviour is not affected by whether or not it is managed or monitored. A switch, by definition, doesn't route or know where services are located.
There are two approaches here, have a router do the work of telling where data should go, or set routes on the devices.
-
@scottalanmiller said in Project 1 : PFSense Routing:
@WrCombs said in Project 1 : PFSense Routing:
Assuming the switch is a dumb switch and is not programmed, I have no idea. How would you ?
I think you must be confusing a switch with a router, because the switching being "dumb" (aka unmanaged) or managed has nothing to do with the equation. A switch is a switch, the behaviour is not affected by whether or not it is managed or monitored. A switch, by definition, doesn't route or know where services are located.
There are two approaches here, have a router do the work of telling where data should go, or set routes on the devices.
Thanks for clarifying.
-
@WrCombs said in Project 1 : PFSense Routing:
and is not programmed
This would be a "what do these words mean to you" situation. There is no concept of "programming a switch". Nor is there any behaviour in a switch that I can reasonable equate with programming. So I'm unclear what it is that you are picturing. But my guess would be that you aren't thinking of switching clearly as a layer two communications device, but instead feeling like it is a magic box that connects things together so that programming it feels like a reasonable possibility.
But a switch is nothing more than a multi-port bridge. It only knows what MAC addresses exist on each port, nothing more, nothing less. It doesn't even know what an IP address is. There's no human or automation interaction to this job. A switch builds it's list by listening on its ports and it sends traffic by MAC address on layer 2. Switches are non-routable devices and don't have concepts like a default router or routes, because they are layer 2.
-
@WrCombs said in Project 1 : PFSense Routing:
The whole reason behind doing this is to understand it, and the more I do it the more and more I get confused, for what ever reason I can't learn networking outside of the basics.
Have you learned the ISO OSI model yet? I can't imagine trying to figure out networking without knowing it.
-
Something worth noting... what you are doing here, learning routing tables, is something that nearly 100% of IT pros will never do in a lifetime (at least, outside of a lab.) This isn't something that people do in the real world. When you do do this, it's a networking specialist who only does this that is brought in. Of course, learning it is great. But the thing you are attempting to learn is at a level that is pretty much above any real world networking done by a non-dedicated networking specialist. But the stuff that you need to learn is far more basic, like "what is a switch" which is something you should have down solidly before you even introduce the concept of routing.
So I think you are attempting to learn relatively hard concepts, without having built a firm foundation in the basics.
-
@scottalanmiller said in Project 1 : PFSense Routing:
@WrCombs said in Project 1 : PFSense Routing:
The whole reason behind doing this is to understand it, and the more I do it the more and more I get confused, for what ever reason I can't learn networking outside of the basics.
Have you learned the ISO OSI model yet? I can't imagine trying to figure out networking without knowing it.
I've watched the video on it a dozen times, still don't understand it:
here's what I recall ;Layer 1 - Physical layer: Cabling, Devices
Layer 2 - Data link ; Switches/Hubs
Layer 3- network ; Routing
Layer4 - transport ; how its getting to and from (TCP, UDP)
Layer5 - session ; (dont know abou this one) encryption?
Layer 6- Presentation: decryption of layer 5(maybe)
Layer 7 - Application; final product what you see on the screen .Is what I gathered from watching the video all those times.
-
@scottalanmiller said in Project 1 : PFSense Routing:
Something worth noting... what you are doing here, learning routing tables, is something that nearly 100% of IT pros will never do in a lifetime (at least, outside of a lab.) This isn't something that people do in the real world. When you do do this, it's a networking specialist who only does this that is brought in. Of course, learning it is great. But the thing you are attempting to learn is at a level that is pretty much above any real world networking done by a non-dedicated networking specialist. But the stuff that you need to learn is far more basic, like "what is a switch" which is something you should have down solidly before you even introduce the concept of routing.
So I think you are attempting to learn relatively hard concepts, without having built a firm foundation in the basics.
Yeah, you're probably right honestly.
-
@WrCombs Programming in my opinion is your code that is capable of making decisions or using logic based on some type of input. If it can't do this then I consider it just scripting. How important this info is in the real world, well who knows lol. Again that is just my definition and others may be different.
-
@jmoore said in Project 1 : PFSense Routing:
@WrCombs Programming in my opinion is your code that is capable of making decisions or using logic based on some type of input. If it can't do this then I consider it just scripting. How important this info is in the real world, well who knows lol. Again that is just my definition and others may be different.
Scripting is a type of coding. You do neither with switches, though. Scripting, coding, developmenting, software engineering... all one and the same. But switches are "plugged in", not programmed. You don't add logic to them.
-
@WrCombs So for example, routers and switches. Neither of these devices is programmable. You can use cli on some devices to tell it what to do and manage but that is not programming or scripting in my opinion.
-
@WrCombs said in Project 1 : PFSense Routing:
@scottalanmiller said in Project 1 : PFSense Routing:
@WrCombs said in Project 1 : PFSense Routing:
The whole reason behind doing this is to understand it, and the more I do it the more and more I get confused, for what ever reason I can't learn networking outside of the basics.
Have you learned the ISO OSI model yet? I can't imagine trying to figure out networking without knowing it.
I've watched the video on it a dozen times, still don't understand it:
here's what I recall ;Layer 1 - Physical layer: Cabling, Devices
Layer 2 - Data link ; Switches/Hubs
Layer 3- network ; Routing
Layer4 - transport ; how its getting to and from (TCP, UDP)
Layer5 - session ; (dont know abou this one) encryption?
Layer 6- Presentation: decryption of layer 5(maybe)
Layer 7 - Application; final product what you see on the screen .Is what I gathered from watching the video all those times.
Well yes, listing them is good, it means you can recall the names. But you have to understand what it means, too. I was able ot repeat it long before I was able to grok it.
Understanding that Layer 2 means "Reliable transmission of data frames between two nodes connected by a physical layer" can go a long way.
-
@jmoore said in Project 1 : PFSense Routing:
@WrCombs So for example, routers and switches. Neither of these devices is programmable. You can use cli on some devices to tell it what to do and manage but that is not programming or scripting in my opinion.
Exactly, just like issuing commands on the Linux or Windows CLI isn't scripting or programming. If it were, then having a GUI that just types those commands for you would also be programming.
-
@WrCombs As for learning routing basics, Scott is right here and this is stuff you rarely do. I have never done this at a business. I only did a little when studying for my network+ in an online lab. I have never had to do anything similar since. Its learning to troubleshoot the network to tell if your having a routing issue, switch issue, or user. 95% its the user lol. So yes good to learn but i would get the basics down real well first, as basic issues will be by far what you troubleshoot the most.
-
@jmoore said in Project 1 : PFSense Routing:
@WrCombs As for learning routing basics, Scott is right here and this is stuff you rarely do. I have never done this at a business. I only did a little when studying for my network+ in an online lab. I have never had to do anything similar since. Its learning to troubleshoot the network to tell if your having a routing issue, switch issue, or user. 95% its the user lol. So yes good to learn but i would get the basics down real well first, as basic issues will be by far what you troubleshoot the most.
Yeah, 99.999% of the interactions you'll ever have with this concept is seeing ISP routers when troubleshooting. And you'll only see them by pinging them or doing a traceroute (which is still a ping.)
-
@jmoore said in Project 1 : PFSense Routing:
@WrCombs As for learning routing basics, Scott is right here and this is stuff you rarely do. I have never done this at a business. I only did a little when studying for my network+ in an online lab. I have never had to do anything similar since. Its learning to troubleshoot the network to tell if your having a routing issue, switch issue, or user. 95% its the user lol. So yes good to learn but i would get the basics down real well first, as basic issues will be by far what you troubleshoot the most.
how do you guys suggest I learn the basics ?
Videos aren't helping, reading isn't helping.. I'm kind of out of ideas.
-
@WrCombs said in Project 1 : PFSense Routing:
@jmoore said in Project 1 : PFSense Routing:
@WrCombs As for learning routing basics, Scott is right here and this is stuff you rarely do. I have never done this at a business. I only did a little when studying for my network+ in an online lab. I have never had to do anything similar since. Its learning to troubleshoot the network to tell if your having a routing issue, switch issue, or user. 95% its the user lol. So yes good to learn but i would get the basics down real well first, as basic issues will be by far what you troubleshoot the most.
how do you guys suggest I learn the basics ?
Videos aren't helping, reading isn't helping.. I'm kind of out of ideas.
Well, for me, it was all books. I like videos a lot, but in our day, there was nothing but books and hands on to learn.
