![]() ![]() Some people were confused in my last video by my “Echo to Echo” firewall rule where I specifically allowed traffic between my Echo devices, even though they are on the same subnet and therefore shouldn’t need to use the router to communicate. If two devices are on different VLANs, and therefore different subnets, they need to go through the router in order to communicate, and if they use the router they also get checked for firewall rules, which then allows you to regulate their traffic. Layer 3 is the network layer, which is a fancy way of saying that it uses a router to determine the correct path between devices that aren’t on the same subnet. Importantly, layer 2 communication doesn’t require any input from the router and can therefore be done quickly and efficiently, but since the router isn’t involved it also doesn’t check any firewall rules and therefore we can’t deny communication between devices on the same VLAN using firewall rules. One device sends out a network frame with the source MAC address and the destination MAC address and when that frame reaches the switch it reads the destination MAC address, looks it up on its table, and sends it out the correct port. A switch has a big table of device MAC addresses and the corresponding port on the switch that they are attached to. When two devices are on the same LAN segment, VLAN, or subnet meaning they share the same base part of their IP address they can communicate directly using a network switch. ![]() Layer 2 is called the data link layer, which is not a super helpful name, especially when it comes to VLANs. Layer 1 is the physical networking layer: Whether your devices are connected with radio waves, coaxial cable, ethernet, or fiber it’s still layer 1. This won’t be the most in depth look at the OSI model you’ve ever seen, but it will hopefully be easy to understand and give you enough information to make the right decisions for your network. ![]() Check out Holida圜oro using the link in the description to support my channel. Holida圜oro.com has you covered with prebuilt kits including props, controllers, LEDs and power supplies to give you that boost that you need to start your first show, or maybe just level up your existing decorations. By starting early you can make sure that you are all ready to go when Halloween and Christmas sneak up on you. ![]() This video is sponsored by Holida圜oro.com, one of the largest light show vendors in America, and the best time to get into the hobby is in the offseason. Some of the questions asked in the comments indicated that you may need a crash course on networking, so here’s a quick and dirty overview of network communication. In part 2 I mentioned that I made a questionable decision by putting my most untrusted devices, my IP security cameras, onto my main untagged VLAN. In Part 1 I walked you through hardware selection using UniFi equipment, in Part 2 I covered VLANs, wireless networks, and firewall rules, and today we’re going to look at port security, intrusion prevention systems, and VPNs on the UniFi 6.0 controller. Today on the hookup it’s part 3 of my Ultimate Secure Smart Home Network Series. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |