1
00:00:00,520 --> 00:00:08,860
The reason why we see OP traffic rather than ICMP traffic is on Ethernet before two devices can communicate.

2
00:00:09,010 --> 00:00:15,490
They need to use OP to discover one another's MAC addresses so before ICMP traffic can even be sent

3
00:00:15,490 --> 00:00:22,750
rather to acting as PC two needs to send an OP to discover Router Four's Mac address, but it never

4
00:00:22,750 --> 00:00:28,960
discovers it because the traffic never reaches router four, so it never receives an OP reply and therefore

5
00:00:28,960 --> 00:00:31,540
cannot send ICMP traffic.

6
00:00:32,130 --> 00:00:33,450
So in switch to.

7
00:00:35,490 --> 00:00:36,360
Interface.

8
00:00:36,720 --> 00:00:38,260
Range gigabit.

9
00:00:38,280 --> 00:00:39,420
Zero two.

10
00:00:40,020 --> 00:00:40,890
Two three.

11
00:00:41,880 --> 00:00:42,900
Switch port.

12
00:00:44,090 --> 00:00:53,060
Trunk encapsulation port one key switch port mode trunk switch port.

13
00:00:53,060 --> 00:00:53,360
No.

14
00:00:53,360 --> 00:00:56,540
Negotiate at the moment.

15
00:00:56,540 --> 00:00:58,790
Interface gigabit zero two.

16
00:01:00,350 --> 00:01:02,180
On switch to is shut down.

17
00:01:02,720 --> 00:01:04,220
I'll just do the same here.

18
00:01:05,180 --> 00:01:12,020
To prove the point, we are forcing the traffic basically to go via the hub so that we can do a Wireshark

19
00:01:12,020 --> 00:01:16,610
capture and see traffic on the network.

20
00:01:17,030 --> 00:01:19,690
So now let's start another Wireshark capture.

21
00:01:22,670 --> 00:01:25,520
Ken wrote a to paying writer for now.

22
00:01:26,830 --> 00:01:28,450
Notice the ping succeeds.

23
00:01:29,540 --> 00:01:30,920
If we look at our traffic.

24
00:01:32,430 --> 00:01:34,020
We can see the OP.

25
00:01:34,230 --> 00:01:36,240
I'll stop this Wireshark capture for the moment.

26
00:01:36,330 --> 00:01:41,370
There's the broadcast asking for Mac address associated with IP address ten.

27
00:01:41,370 --> 00:01:42,360
One, two, four.

28
00:01:42,960 --> 00:01:46,770
As you can see, it's a broadcast sent from router two.

29
00:01:47,040 --> 00:01:49,320
It's an ADA two, two, one, q frame.

30
00:01:50,990 --> 00:01:55,490
So in the eight two, two, two, one Q portion, once again we can see that the VLAN is two.

31
00:01:56,420 --> 00:02:02,840
There is the OP request looking for the MAC address associated with IP address ten 124.

32
00:02:02,990 --> 00:02:04,400
He has the reply.

33
00:02:04,640 --> 00:02:13,880
What you'll also notice is the VLAN ID is two, so it's coming back as a tagged frame from ten one to

34
00:02:13,880 --> 00:02:16,850
4 to 10 1 to 2.

35
00:02:16,850 --> 00:02:18,590
So there's the OP reply.

36
00:02:18,920 --> 00:02:24,440
It's not a broadcast because it knows the MAC address of router two already, so it goes directly to

37
00:02:24,440 --> 00:02:26,150
the MAC address of router two.

38
00:02:26,300 --> 00:02:33,620
And then if we scroll down a bit further, we can see the ICMP echo messages.

39
00:02:35,300 --> 00:02:39,710
So here's an echo from ten one to 2 to 10 1 to 4.

40
00:02:39,740 --> 00:02:42,320
Once again, notice the VLAN ID is two.

41
00:02:42,350 --> 00:02:45,830
Here's the reply from ten 1 to 4.

42
00:02:45,980 --> 00:02:48,260
So it's an echo reply to ten.

43
00:02:48,260 --> 00:02:49,430
One, two, two.

44
00:02:49,760 --> 00:02:51,800
VLAN id is two.

45
00:02:51,800 --> 00:02:57,230
So those frames are being tagged between the two devices.

46
00:02:57,710 --> 00:03:03,140
Let's stop that capture and started again in genius three.

47
00:03:04,530 --> 00:03:07,440
Now what about traffic from rather one, two, rather three.

48
00:03:08,290 --> 00:03:11,350
That's using vlan one which is the untagged VLAN.

49
00:03:11,890 --> 00:03:16,150
So rather one pinging router three ping succeeds.

50
00:03:16,720 --> 00:03:17,860
Router two pinging.

51
00:03:17,860 --> 00:03:19,840
Router four ping succeeds.

52
00:03:20,110 --> 00:03:21,880
I'll just filter for ICMP.

53
00:03:22,120 --> 00:03:25,600
So there's the ICMP message from router one to router three.

54
00:03:25,630 --> 00:03:27,970
Notice it's a standard ethernet frame.

55
00:03:28,120 --> 00:03:30,100
The ISA type is IP version four.

56
00:03:30,130 --> 00:03:37,240
There is no ED one q tagging on the echo or the echo reply.

57
00:03:37,270 --> 00:03:41,050
It's standard ethernet frames because that's the native VLAN.

58
00:03:41,080 --> 00:03:47,530
Scrolling down, however, he has router two, pinging router four and notice once again there is the

59
00:03:47,530 --> 00:03:48,370
tag.

60
00:03:48,850 --> 00:03:56,950
So let's put router one and router three into VLAN ten and see how that affects the tagging of traffic.

61
00:03:57,430 --> 00:03:58,690
So on switch one.

62
00:03:59,860 --> 00:04:03,280
VLAN ten interface gigabit zero zero.

63
00:04:03,280 --> 00:04:07,270
Switch port access vlan ten.

64
00:04:08,990 --> 00:04:13,190
Do something similar on switch to VLAN ten.

65
00:04:14,120 --> 00:04:19,339
Interface gigabit zero zero switch port access.

66
00:04:19,370 --> 00:04:20,630
VLAN ten.

67
00:04:21,200 --> 00:04:22,970
So now when router one.

68
00:04:22,970 --> 00:04:24,380
Ping's router three.

69
00:04:25,340 --> 00:04:26,470
What happens now?

70
00:04:26,480 --> 00:04:29,120
It might take a while because spanning tree needs to converge.

71
00:04:31,470 --> 00:04:35,850
So back on switch one show spanning tree.

72
00:04:39,530 --> 00:04:40,250
For VLAN.

73
00:04:40,250 --> 00:04:42,590
Ten ports are now forwarding.

74
00:04:43,430 --> 00:04:44,630
So let's do the ping again.

75
00:04:44,660 --> 00:04:48,860
Notice the ping now succeeds and in our Wireshark capture.

76
00:04:50,270 --> 00:04:51,920
If we scroll right down.

77
00:04:51,920 --> 00:04:54,680
What we should see now is the.

78
00:04:56,250 --> 00:05:00,570
VLAN number as an example is VLAN ten.

79
00:05:00,570 --> 00:05:03,960
So ID is ten can see the hexadecimal.

80
00:05:04,170 --> 00:05:05,400
There's the decimal.

81
00:05:06,950 --> 00:05:13,340
So at layer two in the Ethernet frame, notice the type is a 2 to 1 Q in edit 2 to 1.

82
00:05:13,340 --> 00:05:19,190
Q The type is IP version four indicating that IP version four is used at layer three.

83
00:05:19,460 --> 00:05:22,550
There's the ping, here's the reply.

84
00:05:22,700 --> 00:05:26,810
But notice once again the VLAN number is VLAN ten.

85
00:05:27,320 --> 00:05:30,830
If I changed this VLAN to VLAN 11 as an example.

86
00:05:32,320 --> 00:05:33,820
With the ping succeed.

87
00:05:34,630 --> 00:05:41,270
So vlan 11 rather interface gigabit zero zero switch port access.

88
00:05:41,290 --> 00:05:42,730
VLAN 11.

89
00:05:43,270 --> 00:05:45,750
I made the mistake of putting interface vlan 11.

90
00:05:45,760 --> 00:05:52,780
I should have said simply VLAN 11 to create the VLAN, but in this case the switch did create the VLAN

91
00:05:52,780 --> 00:05:53,470
for me.

92
00:05:53,620 --> 00:05:57,160
You need to be careful with that because some switches won't do that for you.

93
00:05:57,250 --> 00:05:59,680
But you can see VLAN 11 has been created.

94
00:06:00,010 --> 00:06:02,350
Gigabit zero zero is in VLAN 11.

95
00:06:02,650 --> 00:06:09,940
So this is in VLAN 11, the support is in VLAN ten can router one, ping router three and you can see

96
00:06:09,940 --> 00:06:11,410
at the moment it can't.

97
00:06:11,800 --> 00:06:20,140
In our Wireshark capture rather wan still has a cached mac address for router three, so it's sending

98
00:06:20,170 --> 00:06:28,420
ICMP traffic, but notice it's tagged with VLAN 11 and no reply is received back because the traffic

99
00:06:28,420 --> 00:06:31,090
never gets to router three.

100
00:06:31,660 --> 00:06:38,620
The support is in VLAN ten, the support is in VLAN 11, so the traffic never reaches this port.

101
00:06:38,950 --> 00:06:42,160
We can see that once again by doing a capture.

102
00:06:45,230 --> 00:06:47,660
Helping rather three from rather one.

103
00:06:49,080 --> 00:06:56,010
And what you'll notice in the output here is there is no OP and no ICMP traffic received on this port

104
00:06:56,010 --> 00:06:56,520
at all.

105
00:06:56,850 --> 00:07:00,210
Even though we're out of one is pinging rather three.

106
00:07:01,990 --> 00:07:11,380
On the captur between the switches we can see the ICMP traffic with VLAN 11, but the switch when it

107
00:07:11,380 --> 00:07:16,870
receives traffic on VLAN 11 is not going to forward it out of this port or this port.

108
00:07:17,660 --> 00:07:19,910
So essentially goes nowhere.

109
00:07:20,330 --> 00:07:23,930
It's going to be dropped by the switch because there are no access ports in VLAN 11.

110
00:07:24,880 --> 00:07:29,110
So the traffic never hits rather three but on switch two.

111
00:07:29,110 --> 00:07:40,390
If we created VLAN 11 and then went onto the port and put it into VLAN 11, what we would see now is

112
00:07:40,390 --> 00:07:42,070
that the pings do succeed.

113
00:07:42,930 --> 00:07:46,920
Now once again, it may take a while for spending tree to converge.

114
00:07:47,670 --> 00:07:49,100
You can see the pings arriving.

115
00:07:49,110 --> 00:07:52,080
Notice, 913 is the sequence number.

116
00:07:52,650 --> 00:07:56,370
Pings are arriving at switch to.

117
00:07:59,350 --> 00:08:02,830
But we may need to just wait a while for spending tree to converge.

118
00:08:03,310 --> 00:08:04,140
And there you go.

119
00:08:04,270 --> 00:08:14,410
Just converged so we can see the ping from router one to router three using VLAN 11 and there's a reply

120
00:08:14,620 --> 00:08:15,820
on VLAN 11.

121
00:08:16,520 --> 00:08:18,710
So physically this topology looks.

122
00:08:20,800 --> 00:08:23,770
As follows Just ignore the hub for the moment.

123
00:08:23,950 --> 00:08:26,110
So pretend that the hub is not there.

124
00:08:27,160 --> 00:08:27,700
Physically.

125
00:08:27,700 --> 00:08:34,299
We've got two PCs connected to switch one and two pieces connected to switch two, but logically rather

126
00:08:34,299 --> 00:08:40,820
one acting as PC one and router three acting as PC three are connected to each other and two and four

127
00:08:40,820 --> 00:08:41,950
are connected to each other.

128
00:08:43,080 --> 00:08:49,230
They are totally separated from each other and won't be able to ping each other unless we enable interval

129
00:08:49,230 --> 00:08:57,330
and routing on one of the switches and configure default gateways on the PCs to talk to each other via

130
00:08:57,330 --> 00:08:58,650
their default gateway.