WEBVTT 00:01.760 --> 00:03.190 So I'm going to start it again. 00:03.870 --> 00:04.070 Right. 00:04.180 --> 00:06.580 Starting from the hub, this is all I did on the Hub. 00:09.990 --> 00:11.540 92 and 68 1.1. 00:11.830 --> 00:13.530 Current source is serial zero zero. 00:14.700 --> 00:17.040 Source multi point. 00:17.610 --> 00:24.450 And then since it's multi point, it works with PNP to do the resolution of your destination plus none. 00:24.870 --> 00:26.100 Then what do I need to do? 00:28.170 --> 00:29.310 I'll go to R2. 00:30.330 --> 00:30.690 R2. 00:30.690 --> 00:33.270 I need to tell them to come and register to R1. 00:33.360 --> 00:36.800 Right now if you check R1, the PNP is empty, so I need to. 00:37.530 --> 00:40.140 There's nothing in there in the table. 00:41.220 --> 00:42.090 I'll go to R2. 00:43.110 --> 00:45.660 Now the differences are interface channel zero. 00:45.660 --> 00:46.290 Correct. 00:47.250 --> 00:50.910 I'll keep the hub and the spokes separate so all the spokes will just face the same thing. 00:50.910 --> 00:54.900 This is two sources again for them, Serial zero zero. 00:54.900 --> 00:56.400 So no need to change that part. 00:57.300 --> 01:00.030 Multi point PNP network ID nothing. 01:00.450 --> 01:07.660 I don't change that except for I tell them, listen, go and register yourself to the NHS of 192 168 01:07.690 --> 01:08.320 1.1. 01:09.170 --> 01:13.450 But for that, since he doesn't know where 1.1 he doesn't know the public address of 1.1. 01:13.450 --> 01:20.650 I need to map it to map 192 168 .1.1 the public address is 16 dot. 01:23.800 --> 01:25.990 That's what I'll tell my spokesman at. 01:30.030 --> 01:31.860 Given time is equal to R3. 01:32.400 --> 01:33.720 R3 would be three. 01:33.870 --> 01:35.220 Everything else is the same. 01:37.170 --> 01:37.390 Right. 01:37.920 --> 01:38.970 This is your IP. 01:39.000 --> 01:44.670 Go and register to the app for would be dot four. 01:44.850 --> 01:45.540 This is your IP. 01:45.570 --> 01:46.680 Go and register to the house. 01:50.980 --> 01:51.790 R5 the same. 01:55.560 --> 01:56.520 Future R1 now. 01:57.420 --> 01:59.070 Until now it was empty. 01:59.370 --> 02:01.290 Now you have two, three, four and five. 02:02.070 --> 02:04.260 They have come up and registered themselves to be. 02:08.010 --> 02:10.140 Right there. 02:10.170 --> 02:10.440 Right. 02:12.780 --> 02:13.350 Any questions? 02:13.350 --> 02:13.800 Until now. 02:19.420 --> 02:20.010 Cannot do. 02:20.050 --> 02:25.990 Talk to our three clapping 1.3 right now. 02:25.990 --> 02:30.040 If I check my sharp, I only have one entry. 02:30.340 --> 02:31.120 Static entry. 02:31.330 --> 02:39.580 But if I ping 1921681.3 my ping goes and if I go to my IP and a dynamic entry is added here as well 02:39.580 --> 02:40.270 as 02:43.960 --> 02:48.610 both sides some you also have another mapping for itself. 02:48.610 --> 02:51.790 This is if you want to ping yourself, it's called no socket. 02:52.150 --> 02:54.250 This is my own IP address. 02:55.360 --> 02:55.460 Right? 02:55.540 --> 02:58.540 So communication between all the spokes is possible now. 03:00.940 --> 03:04.270 And I showed you how how it happens. 03:04.270 --> 03:04.720 Right. 03:04.720 --> 03:09.010 And the chapter registration registration request reply to registration. 03:09.010 --> 03:13.570 Request request reply to the first few packets, go through the hub. 03:13.930 --> 03:16.120 And then after that, everything is good to go. 03:16.720 --> 03:17.980 Then what did I do? 03:20.050 --> 03:24.430 This was only so that my end points, my edges talk to each other. 03:25.120 --> 03:31.090 My main job is so that when one talks to ten, four talks to ten, five talks to ten three, my internal 03:31.090 --> 03:32.320 networks talk to each other. 03:33.010 --> 03:34.270 What do I need to do that? 03:34.570 --> 03:37.420 What do I need to do to accomplish that? 03:37.450 --> 03:41.800 You have to, because when you're out, then I'll tell you what my internal networks are. 03:42.400 --> 03:44.680 So I'll run routing, I'll start everywhere. 03:44.680 --> 03:45.850 I'll just copy the same thing. 03:45.850 --> 03:46.720 I'll say router. 03:50.560 --> 03:54.790 Exactly one network 192 and 68 .1.0. 03:56.590 --> 03:58.180 Network ten 000. 03:59.910 --> 04:02.950 Notorious Not. 04:08.680 --> 04:09.820 So copy it everywhere. 04:23.800 --> 04:25.060 They will not work. 04:25.080 --> 04:26.220 Why is it not working? 04:26.890 --> 04:30.100 Any questions because. 04:33.500 --> 04:38.150 Now it's not working because multicast is not about it's not allowed. 04:39.590 --> 04:40.640 It is allowed. 04:40.730 --> 04:43.700 It's just that it doesn't know which destination to send it on. 04:44.810 --> 04:47.540 Until now, with the decisions that you were making. 04:47.630 --> 04:49.760 Say, for example, I'm talking about R2. 04:50.420 --> 04:58.130 Until now it's decision was 192 168 .1.1 Going to 192.168.1.2. 04:58.850 --> 05:02.090 Sorry, going from two to let's say three. 05:04.170 --> 05:04.400 Right. 05:04.800 --> 05:10.170 His decision, the decision that he had to make was to go to this destination, address this destination, 05:10.170 --> 05:14.760 private address, what should be my public, which is 151 .36.3. 05:16.650 --> 05:20.340 This was the decision that he used to make, and this was sold to him. 05:20.340 --> 05:20.730 In what? 05:20.760 --> 05:26.930 In the table to go to the private address of 1921681.3. 05:26.940 --> 05:31.950 The destination, my public destination will be this public source you already know. 05:36.280 --> 05:37.930 It only needs to solve this part. 05:39.910 --> 05:40.150 Right? 05:40.960 --> 05:50.320 The problem with multicast is it will still originate from 1.2, but it will be going to 224. 05:52.810 --> 05:57.250 Based on this designation, there is no mapping, this designation to 20 400. 05:59.380 --> 06:00.570 So I need to solve that part. 06:00.580 --> 06:05.410 I need to tell him, okay, if the bracket is going to this, which I can just say. 06:07.770 --> 06:10.070 But it is going to any multicast address. 06:10.760 --> 06:19.400 I want you to send him where public address of R1, R3 as well. 06:20.240 --> 06:21.350 R5 as well. 06:21.650 --> 06:22.460 R4 as well. 06:22.910 --> 06:25.880 So they'll send all their values to R1. 06:27.080 --> 06:28.130 R1 sends it to whom 06:30.830 --> 06:33.290 R1 needs to send it individually to all the devices. 06:33.290 --> 06:33.680 Right. 06:33.680 --> 06:39.860 So from R1, I'll say send it to all everyone who has come up to you and register dynamically. 06:42.250 --> 06:47.440 Any one of these folks who has come up to you and registered dynamically, which is in his table, it 06:47.440 --> 06:51.940 will go and send out Multicasts to each one of them. 06:53.760 --> 06:57.930 Eventually making sure that the tunnel will come up, that you will come up. 06:57.960 --> 06:59.580 We'll start from the spokes. 07:03.180 --> 07:05.490 Difficulties with neighbour. 07:05.760 --> 07:06.510 It does. 07:07.680 --> 07:09.060 It will send unicast. 07:09.540 --> 07:10.410 It will send unicast. 07:10.420 --> 07:15.300 When you're doing the neighbor, it would but it would be complicated. 07:16.500 --> 07:17.460 It would be complicated. 07:17.460 --> 07:19.700 It does send on what do you call it. 07:19.710 --> 07:21.300 It sends everything unicast. 07:21.300 --> 07:27.630 But there are certain unicast multicast which also go through which will not go across the bridge. 07:28.650 --> 07:30.810 So more generally, you always use this. 07:31.980 --> 07:35.190 And plus another thing that you have to understand is Dmvpn. 07:35.190 --> 07:36.270 Is Cisco proprietary? 07:37.890 --> 07:39.510 It's Cisco's proprietary protocol. 07:39.510 --> 07:45.600 Now, a lot of people might think we are doing it with you might have to do it with OSPF tomorrow. 07:45.600 --> 07:49.650 If you are using Dmvpn, it is Cisco's proprietary protocol. 07:49.650 --> 07:52.470 You will also have available to work with. 07:53.670 --> 07:55.890 You can use OSPF, right. 07:55.890 --> 07:57.360 I'll show you how to do that also. 07:57.360 --> 07:59.670 But it has many design issues. 08:00.810 --> 08:06.400 If you linked it with the VPN, it has many design issues which can be which are solvable. 08:06.400 --> 08:08.860 But here you don't have to think that much in. 08:09.370 --> 08:10.780 It's pretty simple. 08:11.020 --> 08:12.090 We'll have a look at that too. 08:12.700 --> 08:19.870 Right now what I want to do is I want to go to all my trunks, all my tunnels, Interface Tunnel zero. 08:19.870 --> 08:24.640 I want to say IP and map multicast To whom? 08:25.510 --> 08:28.150 16 dot not the private address. 08:28.900 --> 08:29.590 Your mapping. 08:29.590 --> 08:31.120 This is usually in the mapping. 08:31.120 --> 08:32.620 This is the private address. 08:32.620 --> 08:35.710 Then you have a public address to go to the multicast. 08:36.040 --> 08:37.600 What is the outside header going? 08:39.470 --> 08:43.340 Hey, copy, paste. 08:44.210 --> 08:44.690 Paste. 08:48.650 --> 08:48.920 Done. 08:50.180 --> 08:55.940 So you see, R1 has received all the multicasts, but these people have not received anything. 08:55.940 --> 08:57.920 So the tunnel is not coming up from this side. 08:59.300 --> 09:00.320 Yeah, yeah, yeah. 09:00.350 --> 09:01.580 No, not refresh. 09:02.240 --> 09:05.300 So neighbors have all the neighbors here. 09:06.140 --> 09:06.770 On what? 09:07.910 --> 09:10.760 I don't have any doubts because I'm only receiving the hello packets. 09:10.760 --> 09:12.380 The updates and everything are not coming. 09:12.380 --> 09:12.500 Why? 09:12.530 --> 09:14.690 Because I'm not able to respond to the hello packets. 09:15.740 --> 09:17.750 The hub is not able to respond to the hello packets. 09:17.750 --> 09:19.040 How is he going to respond? 09:20.270 --> 09:21.560 IP map 09:23.990 --> 09:25.190 multicast to. 09:26.090 --> 09:30.320 I want to give it two dynamically learned destinations from the clients registration. 09:30.770 --> 09:34.040 Whoever is registered to me, I want to send multicast to all of them. 09:35.900 --> 09:37.100 I will do this. 09:37.400 --> 09:38.660 I will wait for some time. 09:39.140 --> 09:44.300 The hellos will still not go through because these registrations. 09:46.290 --> 09:47.880 Which have come to me. 09:48.060 --> 09:50.820 They have registered before I entered the command. 09:53.630 --> 09:53.820 Right. 09:53.870 --> 10:00.320 So there is a bug in it where if they have registered before you enter the command, it will not be 10:00.320 --> 10:01.910 able to send multicast to them. 10:02.960 --> 10:05.130 For this to work, you'll have to make them register again. 10:05.150 --> 10:09.920 Now you can either turn down the tunnel or what you could also do is you could go to Tunnel zero, No 10:09.950 --> 10:11.780 IP and Network ten. 10:13.930 --> 10:15.490 IP and IP network ID. 10:17.980 --> 10:19.240 Let's say this works. 10:24.100 --> 10:27.160 I removed it from the scope when I registered him again. 10:27.160 --> 10:30.880 When he registers himself, he comes and registers himself to the hub. 10:31.480 --> 10:33.440 Registers himself to the hub. 10:33.460 --> 10:34.540 It's a new entry. 10:34.570 --> 10:36.160 He can send you multicasts. 10:36.370 --> 10:41.710 So you become a neighbor so you don't really need to shut down the tunnel. 10:42.340 --> 10:44.410 Might be an IP network ID ten. 11:00.470 --> 11:03.450 As he's also up for. 11:13.270 --> 11:17.050 Right after is up and our site will come up hopefully quickly. 11:19.150 --> 11:23.710 So you'll see that show IP route Urban will have received all the routes. 11:23.710 --> 11:26.080 Ten, one, ten, two, ten, three, ten, four, ten, five. 11:27.010 --> 11:27.670 That's all. 11:27.670 --> 11:30.940 The steps are pretty easy from our four. 11:33.220 --> 11:33.490 Brother. 11:34.030 --> 11:39.160 So you also have to make sure when you're doing it, you have to make sure that none of the mappings 11:39.160 --> 11:39.970 are incomplete. 11:39.970 --> 11:41.650 Right now, our four is incomplete. 11:42.250 --> 11:43.840 That's why we keep on flapping. 11:45.490 --> 11:50.860 So if there is an incomplete mapping, you remove it and add it back up again. 11:52.210 --> 11:55.420 Make sure that the entries on the hub are never incomplete. 11:56.920 --> 11:58.450 Usually it gets a registration request. 11:58.450 --> 12:01.840 The reply doesn't reach or something like that, so it remains incomplete. 12:05.210 --> 12:05.990 Let's check now. 12:10.450 --> 12:11.290 Now is complete. 12:15.940 --> 12:18.340 Now should be fine again. 12:18.340 --> 12:19.090 Should wipe it out. 12:19.240 --> 12:22.120 Shows you everything I have all the routes. 12:22.150 --> 12:24.340 The only one problem right now would be what? 12:26.590 --> 12:29.950 The routes have not been going down to the spokes. 12:29.950 --> 12:31.480 So if you check the spokes. 12:34.630 --> 12:35.680 The spokes are empty. 12:35.710 --> 12:36.460 Nothing. 12:39.150 --> 12:39.900 Only one doubt. 12:40.410 --> 12:42.300 Only one network, which is behind R1. 12:43.560 --> 12:44.550 R1 is giving out. 12:44.550 --> 12:44.880 What? 12:49.100 --> 12:56.540 R1 is giving out is giving it out to R4, is giving it out to our to our five and R3. 12:59.240 --> 13:01.330 Say they are receiving it. 13:01.340 --> 13:05.270 But whatever he's learning, he's not forwarding it out to the other side. 13:05.690 --> 13:06.920 How do I fix it? 13:07.880 --> 13:08.630 Split horizon. 13:09.050 --> 13:10.340 Just like your frame relay. 13:11.750 --> 13:12.320 Yeah. 13:14.740 --> 13:16.930 iBGP split horizon one. 13:18.810 --> 13:25.830 Then we'll reset and all of your neighbors will receive all the IP. 13:27.700 --> 13:27.950 Right. 13:29.630 --> 13:30.830 I have all the routes. 13:31.280 --> 13:33.340 This is Dmvpn phase one again. 13:33.350 --> 13:34.900 This is not complete Dmvpn. 13:34.910 --> 13:36.230 You'll have to protect it. 13:37.520 --> 13:38.390 You'll have to protect it. 13:38.390 --> 13:39.380 How will you protect it? 13:41.270 --> 13:41.930 Very easy. 13:42.710 --> 13:43.370 You just go here. 13:43.370 --> 13:46.940 I will not apply this because I want to show you what's inside the package. 13:47.120 --> 13:49.130 But I'll just show you how to do it. 13:49.160 --> 13:52.970 Crypto I Scam Policy ten. 13:55.240 --> 13:56.470 Encryption three days. 13:58.890 --> 14:03.060 Authentication pressure at 75. 14:07.630 --> 14:08.900 Little ice camp. 14:08.920 --> 14:19.870 He is still addresses 0000 means any anyone who is trying to create a tunnel with me. 14:19.870 --> 14:24.730 I want to send the key Cisco to them because this is going to be spoke to spoke. 14:25.060 --> 14:27.880 I'm having a lot of spokes and they're going to create tunnels with me. 14:27.910 --> 14:30.640 Now, in real life environment, would you do this? 14:30.670 --> 14:31.600 Is it safe? 14:31.630 --> 14:37.660 Obviously not in real life, in production environment, you would not use this. 14:37.690 --> 14:41.140 What you would use in is certificates. 14:42.580 --> 14:48.070 So all of these spokes will register themselves to a CA a certificate authority. 14:48.610 --> 14:48.940 Right. 14:48.940 --> 14:52.490 When they're exchanging their tunnels, they will exchange ices. 14:53.460 --> 14:55.690 And my ice has been issued by this authority. 14:55.720 --> 14:57.910 My ice has been issued by this authority. 14:58.210 --> 14:59.560 No need for passwords. 15:00.160 --> 15:02.530 We will do we have a VPN on our server. 15:02.530 --> 15:03.670 We'll see how that is done. 15:03.670 --> 15:08.690 But just to let you know that you would not do anything like this if you have it in your mind that it 15:08.690 --> 15:09.650 is not secure. 15:10.460 --> 15:20.540 Pre-shared key you would not use, in this case the VPN, especially if you have 300 sites then crypto. 15:21.580 --> 15:21.940 Voxyn. 15:22.630 --> 15:27.040 IPCC Transform Set T. 15:27.070 --> 15:28.180 Set PSP. 15:28.480 --> 15:29.290 3DS. 15:29.320 --> 15:29.860 PSP. 15:31.110 --> 15:31.410 Germanic. 15:35.210 --> 15:39.400 Crypto IPsec profile I proof 15:41.880 --> 15:42.650 set. 15:43.760 --> 15:47.540 Transform set t set then interface tunnel zero. 15:49.760 --> 15:55.340 Do you remember this Tunnel Protection IPsec profile? 15:56.210 --> 15:56.600 I. 16:01.850 --> 16:02.180 Okay. 16:02.360 --> 16:03.020 That's all. 16:03.020 --> 16:08.330 The thing is, you have to just copy this and paste this everywhere else because nothing, nothing. 16:08.330 --> 16:11.890 If you have a look at this, nothing changes your tunnel. 16:11.900 --> 16:12.860 Zero is the same. 16:14.270 --> 16:20.030 Your transform set is the same, your key is the same, your address is the same nothing. 16:20.030 --> 16:21.490 You just copy paste this and it's done. 16:21.500 --> 16:23.000 Your dmvpn is up and running. 16:23.390 --> 16:26.000 But I will not do that because then I'll have to remove it again. 16:31.570 --> 16:35.890 Okay, we'll do this at the end once we are done with everything else. 16:36.070 --> 16:38.500 Right now, we still have a lot of other issues in hand. 16:39.370 --> 16:40.690 What are those issues? 16:42.730 --> 16:52.170 If R2 wants to go to R3, R2 and R3 are directly connected to the internet, they are directly connected. 16:52.210 --> 16:55.120 There is no need for me to go to R1 first. 16:55.630 --> 17:02.920 But the problem here is our one's neighbor is home R2. 17:03.190 --> 17:04.990 Then R2 is neighbor is. 17:06.730 --> 17:11.710 So when R2 learns about the roots of ten .3.3, it learns it from R1. 17:12.670 --> 17:17.350 That means the next hop for R2 to go to R3. 17:17.380 --> 17:21.160 When I say R2 to go to R3, I'm talking about 10.2 to go to 10.3. 17:21.190 --> 17:27.490 The next hop is always going to be, which is one 9268 .1.. 17:29.760 --> 17:34.820 If the next hop is 1.1, I will always and always send my packets to one dot. 17:36.950 --> 17:39.980 Then 1.1 will make sure where I'm trying to go. 17:40.190 --> 17:43.730 10.3 It will know in his routing table he has 10.3. 17:43.730 --> 17:45.320 See, let's let's check this. 17:46.400 --> 17:47.770 I'm going to go to R2. 17:48.020 --> 17:48.320 Right. 17:48.320 --> 17:56.320 I'm going to send, for example, a pink to from ten, three to from 10 to 2. 17:56.370 --> 17:57.650 2 to 10. 17:58.040 --> 17:59.210 Three, three. 18:01.410 --> 18:02.220 Right now. 18:02.220 --> 18:04.080 This is going to have a public address. 18:05.610 --> 18:07.170 First of all, a header. 18:11.220 --> 18:16.770 On top of that, the public address going from 26 .22. 18:21.370 --> 18:22.440 This three. 18:26.240 --> 18:29.250 What entries you have here starting from. 18:34.090 --> 18:36.720 Depending upon the next hop right to go to. 18:36.730 --> 18:37.990 Ten .3.3.3. 18:37.990 --> 18:45.940 If you check in your routing table on R2 to go to ten .3.3. 18:46.270 --> 18:48.490 My next hop is 192 168. 18:50.110 --> 18:54.520 So basically I want to go to 192 168 1.1 I'll do a recursive lookup. 18:55.000 --> 19:06.280 192 168 1.0 is tunnel zero and it will show me the address of 192 and 68 1.1 which is what 16 dot one. 19:06.910 --> 19:10.300 So this is my next stop is that I will go to. 19:13.150 --> 19:23.450 16 dot the packet reaches whom i1 i1 opens this part, checks the source and destination source is 10.2. 19:23.500 --> 19:25.780 Destination is what ten dot three? 19:25.780 --> 19:28.240 Where does he check it? 19:28.360 --> 19:33.790 Routing table how to go to ten dot three to go to ten dot three. 19:33.790 --> 19:36.250 My next stop is 1921681.3. 19:36.610 --> 19:41.560 You need to check the mapping for 91.31.3. 19:41.590 --> 19:49.330 The mapping is 36 dot, so the encapsulation that he's going to add is coming from 16 dot one going 19:49.330 --> 19:49.780 to. 19:54.440 --> 19:58.340 The packet goes to 36.3 based on simple routing. 20:01.190 --> 20:02.580 Is there a way I can make this better? 20:02.600 --> 20:03.630 This is Dmvpn. 20:03.650 --> 20:04.700 But phase one. 20:06.460 --> 20:06.730 Back. 20:09.580 --> 20:11.170 See, this is the MVP in phase one. 20:11.170 --> 20:13.870 Everybody spoke, every spoke. 20:14.050 --> 20:17.440 Private network should be able to talk to everybody else. 20:23.110 --> 20:25.360 Now, let's concentrate a little here. 20:26.530 --> 20:28.660 I'm going to all these books. 20:28.710 --> 20:33.310 You think I'll have How many mappings do you think will be on R2? 20:33.340 --> 20:36.730 Right now I've pinned all these books. 20:40.920 --> 20:42.990 How many NHP mappings will be there on R2? 20:46.270 --> 20:49.260 Only one y. 20:50.770 --> 20:51.940 Next hop resolution. 20:51.940 --> 20:52.360 Right. 20:53.410 --> 20:55.030 This next hop is always 1.1. 20:57.800 --> 21:01.600 For R2 to go to all of these networks behind the next hop is always 1.1. 21:01.610 --> 21:03.200 It doesn't need to resolve anything. 21:03.200 --> 21:05.150 It's always sending it to 1.1. 21:05.180 --> 21:11.810 The reply is always first coming to 1.1, then 1.1 is forwarding it out so they don't need to do anything 21:11.810 --> 21:12.200 special. 21:12.200 --> 21:14.090 No resolution, request nothing. 21:14.090 --> 21:16.520 Everything is fine with Dmvpn Phase one. 21:17.810 --> 21:24.080 Phase two will be where I want my spokes to communicate to each other directly. 21:25.130 --> 21:26.600 How do you think that's possible? 21:29.170 --> 21:29.800 Check this out. 21:31.240 --> 21:32.860 I'll go to the tunnel. 21:33.550 --> 21:36.520 I'll say no IP Next. 21:36.550 --> 21:37.090 Hop, Sell. 21:40.490 --> 21:41.390 What does it mean? 21:43.220 --> 21:44.000 Have you done it? 21:44.030 --> 21:45.650 You might have done before. 21:45.890 --> 21:47.120 Some might have missed it. 21:47.720 --> 21:49.700 What is no IP nexthop is doing? 21:51.890 --> 21:54.620 What I'm saying is R1 is in the middle. 21:56.000 --> 21:59.240 R2, let's say, is here, R3 is here. 22:01.720 --> 22:03.730 Ten .2.2.2. 22:04.030 --> 22:10.450 Ten dot What I'm basically saying is when you learn about. 22:12.590 --> 22:16.790 From one label and you're forwarding that route to another neighbor. 22:17.330 --> 22:18.860 Usually, what does it do? 22:18.890 --> 22:24.980 It adds himself as the next hop so that when R2 wants to go to 10.3, it will go through. 22:25.470 --> 22:27.470 That's what's the normal procedure, right? 22:29.120 --> 22:30.050 It will go through R1. 22:30.260 --> 22:31.760 I'm telling him, do not do that. 22:31.760 --> 22:33.200 Do not change the next hop. 22:34.730 --> 22:35.620 What does that do? 22:35.630 --> 22:36.890 The next hop will remain. 22:39.780 --> 22:40.410 1.3. 22:42.000 --> 22:48.180 When R2 receives 10.3, the next hop will remain 192 168 1.3 The actual address of R3. 22:49.380 --> 22:50.160 R2 will not. 22:50.190 --> 22:52.230 R1 will not add itself as the hop. 22:53.100 --> 22:59.670 Similarly, when it gives out R2 to R3 when he's not adding the hop, what is the next hop going to 22:59.670 --> 23:00.120 be? 23:08.160 --> 23:10.230 Let's have a look at it first. 23:12.440 --> 23:15.620 But not not because of the recursive lookup. 23:15.650 --> 23:16.190 Check this out. 23:16.220 --> 23:20.480 Now check the routing table on R2 to go to 10.5. 23:20.690 --> 23:24.620 My next stop is 192 168 1.5. 23:26.690 --> 23:27.740 Why is it 1.5? 23:31.000 --> 23:31.330 See. 23:33.850 --> 23:34.750 Alf was here. 23:35.990 --> 23:41.230 I gave its network to whom r1 r1 forwarded its network to whom? 23:41.950 --> 23:44.890 R2 but in the meantime did not change the next half. 23:48.550 --> 23:51.250 Do you understand why he adds the next hop in the first place? 23:52.630 --> 23:55.120 Next hop is the normal routing protocol. 23:55.600 --> 23:59.980 If it was normal I'm not talking about this because all of them are on the same network. 24:00.010 --> 24:03.460 If it was a normal protocol, let's talk about these three routers. 24:05.450 --> 24:09.890 I said, this is ten, 11, 11.0 slash 24. 24:10.100 --> 24:13.910 This is 1022 22.0 slash 24. 24:13.940 --> 24:17.090 The network here is 2.2.2.2. 24:17.300 --> 24:19.310 The network here is 1.1.1.1. 24:20.580 --> 24:20.750 Right. 24:21.830 --> 24:22.610 Side one. 24:23.450 --> 24:23.750 Side two. 24:26.590 --> 24:33.910 This is anomaly network different networks right now when 1.1 because these two become neighbors are 24:33.910 --> 24:36.970 two will know about 1.1 in his routing table. 24:39.960 --> 24:41.640 But what is the next hop going to be? 24:41.670 --> 24:43.380 Ten, 11. 24:44.190 --> 24:44.340 Ten. 24:44.340 --> 24:46.470 11, 11.1 for R2 to reach 1.1. 24:46.470 --> 24:47.850 Next stop is ten, 11, 11 one. 24:48.180 --> 24:55.320 It will forward it out to R2 when he forwards it out to R3, sorry, R3 will receive it. 24:56.460 --> 25:06.600 It will install it, but next stop will be what, 1020 2.22 dot because he learned it from R2. 25:10.760 --> 25:12.050 Three learned it from R2. 25:12.080 --> 25:15.020 So it will keep R2 addressed as the next stop. 25:15.350 --> 25:17.890 So when he has to send the packet, R3 will send it to R2. 25:17.900 --> 25:19.190 R2 will check its routing table. 25:19.220 --> 25:22.250 R2 will send it to R1 and R1 will move it further. 25:22.880 --> 25:24.300 This is normal routing. 25:24.320 --> 25:25.610 This is how it happens. 25:25.610 --> 25:28.210 But here the concept is a little different. 25:28.220 --> 25:28.670 Why? 25:30.890 --> 25:33.380 The concept is different because all of them are on the same network. 25:37.290 --> 25:37.520 Yes. 25:38.520 --> 25:38.830 No. 25:44.640 --> 25:46.350 Not itself the other guys. 25:46.530 --> 25:47.400 Yes. 25:48.030 --> 25:49.020 Yes, exactly. 25:49.020 --> 25:50.010 So earlier. 25:51.150 --> 25:51.780 Yeah. 25:53.270 --> 25:56.210 In R1 r1 r1 Stunnel interface. 25:56.330 --> 25:57.680 No IP next hop cell. 25:57.710 --> 26:03.680 So I said if you have a route coming in and you're giving that route out again, do not use yourself 26:03.680 --> 26:04.350 as the next hop. 26:04.370 --> 26:11.600 Do not put yourself in the entry of the next hop so that our three and four can by themselves go to 26:11.600 --> 26:14.480 each other because they will have their stops resolved already. 26:15.080 --> 26:16.400 Does everybody get this? 26:16.730 --> 26:17.930 Do you want me to repeat? 26:18.530 --> 26:18.980 Clear. 26:19.640 --> 26:19.910 Next. 26:19.910 --> 26:20.260 Hop, sir. 26:20.780 --> 26:21.140 Right. 26:21.140 --> 26:28.490 So the good thing about this is everything is resolved in the routing tables. 26:29.660 --> 26:34.280 This can give you good 200 spokes, 200 to 250 spokes. 26:35.570 --> 26:40.130 So if you check right now, the only one thing is right now I don't have the mappings. 26:40.130 --> 26:40.580 Right. 26:41.000 --> 26:42.570 I only have it for 1.1. 26:42.590 --> 26:51.440 So now if I send my packet to ten .3.3.3, I would first need to resolve my MHR for 1.2. 26:54.480 --> 26:56.700 Right, because now I'm not sending it only to the hub. 26:56.700 --> 26:58.830 I'm sending it directly to these devices. 26:58.830 --> 27:00.720 So I need to resolve for 1.3. 27:05.660 --> 27:07.820 Do you understand this part Spoke to Spoke. 27:07.820 --> 27:08.330 Right. 27:08.440 --> 27:12.290 Earlier it was all going through the hub so did not need to resolve everything I knew. 27:12.470 --> 27:13.580 The next stop is the hub. 27:13.940 --> 27:17.030 I had a static mapping to the hub, so I would send it directly to the hub. 27:17.990 --> 27:22.850 Now my next stop is the spoke 192 168 1.3. 27:23.210 --> 27:30.560 I don't know the address, the public address of the scope 1.3 I need to go registration request reply. 27:30.590 --> 27:34.880 Get the reply, get the public address, then send it directly to the spoke. 27:37.580 --> 27:37.740 Right. 27:38.340 --> 27:39.510 That's what you see right there. 27:41.010 --> 27:42.570 So resolutions will be here. 27:42.570 --> 27:49.920 If I send it to 10.3, you'll see from 10.3 side show IP and you should see that these have been resolved. 27:51.630 --> 27:51.830 Right. 27:51.900 --> 27:52.500 For two hours. 27:52.500 --> 27:53.580 They'll be there again. 27:53.580 --> 27:55.110 After that, it'll refresh. 27:58.740 --> 28:00.410 Spoke to spoke communication person. 28:01.710 --> 28:04.020 Moved from phase one to phase two. 28:04.550 --> 28:04.950 None. 28:08.600 --> 28:09.350 It's so simple. 28:11.370 --> 28:12.320 It's as simple as that. 28:14.810 --> 28:17.150 Next top shelf is phase two. 28:18.170 --> 28:22.700 There again, I said this support 200 250 spokes very easily. 28:22.730 --> 28:24.560 Very good in scalability. 28:25.490 --> 28:27.050 But what happens? 28:27.080 --> 28:28.010 Imagine this now. 28:28.880 --> 28:31.850 What happens if you have 1000 spokes? 28:32.510 --> 28:36.500 Imagine 1000 different routers connected to each other. 28:38.360 --> 28:39.740 All this information 28:43.580 --> 28:51.230 about what is the next hop is installed where in your routing table, if you have 1000 spokes, how 28:51.230 --> 28:53.330 many entries will be there in the routing table? 28:54.630 --> 28:57.340 Than 1000 will not be summaries. 28:57.700 --> 28:59.710 That is the that is the problem here. 29:00.220 --> 29:05.410 If you're using phase two, it will not be summaries because it needs to know exactly where to go. 29:06.580 --> 29:09.520 If it was ten .0.0.0, what would be the next half? 29:10.830 --> 29:13.470 Yes, it will be a memory problem. 29:13.890 --> 29:15.240 Scalability issue is here. 29:15.240 --> 29:15.720 Why? 29:15.750 --> 29:19.160 See, if this was 10.0 what you were saying about the summary. 29:19.170 --> 29:21.300 If you have 10.0, what would be your next hop? 29:22.530 --> 29:24.300 Because the next hops here are resolved. 29:24.300 --> 29:24.600 Where? 29:24.810 --> 29:25.860 In the table? 29:26.280 --> 29:27.420 In your routing table. 29:27.420 --> 29:28.620 You know what the next hop is? 29:28.650 --> 29:30.360 That's how you pay for it. 29:32.040 --> 29:37.860 If you have 1000 spokes, imagine each of the 1000 spokes will have 1000 routes in their routing table. 29:40.220 --> 29:42.710 Which again causes problems with scalability. 29:43.910 --> 29:46.340 That's why they moved from phase two to phase three. 29:46.520 --> 29:48.730 Phase three accomplishes the same thing. 29:48.740 --> 29:52.640 Still gives you spoke to spoke communication, which you have available to you right now. 29:52.940 --> 29:58.610 But scalability gives you much more scalability than phase two. 29:59.310 --> 30:05.360 How have you ever worked with ICMP redirects or ever heard about it? 30:06.410 --> 30:09.170 ICMP redirects if you have a switch. 30:11.370 --> 30:12.460 And you have a router here. 30:12.520 --> 30:12.900 R1. 30:14.370 --> 30:17.400 This is R2, R3. 30:17.430 --> 30:22.230 Now this might not be an Ethernet switch, can be frame relay or something like that, right? 30:22.260 --> 30:24.510 Basically I'm talking about the same network. 30:27.660 --> 30:29.370 The CDC's 1.0.1. 30:29.370 --> 30:30.420 This is dot two and dot. 30:32.900 --> 30:38.600 For some reason, for some reason, maybe based on mappings or you have to do it like that. 30:38.600 --> 30:39.710 Design perspective. 30:41.150 --> 30:44.450 R3 wants to go to R2, but the next stop is R1. 30:48.230 --> 30:50.690 If you have something like that, right? 30:50.870 --> 30:55.940 If you have something like that, maybe configured, configured like that, that the next hop is going 30:55.940 --> 31:02.750 through R1 because maybe it's a half mesh and something there is an issue, but you want since they 31:02.750 --> 31:04.260 are directly connected to each other, right? 31:04.280 --> 31:07.460 192 168 1.2 and 1.3 are directly connected to each other. 31:07.490 --> 31:11.600 They don't need to go through R1 because of their mappings. 31:11.600 --> 31:12.980 They are, but they don't need to. 31:13.010 --> 31:14.450 How do you fix this? 31:14.930 --> 31:24.650 You go to R1, you use a command called ICMP redirect, which sends a redirect message to both of these 31:24.650 --> 31:31.310 folks, telling them, listen, if you want to telling R3, if you want to go to 192 168 1.2, no need 31:31.310 --> 31:31.880 to come to me. 31:31.880 --> 31:40.190 You can go directly telling R2, listen, if you want to go to 192 168 1.3 no need to come to R1, send 31:40.190 --> 31:41.030 the packet directly. 31:41.040 --> 31:42.380 It's directly connected to you. 31:44.060 --> 31:44.990 ICMP redirect. 31:44.990 --> 31:47.250 They listen to it and they talk directly to each other. 31:50.120 --> 31:50.390 Right. 31:54.460 --> 31:57.160 See, how does the first question is, how does he realize? 31:57.160 --> 31:58.420 How does one realize? 31:58.450 --> 32:01.720 We enable ICMP redirect on on R1. 32:01.900 --> 32:08.650 How does he realizes when he gets a packet on one interface, he doubts it and the and going out the 32:08.650 --> 32:10.630 outgoing interface is also the same. 32:12.400 --> 32:17.320 If the incoming interface is say, for example, this guy, the outgoing interface should not be this 32:17.320 --> 32:18.910 guy should be somewhere else. 32:18.910 --> 32:22.870 But if it is the same guy, he knows that both of these are connected together. 32:24.880 --> 32:30.550 If I'm getting a packet from here and I'm sending it back out from here doesn't make my Why am I there? 32:31.990 --> 32:32.980 I should not be there. 32:32.980 --> 32:34.120 So I send both of them. 32:34.120 --> 32:36.100 I tell them my need is not there. 32:36.100 --> 32:37.090 You can go directly. 32:38.410 --> 32:39.580 So they go directly. 32:39.730 --> 32:43.080 The same concept we will employ deploy in the. 32:44.050 --> 32:51.400 What I'll do for this is first of all I'll disable what the next hop self. 32:51.970 --> 32:53.480 So I'll bring it back again. 32:53.480 --> 32:55.190 So I'll go back to phase one. 32:56.960 --> 33:04.280 Now here it's a little different here it's a little different, a little different than ICMP redirect. 33:04.280 --> 33:09.470 But this concept in Dmvpn is known as NTP Redirect. 33:17.350 --> 33:18.940 And direct. 33:19.450 --> 33:20.050 And then. 33:25.270 --> 33:25.600 Sucker. 33:31.670 --> 33:32.840 And redirect and 33:36.050 --> 33:37.220 redirect is the same. 33:38.090 --> 33:46.100 If you enable it on the tunnel interface and it figures out that both the devices are talking to directly 33:46.100 --> 33:49.040 or talking directly to each other and my need is not there. 33:49.490 --> 33:57.440 What R1 will do is send an Http redirect to them telling R1 or telling sorry, telling R2 that R3 is 33:57.440 --> 33:58.460 directly connected to you. 33:58.460 --> 33:59.060 Go direct. 33:59.840 --> 34:02.270 Also telling R3 R2 is directly connected to you. 34:02.270 --> 34:02.840 Go direct. 34:03.560 --> 34:04.610 It's the same thing. 34:05.590 --> 34:06.840 It's same thing like. 34:08.860 --> 34:10.030 There is a difference. 34:10.060 --> 34:11.410 We'll see what the difference is. 34:13.000 --> 34:16.270 We'll see how it makes the load very easy on the scopes. 34:17.260 --> 34:17.920 I'll show you that. 34:17.920 --> 34:19.000 But do you understand this? 34:19.660 --> 34:19.780 And. 34:20.180 --> 34:20.920 And this? 34:22.220 --> 34:23.590 Yes, That's what we're doing. 34:23.860 --> 34:24.090 We? 34:26.120 --> 34:26.780 Will not be. 34:27.170 --> 34:27.770 I'll show you how. 34:28.790 --> 34:29.360 We will not. 34:30.890 --> 34:31.940 Do you understand this? 34:32.060 --> 34:36.290 The first and first thing is you have to make sure that all traffic is going through the hub in the 34:36.290 --> 34:37.010 first place. 34:38.930 --> 34:44.420 Our traffic has to go through the hub so that we want to trigger the redirect message only when the 34:44.420 --> 34:48.080 traffic comes through the hub and goes out to the other side, the hub will know that these are connected 34:48.080 --> 34:48.920 directly to each other. 34:49.400 --> 34:54.290 It will send out redirects on both sides first before we go to the shortcut. 34:54.320 --> 34:56.360 Let's see this redirect message. 34:57.560 --> 35:01.880 What I'll do is I'll go to R1 Interface Channel zero. 35:01.910 --> 35:03.020 I'll say IP and HRP. 35:05.180 --> 35:05.690 See that? 35:06.350 --> 35:12.800 Now beware a lot of ios's do not support this, so make sure you have the perfect version of iOS. 35:12.830 --> 35:22.340 The one which I have is very bad for advanced enterprise and right. 35:22.580 --> 35:24.200 So it's done. 35:24.230 --> 35:25.670 R1 is set. 35:25.670 --> 35:27.970 Now try it out. 35:27.980 --> 35:28.790 Check this out. 35:29.810 --> 35:32.570 My routes are complete, but my next hop is. 35:32.570 --> 35:33.050 What? 35:35.640 --> 35:40.200 My next job is since going to all the ten networks, my next stop is 10.1. 35:40.200 --> 35:41.010 1.1. 35:41.040 --> 35:42.540 Why don't I go to R1? 35:44.430 --> 35:45.090 And say. 35:47.300 --> 35:47.820 Other summary. 35:50.820 --> 35:53.790 If I do this and I check my spokes. 35:55.860 --> 35:56.870 You go to 10.0. 35:56.880 --> 35:57.900 My next stop is. 35:59.520 --> 36:00.600 Does it make sense? 36:01.620 --> 36:02.490 It does make sense. 36:02.490 --> 36:02.670 Why? 36:02.700 --> 36:04.230 Because R1 has all the roots. 36:09.200 --> 36:16.370 If I do wants to send a packet to 10.4, for example, it will send it to where it will send it to R1. 36:18.320 --> 36:19.990 If I want to go to 10.5, I'll send. 36:20.000 --> 36:20.870 That's my job, right? 36:20.870 --> 36:21.810 I want to do that. 36:21.830 --> 36:24.950 Then the trigger will happen for the trigger. 36:24.950 --> 36:32.300 I do need to send all my traffic to after the trigger happens, I'll use that command of IP and shortcut. 36:32.300 --> 36:35.120 What that means is override your routing table. 36:37.390 --> 36:38.590 Let's see how that works. 36:38.890 --> 36:40.960 Right before that, I have not used the shortcut. 36:41.320 --> 36:44.620 I'll have my wireshark running. 36:45.370 --> 36:46.180 I'll enable it on. 36:50.990 --> 36:53.360 The last packet that you have is 2737. 36:54.410 --> 36:56.480 I will send a ping from R2 to R3 again. 37:03.590 --> 37:05.740 Any traffic indication. 37:06.250 --> 37:11.770 This is the redirect message sent to whom or to send to our. 37:12.250 --> 37:14.280 What happens if we use the same command? 37:14.530 --> 37:15.370 After summarize. 37:16.210 --> 37:21.460 After summarizing, if you use the no next hop cell, it will not show you anything. 37:22.570 --> 37:23.740 Summarize it outright. 37:23.770 --> 37:25.600 It will just show you one route pointing to the hub. 37:27.790 --> 37:30.520 So you'll always send your traffic to the hub anyways. 37:32.980 --> 37:36.430 All of these folks will send their traffic again back to the hub. 37:37.240 --> 37:38.700 Even if you use an extra. 37:39.040 --> 37:39.220 Why? 37:39.280 --> 37:43.690 Because I'm summarizing everything and my 10.10 is also getting summarized. 37:43.990 --> 37:45.730 10.1 What is the next hop me? 37:46.840 --> 37:52.420 So when I send it out, I'm sending it out as we because I'm summarizing, Right. 37:53.300 --> 37:55.530 But do you have a more specific. 37:56.860 --> 37:57.850 Who has a more specific? 37:57.850 --> 37:59.980 You know what I mean? 38:00.700 --> 38:01.330 Advertising. 38:04.000 --> 38:10.720 Because it is more specific than that one, then not it becomes less specific. 38:10.750 --> 38:11.470 Yes. 38:11.470 --> 38:11.950 Yes. 38:11.950 --> 38:12.670 Yes. 38:13.240 --> 38:16.270 So when you advertise it, it becomes more specific. 38:16.630 --> 38:16.990 Yeah. 38:18.130 --> 38:18.910 Directly to. 38:20.420 --> 38:26.330 I mean, when I when I advertise my routes, when R1 is advertising its routes, its advertising it 38:26.330 --> 38:27.560 as what, 10.0? 38:29.660 --> 38:30.010 Right. 38:31.220 --> 38:33.020 Its advertising it as not 10.2. 38:33.050 --> 38:33.620 10.3. 38:33.620 --> 38:34.340 10.4. 38:34.610 --> 38:36.110 Sabotaging it as 10.0. 38:36.110 --> 38:37.550 It's giving everybody 10.0. 38:38.630 --> 38:42.230 So for them they'll always have 10.0 and the next stop will be R1. 38:45.570 --> 38:48.240 Okay, we'll try that after we do this. 38:49.350 --> 38:50.190 Try to do that. 38:50.340 --> 38:51.570 So do you see this? 38:53.940 --> 38:54.900 What is this? 38:55.830 --> 38:58.890 Traffic indication will be sent both directions. 39:00.030 --> 39:04.740 Basically, our one is trying to tell both of them, Listen, you don't need to come to me. 39:05.250 --> 39:06.900 You're coming to me is okay. 39:06.900 --> 39:08.190 You don't need to come to me. 39:08.910 --> 39:10.170 You need to go where? 39:10.620 --> 39:11.490 Directly to each other. 39:13.950 --> 39:17.640 What I'll do on all these folks is I will clear the old mappings. 39:18.810 --> 39:21.210 Clear IP command is clear IP and. 39:28.320 --> 39:30.650 Declaring all the dynamic, energetic markets. 39:30.690 --> 39:32.190 Make sure you don't do this on the hub. 39:33.210 --> 39:35.580 Never, ever use this command on the hub. 39:57.070 --> 39:59.890 So it will be incomplete. 39:59.890 --> 40:00.550 For what? 40:01.330 --> 40:05.350 Incomplete for our three interface Channel zero. 40:11.990 --> 40:12.820 The some time. 40:19.270 --> 40:21.370 Then also here. 40:23.970 --> 40:26.280 Because I want to remove all mappings. 40:26.280 --> 40:28.380 I want to only keep the static one there. 40:37.060 --> 40:38.470 They're all registered properly. 40:40.570 --> 40:43.460 And it also is satisfied, right? 40:44.980 --> 40:52.390 So right now, if I send a ping to ten .3.3.3 with the source of ten .2.2.2, you see that nothing gets 40:52.390 --> 40:52.780 resolved. 40:53.860 --> 40:53.950 Why? 40:53.990 --> 40:54.070 Right. 40:54.070 --> 40:55.630 Because everything is going from there. 40:57.520 --> 40:58.870 Everything is going from the hub. 41:00.940 --> 41:02.530 Ten dot zero network is from where? 41:04.890 --> 41:05.940 This is phase one. 41:06.570 --> 41:08.190 Phase one only with autosomal. 41:09.510 --> 41:14.350 It's just that the hub is trying to send you an indication, telling you please go direct. 41:14.370 --> 41:15.360 Please go direct. 41:17.580 --> 41:18.870 But you're not listening to him. 41:20.250 --> 41:23.850 To listen to this message would mean to override your routing table. 41:27.220 --> 41:28.420 Listen to this message. 41:28.510 --> 41:33.040 For that, you'll have to use a special command known as NP shortcut. 41:36.420 --> 41:36.690 IPA. 41:39.090 --> 41:39.460 IPA. 41:39.630 --> 41:39.880 IPA. 41:40.790 --> 41:48.060 Direct saying that if you if you know that both of them are directly connected, if a packet is coming 41:48.060 --> 41:51.840 from this interface going out again from the same interface, tell them to go direct. 41:51.840 --> 41:52.740 That's redirect. 41:54.660 --> 41:56.040 This is the indication, right? 41:56.710 --> 41:58.470 I'm not sure if you can see everything in here. 41:58.800 --> 42:04.590 The actual source and destination is 10.2 to 10.3 should be here somewhere. 42:05.340 --> 42:06.180 The actual IP. 42:13.470 --> 42:15.390 There is a mandatory party are right here. 42:16.620 --> 42:19.410 16.1 is the source. 42:19.410 --> 42:22.890 Address me my source address. 42:23.550 --> 42:24.030 Right. 42:24.030 --> 42:27.270 And I want to go to ten .2.2.2. 42:27.270 --> 42:29.850 I'm sending this syndication to 26.2. 42:31.920 --> 42:33.750 I'm sending it to 26.2. 42:33.750 --> 42:39.660 I'm telling him, Listen, Source Protocol Address 192 168 1.1 wants to communicate to you. 42:40.980 --> 42:42.450 He wants to communicate to you. 42:42.480 --> 42:47.130 192 168 1.1 wants to communicate to you. 42:49.590 --> 42:50.210 I'm sending it. 42:50.210 --> 42:50.630 To whom? 42:50.960 --> 42:52.470 R2 to R1. 42:52.490 --> 42:55.160 What am I sending the opposite to? 42:55.160 --> 42:55.430 R3? 42:55.460 --> 42:55.730 Sir? 42:56.720 --> 42:57.890 R3, I'll be telling. 43:03.560 --> 43:04.490 All right. 43:07.380 --> 43:08.870 Doesn't give you much information. 43:13.450 --> 43:13.630 Three. 43:13.660 --> 43:16.090 I'm telling that destination is 10.3. 43:16.120 --> 43:17.740 Sources 16.1. 43:18.100 --> 43:21.220 And there is information there. 43:21.220 --> 43:23.770 But it's right there is too huge. 43:23.770 --> 43:25.630 So it's somewhere around the same place. 43:25.640 --> 43:28.180 But let me explain to you what this message is. 43:28.450 --> 43:33.700 What I'm basically telling him is, listen, I'm telling her to first. 43:33.700 --> 43:37.270 Listen, someone is looking for you. 43:37.570 --> 43:43.570 The guy, 182.168 .1.41.3. 43:43.600 --> 43:45.160 Let's say he's talking to all three. 43:47.280 --> 43:49.470 Wants to communicate to you. 43:51.090 --> 43:54.510 It is all for him, right? 43:54.540 --> 43:56.880 I'll use the shortcut command only here. 43:58.710 --> 44:00.270 I will not use it on R3 side. 44:00.270 --> 44:01.650 And let's see how it works. 44:02.340 --> 44:03.540 I will not use it on R3. 44:03.540 --> 44:04.710 I will only use it on R2. 44:05.160 --> 44:07.110 Let's see how R2 deals with it. 44:07.980 --> 44:11.910 I will go to R2 and I will tell him, listen to the shortcut, listen to the redirect message. 44:11.910 --> 44:12.420 How? 44:17.090 --> 44:20.660 I'm telling him, listen to the direct message that is coming to you. 44:21.590 --> 44:23.750 My wife is on on both hands. 44:25.400 --> 44:26.240 This is our three. 44:29.170 --> 44:33.730 Is the other capturing from R six to R four. 44:34.270 --> 44:39.680 So let me send my ping from R two because I'm monitoring R four. 44:39.700 --> 44:41.980 I'll send it to ten 444. 44:42.340 --> 44:43.480 So the source of ten. 44:52.980 --> 44:54.270 Visualize what's happening. 44:54.660 --> 44:56.900 I'm sending my packet to ten four, four, four. 44:57.810 --> 44:59.550 But first it goes to the hub. 45:00.390 --> 45:02.760 Then from the hub, it will go to ten four, four, four. 45:02.820 --> 45:06.150 The hub will make find out that they're directly connected to each other. 45:06.540 --> 45:09.320 It will send out a redirect message. 45:09.330 --> 45:11.010 Only R2 will listen to the message. 45:11.010 --> 45:13.240 And that's what we want to see, what R2 is going to do. 45:13.410 --> 45:18.540 You already gave the IP address on R2 only, so it should go out. 45:18.540 --> 45:21.480 It is not in the beginning unless he gets the redirect. 45:23.580 --> 45:24.040 R2. 45:28.290 --> 45:28.650 Now. 45:28.650 --> 45:29.070 It should. 45:32.030 --> 45:32.590 It may. 45:32.650 --> 45:33.170 What? 45:36.200 --> 45:37.280 I will not listen to. 45:37.670 --> 45:39.350 I too will have the dynamic entry. 45:39.830 --> 45:41.300 I will always go through the hub. 45:42.290 --> 45:44.060 The reply will always come through the hub. 45:45.170 --> 45:48.320 My request from R2 will always go directly. 45:50.090 --> 45:50.640 Asymmetric. 45:51.510 --> 45:53.760 The reply will come this way, but request is going there. 45:53.780 --> 45:54.620 It will be like a cycle. 45:57.230 --> 45:57.530 Yeah. 45:57.980 --> 45:58.850 Batteries go. 46:01.820 --> 46:07.700 You gave the command now for R2 R1, I'm saying redirect R1. 46:07.730 --> 46:08.240 Yes. 46:10.490 --> 46:12.220 So R2 will only listen to the redirect. 46:12.230 --> 46:12.920 Yes. 46:13.040 --> 46:14.540 Once he gets the redirect. 46:16.220 --> 46:18.320 The redirect is a is a message. 46:18.320 --> 46:21.320 The traffic indication message already got it right. 46:22.250 --> 46:23.090 That was old. 46:24.320 --> 46:24.770 That was old. 46:24.770 --> 46:25.700 Once he gets it now. 46:25.700 --> 46:25.880 Yes. 46:25.880 --> 46:27.830 Because he doesn't have the mapping right now. 46:27.830 --> 46:28.210 Disabled. 46:28.220 --> 46:29.000 He didn't listen to it. 46:30.200 --> 46:30.530 He didn't. 46:30.740 --> 46:31.760 He got the message. 46:31.760 --> 46:33.350 He got the packet of redirect. 46:33.380 --> 46:37.650 He didn't listen to it because he didn't have the shortcut command. 46:38.570 --> 46:40.370 The command is there, so it'll be sent again. 46:44.530 --> 46:46.400 I should go directly to Darfur. 46:47.120 --> 46:51.140 The reply will come from the going through. 46:51.800 --> 46:53.180 I want to check first on the hub. 46:54.590 --> 46:55.670 The hub sends out what? 46:56.210 --> 46:57.080 This is the new one. 46:57.710 --> 47:07.520 Traffic indication to both of them to R2 and R4 sends out a traffic indication to R2 and R4. 47:08.510 --> 47:11.780 He gets a resolution request. 47:12.080 --> 47:13.190 This happens every time. 47:14.270 --> 47:15.110 The first time. 47:16.040 --> 47:19.280 Now, if he has the mappings already, now he doesn't need it, right? 47:19.850 --> 47:21.110 He will have the mappings now. 47:21.320 --> 47:26.060 Once he gets the indication, he sends out a resolution request. 47:26.150 --> 47:26.990 Check this out. 47:28.640 --> 47:35.120 Resolution Request Resolving 192 168 1.4 Asking for where is 1.4? 47:36.020 --> 47:37.030 What am I going to do? 47:37.040 --> 47:38.870 I'm going to forward that request to R4. 47:39.470 --> 47:40.460 The same cycle. 47:40.460 --> 47:43.230 I'm going to get the request forwarded to R4. 47:43.260 --> 47:48.510 R4 will reply directly to R2 with his address. 47:49.890 --> 47:52.170 So you see the ping will go through. 47:52.770 --> 47:53.880 If you trace it out. 47:59.730 --> 48:00.240 Android. 48:00.240 --> 48:03.120 4.4.4 with the source of ten .2.2.2. 48:03.270 --> 48:10.430 You see direct you're going directly to 1.4 traceroute will show you one way. 48:10.490 --> 48:10.830 Right. 48:10.830 --> 48:12.450 But if you do the opposite. 48:14.520 --> 48:16.620 Traceroute ten .2.2.2. 48:17.820 --> 48:22.470 So the source of ten .4.4.4 You're always going through the hop. 48:26.380 --> 48:29.170 Because our foe never sent the resolution request. 48:29.830 --> 48:31.510 Also, I want you to see something. 48:31.960 --> 48:32.710 Check this out. 48:33.600 --> 48:33.880 Me? 48:35.740 --> 48:37.750 Do you see a difference in the mappings? 48:40.240 --> 48:43.210 It's dynamic, But you're not only resolving the next hop. 48:44.650 --> 48:47.050 You're actually resolving the full network. 48:52.610 --> 48:54.380 And your overriding your routing table. 48:56.420 --> 49:00.050 Your resolving the complete network of ten .4.4.0. 49:01.550 --> 49:06.530 So when I go to the Hub, I'm not only asking him for where is 182 168 1.4. 49:06.830 --> 49:11.120 I'm asking him for the whole thing, telling him, Listen, the hub tells me, listen, you want to 49:11.120 --> 49:12.170 go to 10.4. 49:12.740 --> 49:13.710 You go to 10.4. 49:13.730 --> 49:21.470 Your next hop is 192, 168, 1.4 In the resolution request I'm asking for where is 10.4? 49:21.500 --> 49:22.940 Whose next stop is 192? 49:22.940 --> 49:24.200 168 1.4. 49:26.620 --> 49:27.940 The complete network. 49:28.520 --> 49:30.460 Verse ten .4.4.3. 49:32.350 --> 49:37.380 So when the request reply comes in from R4, he will reply to me Listen, this is 10.4. 49:37.390 --> 49:38.980 Let's have a look at that reply. 49:39.010 --> 49:39.910 Should be here. 49:40.570 --> 49:41.800 This is the other one, right? 49:43.300 --> 49:43.990 This is the other one. 49:43.990 --> 49:45.720 Let me do NP. 49:45.760 --> 49:47.530 Let's check the entries in here. 49:48.670 --> 49:50.920 He gets that indication, doesn't do anything. 49:51.250 --> 49:53.290 This request is which request? 49:54.520 --> 49:57.510 This request is the one which he received from R2. 49:59.940 --> 50:01.540 R2 on the router. 50:03.280 --> 50:04.000 We don't have to. 50:06.340 --> 50:07.900 You have the coffee, you have the. 50:08.110 --> 50:09.160 That's what we need. 50:11.000 --> 50:12.050 This is the actual address. 50:12.060 --> 50:12.870 This is the next stop. 50:12.990 --> 50:14.980 We never really cared about these two earlier. 50:15.000 --> 50:15.330 Why? 50:15.360 --> 50:16.560 Because they were always the same. 50:16.560 --> 50:18.300 That's why I didn't tell you anything about it. 50:18.600 --> 50:19.800 Now they are different. 50:20.520 --> 50:24.660 So just doesn't only resolve the next hop, it can resolve full networks. 50:24.690 --> 50:27.480 The network part will be here next. 50:27.480 --> 50:32.100 Hop will be here just like your routing table and the physical address. 50:32.340 --> 50:33.810 The real address will be here. 50:35.490 --> 50:36.930 This is the difference between the two. 50:39.240 --> 50:39.690 Okay. 50:45.020 --> 50:48.200 But if I have multiple tunnels. 50:48.680 --> 50:50.740 But I have multiple points. 50:52.240 --> 50:52.690 Point one. 50:53.200 --> 50:53.980 Point to point tunnel. 50:54.510 --> 50:54.940 Okay. 50:56.160 --> 50:56.420 Although. 50:58.770 --> 51:03.300 And in that case you will not use redirect if you have point to point. 51:03.330 --> 51:06.750 Unless you're doing this only because. 51:06.780 --> 51:07.920 See, I'll explain. 51:10.320 --> 51:12.780 Redirect is only working because it's point to multipoint. 51:12.810 --> 51:13.320 Why? 51:13.350 --> 51:16.860 Because everyone is connected from this one interface. 51:17.530 --> 51:18.310 R2 is connected. 51:18.330 --> 51:19.380 R3 is connected. 51:19.890 --> 51:23.910 If it was point to multipoint, point to point, this would be different networks. 51:24.650 --> 51:28.830 If they're different networks, the redirect will not be triggered because you're going from one network 51:28.830 --> 51:29.640 to another network. 51:30.840 --> 51:33.900 Here you're trying to go from the same network to another same network. 51:36.580 --> 51:37.120 Yes. 51:37.850 --> 51:42.360 Let's first go through our one and also go through the same interface. 51:42.380 --> 51:48.260 So going in interface should be the same outside interface should also be in this case, it won't happen 51:48.260 --> 51:48.850 like that. 51:48.860 --> 51:50.210 In this case it will not happen. 51:51.200 --> 51:54.260 But whenever you're using Dmvpn you'll always use multipoint. 51:54.590 --> 51:55.760 That's why Mgwr. 51:57.470 --> 51:57.880 Right. 51:59.450 --> 52:00.590 Do you understand this? 52:00.620 --> 52:02.420 The resolution request and reply. 52:02.450 --> 52:04.970 So resolution request is coming all the way here. 52:05.660 --> 52:06.680 This is the resolution. 52:06.680 --> 52:09.410 Request is asking for 10.4. 52:11.240 --> 52:11.750 Right. 52:11.780 --> 52:13.430 What is the address of 10.4? 52:13.750 --> 52:14.600 Who is asking? 52:14.600 --> 52:15.590 192 168. 52:15.590 --> 52:17.000 1.2 is asking for. 52:17.030 --> 52:19.520 Where is ten .4.4.4? 52:19.550 --> 52:20.990 The reply comes through. 52:22.760 --> 52:23.360 What is the reply? 52:24.710 --> 52:26.600 The reply Am I on the right guy? 52:27.080 --> 52:28.220 I am on the right guy. 52:28.310 --> 52:29.380 This is the request. 52:29.660 --> 52:30.950 How is this different from the. 52:33.240 --> 52:36.350 You have a server and a line, but it does the same thing. 52:37.400 --> 52:41.600 When you have a server and the client looks the same. 52:41.930 --> 52:46.760 Yes, but in that case, in that case, R2 knows the next hop. 52:47.150 --> 52:54.050 So it goes to him asking for where is 192 168, 1.2 in his routing table. 52:54.050 --> 52:57.950 He knows where is 1.4. 53:00.560 --> 53:02.390 It knows where it's supposed to go. 53:02.630 --> 53:07.010 If R2 at that point wants to go to 1.4, it knows where it's supposed to go. 53:07.040 --> 53:10.970 It knows it's supposed to go to 192 168 1.4. 53:11.120 --> 53:13.700 Right now, it doesn't know everything is going through the hop. 53:16.630 --> 53:16.960 Okay. 53:18.070 --> 53:20.320 In phase one, everything goes through the hub. 53:21.070 --> 53:23.890 So our two in his routing table does not know what. 53:23.920 --> 53:25.750 What is the next hub for 10.4? 53:25.750 --> 53:27.040 What is the next hub for 10.5? 53:27.040 --> 53:28.660 What is the next hub for 10.3? 53:28.930 --> 53:33.640 Does it know that in phase three, if you check the routing table, that's what we did, right? 53:34.390 --> 53:35.050 The routing table. 53:35.050 --> 53:36.190 You have no information. 53:40.390 --> 53:43.930 Everything is going through the in phase two. 53:44.020 --> 53:45.610 You know what the next hop is? 53:45.610 --> 53:47.420 You just don't have the mapping for it. 53:47.440 --> 53:52.420 So you go to the hub, you ask him for the mapping, he gives you the mapping here. 53:52.420 --> 53:53.410 That's what we want to do. 53:53.440 --> 53:55.930 We don't want to have any load on the spokes. 53:57.250 --> 53:59.410 We don't want to put any any load on the spokes. 53:59.920 --> 54:01.000 The spokes are free. 54:01.210 --> 54:03.250 They don't have any information in the routing table. 54:03.250 --> 54:03.910 Yes. 54:03.940 --> 54:08.140 When they ping, if the traffic goes through the hub, that will redirect them. 54:08.140 --> 54:11.980 Tell them, no, you're not supposed to go through the hub, go direct. 54:11.980 --> 54:13.600 So give them the mappings. 54:13.630 --> 54:15.100 They will send a request. 54:15.100 --> 54:17.950 Request reply, request, request, reply. 54:17.980 --> 54:18.700 Spoke to spoke. 54:18.700 --> 54:19.480 Communication is. 54:21.860 --> 54:23.570 No pressure on the spokes at all? 54:24.530 --> 54:24.890 Yes. 54:30.820 --> 54:31.690 Yeah, they will. 54:31.960 --> 54:33.550 They will consult the table. 54:33.550 --> 54:33.940 Always. 54:34.150 --> 54:37.570 Since you're using the shortcut command, they'll always configure. 54:37.600 --> 54:43.810 They'll always use the table to move forward right again. 54:43.810 --> 54:50.430 Now I'll go to our for right now our for is still going through the hub so I'll go to our four zero 54:50.470 --> 54:51.280 IP and Http. 54:53.600 --> 54:54.530 Send it again. 54:55.910 --> 54:56.750 First time. 54:58.890 --> 55:02.070 But I spoke to spoke. 55:03.810 --> 55:04.110 Right. 55:04.140 --> 55:08.070 So your traffic going from between them is direct. 55:11.030 --> 55:11.480 Which one? 55:16.030 --> 55:18.020 No, I don't think it has anything to do with AAP. 55:18.620 --> 55:20.750 AAP would be from Marco to go to R6. 55:21.710 --> 55:23.600 That has nothing to do with the whole thing. 55:24.350 --> 55:25.340 That would be for the next half. 55:27.770 --> 55:34.970 Finally, R5 to configure is is easy to understand is what makes the difference. 55:36.050 --> 55:40.450 To configure, just go to the tunnels and shortcut. 55:41.000 --> 55:41.570 That's it. 55:41.960 --> 55:42.430 It's done. 55:42.440 --> 55:42.980 Spoke to spoke. 55:42.980 --> 55:44.390 Communication is done for all of them. 55:44.900 --> 55:48.800 Registrar 10.3 The first packet will go through the hub. 55:49.560 --> 55:53.420 Second packet will go direct if you want to go anywhere now. 55:58.180 --> 55:58.960 First packet Hub. 55:58.990 --> 55:59.920 Second packet. 56:02.940 --> 56:03.840 Second paragraph. 56:05.250 --> 56:06.270 No issues with that. 56:07.660 --> 56:08.040 I think. 56:09.330 --> 56:11.640 Who one nockels and having. 56:12.910 --> 56:14.070 Then not four. 56:14.080 --> 56:14.340 Not for. 56:15.260 --> 56:16.450 It's the same process. 56:16.990 --> 56:18.490 The process is the same. 56:18.490 --> 56:19.120 Yes. 56:19.540 --> 56:20.590 The process is the same. 56:21.250 --> 56:21.580 No. 56:22.180 --> 56:22.900 Check this out. 56:23.140 --> 56:27.040 If I go to, you'll have to see this 1.5. 56:28.270 --> 56:29.260 Go to 1.5. 56:29.550 --> 56:29.830 Why? 56:30.280 --> 56:33.790 And it's resolved right here. 56:36.700 --> 56:39.760 All of these entries are resolved from me. 56:43.200 --> 56:47.640 Then the three then .4.51.11.31.41.5. 56:48.780 --> 56:50.040 The next stops are resolved. 56:50.370 --> 56:51.870 The networks are resolved. 56:52.200 --> 56:53.220 Everything. 56:53.370 --> 56:58.140 See, the best thing that you have to understand the moment the hub realizes that they are supposed 56:58.140 --> 57:02.040 to communicate together, write directly to each other, sends out a retaliation. 57:02.670 --> 57:04.440 It just sits there and sends out a redirect. 57:05.070 --> 57:07.560 They will listen to the redirect, talk to each other. 57:07.590 --> 57:09.430 They don't usually directly talk to each other. 57:09.450 --> 57:10.870 They send out a resolution request. 57:10.890 --> 57:11.760 Resolution Reply. 57:13.860 --> 57:14.280 Resolution. 57:14.280 --> 57:14.640 Request. 57:14.640 --> 57:15.030 Request. 57:15.030 --> 57:15.420 Reply. 57:15.420 --> 57:15.780 Request. 57:15.780 --> 57:16.640 Request. 57:16.650 --> 57:17.600 But we didn't use the. 57:22.160 --> 57:22.650 One, maybe. 57:23.360 --> 57:27.130 Yeah, we did interface channel zero IP and it. 57:27.380 --> 57:28.870 You know what? 57:29.810 --> 57:30.500 Yes. 57:31.130 --> 57:32.870 How was it different from yesterday? 57:32.870 --> 57:34.940 We didn't use phase two yesterday. 57:34.940 --> 57:43.000 Everything was going through the hub, but if I wanted to, I manually went here and I said ping for 57:43.010 --> 57:45.290 92 and 68 .1.5 yesterday. 57:46.530 --> 57:49.410 You know, for this you don't need the redirect. 57:50.810 --> 57:51.240 Why? 57:51.260 --> 57:52.190 For the network? 57:52.550 --> 57:54.470 Because I don't have it in my routing table. 57:56.330 --> 57:57.590 I don't know how to go there. 58:00.860 --> 58:01.030 Yet. 58:01.070 --> 58:07.250 I don't know how to go there, but it's going through the hub, so that means everything will go through 58:07.250 --> 58:07.520 the hub. 58:10.640 --> 58:13.350 That one is that the other one is directly connected to him. 58:13.370 --> 58:23.150 So when I send that, if I ping 192168.1.5 if I do it like this, it will not go to the hub because 58:23.150 --> 58:28.310 the hub is what, 1.1 for the resolution request. 58:31.110 --> 58:35.520 If it wants to go somewhere where it doesn't know where to go, how What does it do? 58:35.640 --> 58:39.640 Send out a request for 10.0. 58:39.660 --> 58:41.610 It is not like he doesn't know where to go. 58:41.640 --> 58:42.690 He knows where to go. 58:42.720 --> 58:43.560 Where is he going? 58:44.250 --> 58:46.410 To the hub for 182. 58:46.410 --> 58:47.370 168, 1.2. 58:47.400 --> 58:48.510 He doesn't know where to go. 58:49.560 --> 58:50.700 Since he doesn't know where to go. 58:50.730 --> 58:54.990 It sends the first two packets or three packets to the hub, but along with that sends a resolution 58:54.990 --> 58:55.320 request. 58:55.490 --> 58:56.520 Didn't understand why. 59:00.030 --> 59:00.300 Not. 59:02.160 --> 59:02.550 See. 59:02.850 --> 59:03.630 Let me explain. 59:04.950 --> 59:10.470 If you did not have any direct messages, let's talk about the case where you don't have redirect implemented 59:10.470 --> 59:10.950 on R1. 59:11.400 --> 59:23.010 If you don't have that and R2 wants to ping ten .3.3.3, what is going to happen to this pink? 59:24.180 --> 59:31.320 The next stop is R1 R1 checks, the routing table, the next hop is R3, forwards it to R3 return back. 59:31.320 --> 59:32.610 It also follows the same path. 59:33.780 --> 59:34.320 Correct. 59:35.280 --> 59:37.560 That's because the next hop of this was what? 59:41.000 --> 59:42.080 That's why it goes to the hub. 59:43.280 --> 59:47.660 The only reason it's going to the hub is because the next hub is 192, 168, one not. 59:48.590 --> 59:57.110 The difference is now if I ping 192 .168.1. is the next stop the hub. 59:59.730 --> 1:00:00.750 For this network. 1:00:00.750 --> 1:00:01.530 What is the next half? 1:00:03.030 --> 1:00:04.320 Is it supposed to go to the hub? 1:00:04.470 --> 1:00:08.100 No, it's not supposed to go to the hub. 1:00:08.130 --> 1:00:12.690 It goes to the hub only for the reason because he doesn't have the resolution for it. 1:00:13.410 --> 1:00:18.060 So this packet also goes to the hub, but not because it wants to. 1:00:18.600 --> 1:00:20.040 Because it needs to. 1:00:23.640 --> 1:00:24.960 So I will send. 1:00:25.530 --> 1:00:26.280 I will not. 1:00:26.280 --> 1:00:27.780 Okay, Let's remove this whole thing. 1:00:29.310 --> 1:00:31.920 This packet will only go to the hub because. 1:00:33.720 --> 1:00:40.740 And go out again here only because along with this, a resolution request will also be sent. 1:00:43.430 --> 1:00:46.460 The only reason it goes to the hub is so that the packet is not dropped. 1:00:47.600 --> 1:00:50.600 That's why otherwise it would be in the buffer and get dropped. 1:00:51.530 --> 1:00:55.880 So unless he gets the resolution reply back, it sends it through the hub. 1:00:56.990 --> 1:00:58.220 Because why? 1:00:58.760 --> 1:00:59.990 I'm not going to 1.1. 1:00:59.990 --> 1:01:01.100 I'm going to 1.3. 1:01:03.620 --> 1:01:05.450 Do you understand the difference between the two? 1:01:05.690 --> 1:01:18.550 Now when redirect is on, when redirect is on from R2, if I ping ten .3.3.3, the next stop is still 1:01:18.560 --> 1:01:19.010 R1. 1:01:19.880 --> 1:01:20.780 Packet goes to R1. 1:01:22.960 --> 1:01:26.390 I won't forward it to our three right. 1:01:27.020 --> 1:01:29.810 Figures out that both of them are the same interface sends out what? 1:01:35.560 --> 1:01:37.630 Sends out a redirect to both of them. 1:01:37.860 --> 1:01:38.410 Both. 1:01:38.410 --> 1:01:39.880 Both of them are and are. 1:01:40.090 --> 1:01:42.400 And then they send out the resolution request. 1:01:42.430 --> 1:01:51.730 The redirect is only to tell R2 to trigger resolution for ten networks for 192, 168 networks. 1:01:51.730 --> 1:01:53.350 He doesn't need to send out the redirect. 1:01:56.200 --> 1:01:58.640 They can be in here. 1:02:00.400 --> 1:02:01.720 An email address of what? 1:02:02.890 --> 1:02:04.000 Of myself. 1:02:04.030 --> 1:02:09.850 R1 R1 says I'm the guy who's sending you the redirects, right? 1:02:09.880 --> 1:02:14.080 Doesn't send the address, tells them you want to go to this public address. 1:02:16.740 --> 1:02:16.950 Right. 1:02:17.100 --> 1:02:18.630 Listen, understand this. 1:02:18.660 --> 1:02:24.810 If R2 needs to go to any one of 182.168 .1. except for one. 1:02:24.840 --> 1:02:26.070 Anywhere else. 1:02:29.580 --> 1:02:31.200 He will know that he is supposed to resolve it. 1:02:33.970 --> 1:02:34.840 Try to understand this. 1:02:34.870 --> 1:02:41.330 If R2 wants to go anywhere else other than 192 168 1.1, it will send out a resolution request. 1:02:41.350 --> 1:02:41.740 Why? 1:02:41.770 --> 1:02:43.570 Because this mapping is static for him. 1:02:43.570 --> 1:02:44.780 The other ones are not. 1:02:44.800 --> 1:02:46.810 So it sends out resolution requests. 1:02:47.680 --> 1:02:51.490 So if you ping from here to 192 168 1.3456. 1:02:51.520 --> 1:02:52.960 You don't have to trigger it. 1:02:52.990 --> 1:02:55.270 It automatically sends out the resolution request. 1:02:55.420 --> 1:02:57.940 The problem is when you go to 10.4. 1:02:58.930 --> 1:03:00.520 When you ping ten dot four. 1:03:04.190 --> 1:03:08.630 If the next hop was 192, 168, 1.4, it would send out the resolution request. 1:03:09.050 --> 1:03:10.610 But your next hop is not that. 1:03:10.610 --> 1:03:13.460 Your next hop is what, 1.1. 1:03:14.720 --> 1:03:18.890 So you need another way, another mechanism to trigger that resolution request. 1:03:18.920 --> 1:03:20.210 What is that mechanism? 1:03:21.170 --> 1:03:27.230 R1 will send the redirect only so that you send what? 1:03:28.040 --> 1:03:30.380 Nrhp resolution request. 1:03:31.250 --> 1:03:32.270 That's it. 1:03:32.300 --> 1:03:33.890 R1 doesn't say anything. 1:03:33.920 --> 1:03:34.850 R1 just tells him. 1:03:34.850 --> 1:03:38.640 Listen to go to 1.4.4.4. 1:03:38.690 --> 1:03:42.500 Your next hop is 192.168.1.4. 1:03:42.530 --> 1:03:43.190 That's what he tells. 1:03:43.190 --> 1:03:44.210 That's all he tells us. 1:03:45.740 --> 1:03:49.670 Then he resolves for what, one dot. 1:03:51.850 --> 1:03:56.440 Similarly, when he goes to this guy tells him listen to go to ten .2.2.0. 1:03:56.470 --> 1:04:01.390 Your next stop is 1.2 resolve for 1.2. 1:04:03.220 --> 1:04:10.870 The resolution will always be for 192 168 Network interfaces the endpoints. 1:04:11.170 --> 1:04:13.810 Yes, to go to these tunnel interfaces, what is my next? 1:04:13.810 --> 1:04:15.670 What is my nvme address? 1:04:15.670 --> 1:04:17.950 What is the physical address to go to these addresses? 1:04:20.470 --> 1:04:20.740 Right. 1:04:20.740 --> 1:04:28.660 But any redirect is a little more advanced because it also lets you know the whole thing, the subnets, 1:04:28.690 --> 1:04:30.820 the subnets behind that next. 1:04:33.250 --> 1:04:34.120 That's because of the pain. 1:04:34.150 --> 1:04:37.760 You sent the destination and the pain tells you to go to this destination. 1:04:37.780 --> 1:04:41.950 Your next stop is 1.2 to go to that destination. 1:04:41.960 --> 1:04:44.110 Your next stop is 1.31.4. 1:04:44.140 --> 1:04:45.250 Gives them that. 1:04:45.460 --> 1:04:47.710 Then he needs the name address for that. 1:04:47.710 --> 1:04:50.350 So he sends out resolution request gets the reply. 1:04:52.880 --> 1:04:53.180 Claire. 1:04:56.580 --> 1:04:57.260 A table. 1:05:10.440 --> 1:05:15.240 1.31.31.2.01.3 is not here. 1:05:28.820 --> 1:05:29.770 The other ones are not. 1:05:29.780 --> 1:05:31.160 Everything is going through the tunnel. 1:05:31.670 --> 1:05:32.870 Which one do you want to see? 1:05:35.260 --> 1:05:36.280 What do you want to see in the set? 1:05:40.670 --> 1:05:42.650 It's in the chest. 1:05:43.280 --> 1:05:47.180 The next stop is just 1.3, 1.4 and 1.5 right here. 1:05:48.830 --> 1:05:49.070 Right. 1:05:52.230 --> 1:05:55.320 According to this, it goes to the table according to the next operator. 1:05:56.100 --> 1:05:57.000 Then it goes where? 1:05:58.440 --> 1:05:58.830 Right here. 1:06:00.450 --> 1:06:00.900 Right here. 1:06:00.900 --> 1:06:01.500 He gets what? 1:06:07.050 --> 1:06:07.410 Jackson. 1:06:11.430 --> 1:06:14.040 But they won't be resolved. 1:06:14.040 --> 1:06:14.220 Yes. 1:06:14.250 --> 1:06:14.730 Exactly. 1:06:14.730 --> 1:06:16.650 That's the that's the biggest difference. 1:06:18.600 --> 1:06:20.250 They will not because it's in the routing table. 1:06:20.250 --> 1:06:20.640 Right. 1:06:20.670 --> 1:06:22.170 But in table, the next stop is there. 1:06:23.340 --> 1:06:24.780 So the next stop is there. 1:06:24.780 --> 1:06:25.890 It doesn't need to go. 1:06:31.560 --> 1:06:31.990 You up. 1:06:32.830 --> 1:06:35.740 See and happy right here. 1:06:37.600 --> 1:06:38.680 This is the table. 1:06:41.640 --> 1:06:42.540 But that also means. 1:06:43.100 --> 1:06:46.100 Yeah, not lots. 1:06:46.460 --> 1:06:47.720 Not really a lot. 1:06:47.990 --> 1:06:53.660 Because see, the good thing about the one which you're using right now is spokes will only have the 1:06:53.660 --> 1:06:56.810 mappings only if they're talking to each other. 1:06:58.520 --> 1:07:00.950 So thousand spokes will not be talking to each other. 1:07:00.980 --> 1:07:03.290 Thousands, Thousands of seconds. 1:07:03.710 --> 1:07:04.370 Every second. 1:07:04.820 --> 1:07:06.170 They will not be talking to each other. 1:07:06.410 --> 1:07:08.170 Only if I'm talking to that spoke. 1:07:08.180 --> 1:07:09.770 I will have the mapping for that spoke. 1:07:12.080 --> 1:07:13.220 Do you understand that part? 1:07:14.180 --> 1:07:15.680 Only if I'm talking. 1:07:15.710 --> 1:07:17.000 The good thing is two hours. 1:07:17.000 --> 1:07:17.900 I'm not talking. 1:07:17.930 --> 1:07:18.950 Entry is removed. 1:07:20.240 --> 1:07:23.270 So there will not be a lot of pressure on the spokes. 1:07:23.270 --> 1:07:24.860 That is the best thing about phase three. 1:07:25.070 --> 1:07:27.770 And that's why it can support more than 1000 spokes. 1:07:30.590 --> 1:07:35.150 The neighbor relationship will not go down because all of them are neighbors with whom only one guy, 1:07:36.050 --> 1:07:36.350 the hub. 1:07:37.490 --> 1:07:38.660 And it's a static entry. 1:07:40.320 --> 1:07:41.250 That will be the dynamic. 1:07:41.610 --> 1:07:47.560 The dynamic goes down, which is okay because the moment you send a ping and resolution request redirect. 1:07:47.580 --> 1:07:50.520 All three packets spoke to, spoke to, set up again. 1:07:53.010 --> 1:07:53.280 See. 1:07:55.990 --> 1:07:56.160 I. 1:07:59.400 --> 1:07:59.830 Okay. 1:08:02.270 --> 1:08:02.840 Maybe not. 1:08:03.900 --> 1:08:04.370 Foxes. 1:08:05.250 --> 1:08:06.300 No, they're not. 1:08:09.940 --> 1:08:14.290 So much good stuff, right? 1:08:14.320 --> 1:08:15.580 You mean hubs? 1:08:16.090 --> 1:08:16.540 These hubs. 1:08:19.150 --> 1:08:20.950 Something I want is my house. 1:08:20.980 --> 1:08:22.180 You want to have another hub? 1:08:23.560 --> 1:08:24.520 I too, will be another hub. 1:08:27.570 --> 1:08:32.380 Yeah, yeah, yeah, yeah, yeah. 1:08:32.380 --> 1:08:33.340 We call it Daisy Chain. 1:08:33.700 --> 1:08:34.030 Yeah. 1:08:34.080 --> 1:08:34.760 How is that? 1:08:36.100 --> 1:08:39.540 Serves as a resolution. 1:08:39.540 --> 1:08:41.580 In that case, you're talking about multiple hubs, right? 1:08:41.580 --> 1:08:45.000 So you have one cloud here, another cloud here, another cloud here. 1:08:47.130 --> 1:08:49.230 And after wants to talk to our ten. 1:08:49.260 --> 1:08:50.790 And where do you think our ten is? 1:08:51.150 --> 1:08:52.240 Our ten is not in the store. 1:08:52.530 --> 1:08:53.580 It's in some other cloud. 1:08:54.540 --> 1:08:55.650 It's in some other cloud. 1:08:55.650 --> 1:08:57.960 So what you would do is say R1 is here, right? 1:08:58.050 --> 1:08:58.950 R2 is here. 1:08:59.040 --> 1:09:01.350 R1 will be the hub of some other guy also. 1:09:03.090 --> 1:09:06.270 So you'll have R1 working in 182 and 68. 1:09:07.460 --> 1:09:11.940 R1 R1 will be your point of contact for both of them, but both of them. 1:09:12.510 --> 1:09:13.080 But right now. 1:09:13.080 --> 1:09:13.560 Both of them. 1:09:13.560 --> 1:09:18.990 So this is one cloud right on here you have another cloud, but the point of contact between them is 1:09:19.170 --> 1:09:19.500 R1. 1:09:19.500 --> 1:09:21.840 You could also have R1 and R2 for redundancy. 1:09:23.010 --> 1:09:28.920 So you have one cloud here, one cloud here, R1 and R2 acting as one cloud between the two. 1:09:29.430 --> 1:09:32.940 But again, you'll have to make sure that these two are separate networks. 1:09:33.630 --> 1:09:36.280 This is 182 and 68 1.0, a separate network. 1:09:36.310 --> 1:09:40.090 This is 192 168 2.0, a separate network for R2. 1:09:40.090 --> 1:09:44.080 R2 will differentiate, R1 will differentiate them there. 1:09:44.080 --> 1:09:45.580 You would read at that place. 1:09:45.580 --> 1:09:50.650 You would not say if the clouds want to talk to each other, no redirect is needed because you'll be 1:09:50.650 --> 1:09:55.960 coming in from this interface, going to another interface, not directly connected, so you don't need 1:09:55.960 --> 1:09:59.290 redirect and redirect. 1:09:59.290 --> 1:10:05.050 So the network is not directly connected to redirect is used for the networks which are in your in your 1:10:05.050 --> 1:10:09.440 same to the spokes which are in your same network because you want to see. 1:10:09.460 --> 1:10:13.300 I want to talk to him, but my packet is going from there, so I need a redirect. 1:10:14.950 --> 1:10:17.290 I need the hub to tell me go direct. 1:10:18.010 --> 1:10:20.830 But now I want to go to the other cloud which is behind the hub. 1:10:21.400 --> 1:10:23.170 Do you know? 1:10:24.400 --> 1:10:32.620 See, when he says cloud to cloud, what he's talking about is I have one cloud here, I have R1 here, 1:10:32.710 --> 1:10:33.640 I have another cloud here. 1:10:33.640 --> 1:10:35.020 These are two different networks. 1:10:40.410 --> 1:10:41.070 2.0. 1:10:41.760 --> 1:10:45.660 So if a router here wants to talk to a router here, why does it need to redirect? 1:10:45.660 --> 1:10:51.090 His packet will always have to go through R1 and the reply also has to come through R1. 1:10:51.870 --> 1:10:53.250 How do you directly talk? 1:10:53.280 --> 1:10:54.990 They're not connected directly to each other. 1:10:55.320 --> 1:10:57.600 The only point of communication between them is R1. 1:10:59.810 --> 1:11:00.340 You think? 1:11:00.730 --> 1:11:03.530 No, no, no, no, no. 1:11:03.570 --> 1:11:04.200 That's not right. 1:11:08.360 --> 1:11:08.720 Here. 1:11:08.720 --> 1:11:10.190 You won't use the same interface here. 1:11:10.190 --> 1:11:11.690 You'll be two different interfaces. 1:11:12.590 --> 1:11:19.950 The earlier one, you can compare it because one router doing everything just like router switch plans 1:11:19.970 --> 1:11:21.620 come and he's doing everything. 1:11:21.620 --> 1:11:25.370 But this is much better than that because your data traffic is not coming through. 1:11:25.370 --> 1:11:25.730 This guy. 1:11:25.730 --> 1:11:28.170 No data. 1:11:28.220 --> 1:11:34.880 It's control plane traffic only which is coming to the hub and request resolution that is coming through 1:11:34.880 --> 1:11:43.970 the hub data plane traffic is going directly spoke to spoke right in router on a stick everything is 1:11:43.970 --> 1:11:47.060 the data is all coming through so a lot of pressure on the router here. 1:11:47.060 --> 1:11:48.230 Even the hubs are free. 1:11:48.950 --> 1:11:55.850 The hubs don't do much, they only resolve some requests resolution and they're fine just sitting back. 1:11:57.740 --> 1:12:00.110 Okay, let. 1:12:02.210 --> 1:12:03.230 How do you protect it? 1:12:05.420 --> 1:12:05.860 Phase three. 1:12:05.870 --> 1:12:06.920 How to protect it? 1:12:07.420 --> 1:12:07.550 Nothing. 1:12:07.880 --> 1:12:09.170 Just copy and paste. 1:12:29.750 --> 1:12:29.940 Right. 1:12:30.750 --> 1:12:31.440 That's all. 1:12:31.560 --> 1:12:32.130 You're done. 1:12:32.790 --> 1:12:33.270 You're done. 1:12:35.890 --> 1:12:39.570 So neighbors have all the neighbors set. 1:12:42.830 --> 1:12:43.530 Neighbors. 1:12:46.500 --> 1:12:46.760 None. 1:12:47.310 --> 1:12:47.860 None. 1:12:47.940 --> 1:12:48.380 None. 1:12:48.890 --> 1:12:48.980 None. 1:12:50.480 --> 1:12:52.730 Swipe it out right now. 1:12:52.730 --> 1:12:53.210 No doubt. 1:12:53.510 --> 1:12:55.970 Just a default route, just ten zero. 1:12:55.970 --> 1:12:56.210 Right. 1:12:56.300 --> 1:13:05.420 So if I ping ten .4.4.4 with the source of ten .55.5, I can go trace route ten .4.4.4 to the source 1:13:05.420 --> 1:13:08.750 of ten, not direct. 1:13:09.470 --> 1:13:13.190 So crypto IPsec section gaps. 1:13:17.930 --> 1:13:24.830 Right stepping fighting HRP point five 10.4. 1:13:24.850 --> 1:13:25.600 Let me think. 1:13:26.140 --> 1:13:27.490 Ten .3.3.3 1:13:31.240 --> 1:13:35.980 IPsec Downs as per the as per where he's going. 1:13:36.460 --> 1:13:39.640 So Crypto IPsec has a section 1:13:43.300 --> 1:13:43.420 now. 1:13:43.480 --> 1:13:47.080 Earlier you had three, now you have four because now I'm also sending two. 1:13:47.380 --> 1:13:48.990 So crypto campus. 1:13:56.040 --> 1:14:00.450 Right for everyone will create a nicer campus for every spoke. 1:14:00.480 --> 1:14:01.700 There will be icy campuses. 1:14:02.340 --> 1:14:08.040 3254255221252255245, two, three. 1:14:15.970 --> 1:14:16.800 Said from our one. 1:14:21.890 --> 1:14:22.640 One with each. 1:14:23.510 --> 1:14:28.070 This will be there because I have neighbors with everybody else. 1:14:28.100 --> 1:14:35.930 Now, if that guy is talking to someone else, right, if, say, for example, R3 is talking to R5, 1:14:35.960 --> 1:14:37.910 it would need a separate tunnel for that. 1:14:39.290 --> 1:14:42.500 If R3 is talking to R2, it will need a separate tunnel for that. 1:14:42.650 --> 1:14:44.420 So all the tunnels will be dynamic. 1:14:44.450 --> 1:14:45.980 The good thing is they are all dynamic. 1:14:46.460 --> 1:14:48.740 The moment you send traffic, the tunnel will come up. 1:14:49.820 --> 1:14:53.210 The moment mappings expire, the tunnel will also go down. 1:14:55.940 --> 1:14:56.210 Okay. 1:14:57.890 --> 1:14:58.810 So when you draw it. 1:15:01.190 --> 1:15:01.670 Can you go? 1:15:04.160 --> 1:15:09.450 And can you say that the marketing term is inside the IP segment? 1:15:10.430 --> 1:15:15.470 See, these are your tunnels with these are your tunnels with whom? 1:15:16.550 --> 1:15:17.300 With the hub. 1:15:22.170 --> 1:15:24.990 Here are the tunnels with the hub, with the static mappings between the two. 1:15:25.830 --> 1:15:26.640 They'll never go down. 1:15:27.120 --> 1:15:28.200 Packets are going through them. 1:15:29.790 --> 1:15:35.460 Then if R4 wants to talk to R5, you will need to have another tunnel. 1:15:40.560 --> 1:15:40.830 Right. 1:15:41.040 --> 1:15:43.440 Because they spoke to spoke direct communication. 1:15:45.600 --> 1:15:46.260 Inside. 1:15:46.760 --> 1:15:50.920 These are all IPsec tunnels before IPsec, Obviously UDP is negotiated. 1:15:50.940 --> 1:15:51.870 UDP 500. 1:15:52.110 --> 1:15:55.050 So they because they're talking to each other, right? 1:15:55.080 --> 1:15:56.070 They're talking to each other. 1:15:56.100 --> 1:15:57.030 UDP is negotiated. 1:15:57.030 --> 1:15:58.200 Everything is negotiated. 1:15:58.410 --> 1:16:06.300 The negotiation will be from 192.168.1. 5 to 1 92.168.1.3. 1:16:07.980 --> 1:16:09.660 On the outside will be what? 1:16:13.230 --> 1:16:16.950 56.52 36 point. 1:16:20.210 --> 1:16:24.620 Tunnel info say this will be the actual packet. 1:16:24.620 --> 1:16:29.360 So esp right here to protect whatever is inside so you will never see the spark. 1:16:31.480 --> 1:16:37.440 So if we had here, you can see that I've been acting inside the system. 1:16:37.870 --> 1:16:42.130 And yes, we had a yes because Gary is right here. 1:16:42.400 --> 1:16:43.390 This is actually Gary. 1:16:44.050 --> 1:16:48.820 And on top of that is what this header is a lot. 1:16:50.500 --> 1:16:52.690 The header on the packet is also a lot. 1:16:52.720 --> 1:16:53.860 How can you reduce it? 1:16:56.040 --> 1:16:56.530 Transport. 1:16:56.880 --> 1:16:58.140 Do you think it will work here? 1:16:59.460 --> 1:17:00.240 Definitely will. 1:17:03.830 --> 1:17:05.780 We have seen much the same. 1:17:06.320 --> 1:17:07.940 See, the packet is still the same. 1:17:07.940 --> 1:17:10.820 You're going from ten .3.3.3 going to. 1:17:13.640 --> 1:17:14.450 It is protected. 1:17:14.450 --> 1:17:15.140 Using what? 1:17:15.800 --> 1:17:17.020 Not protected. 1:17:17.030 --> 1:17:17.780 Encapsulated. 1:17:17.780 --> 1:17:18.440 Using grease. 1:17:18.710 --> 1:17:20.930 Going from 36.3 going to. 1:17:23.730 --> 1:17:24.900 Protected using what? 1:17:27.030 --> 1:17:31.800 Also again, since esp copies the header 46.4. 1:17:32.610 --> 1:17:33.870 These two are the same. 1:17:34.560 --> 1:17:38.520 Use transport mode will remove complete section. 1:17:39.000 --> 1:17:40.110 Entirely remove it. 1:17:43.050 --> 1:17:43.230 Her 1:17:47.130 --> 1:17:50.040 daughter will be the actual one public to public. 1:17:52.230 --> 1:17:55.050 Inside will also be public to public address. 1:17:58.500 --> 1:17:58.800 No, no. 1:17:58.830 --> 1:18:00.390 I'll be 10.3 to 10.4. 1:18:00.420 --> 1:18:01.860 Then he will look for the next stop. 1:18:01.860 --> 1:18:02.650 From the next stop. 1:18:02.670 --> 1:18:05.310 He'll find the public address, that public address he'll put here. 1:18:08.280 --> 1:18:13.740 External interfaces have the one thing we don't have that we don't need that. 1:18:14.010 --> 1:18:17.400 See the tunnel interface only you need to resolve this part. 1:18:18.720 --> 1:18:20.340 Which destination do you want to go? 1:18:21.210 --> 1:18:23.160 That's the only reason why you need the tunnel, right? 1:18:26.360 --> 1:18:28.280 See if you want to ping 1:18:29.630 --> 1:18:33.590 192.168.1.4. 1:18:35.150 --> 1:18:36.760 You'll go to your table. 1:18:36.770 --> 1:18:40.040 From the table, you'll find the public address, that public address you'll put here. 1:18:42.400 --> 1:18:42.770 Correct. 1:18:43.780 --> 1:18:47.650 You go to the table, get the public address. 1:18:50.530 --> 1:18:50.980 It is? 1:18:50.980 --> 1:18:51.130 Yeah. 1:18:51.140 --> 1:18:51.420 Let's. 1:18:51.430 --> 1:18:53.440 Let's just not look at this part. 1:18:54.190 --> 1:18:55.570 Let's say there is no encapsulation. 1:18:56.530 --> 1:18:58.120 Encapsulation is just nothing. 1:18:58.120 --> 1:18:59.740 Just copies the header on the outside. 1:18:59.740 --> 1:19:00.880 Same duplicate header. 1:19:02.590 --> 1:19:02.980 Right. 1:19:02.980 --> 1:19:06.760 So if I go on to go to ten 1.4, I get the address right here. 1:19:07.090 --> 1:19:09.580 Now if you want to go to. 1:19:12.940 --> 1:19:13.930 What happens? 1:19:15.880 --> 1:19:16.900 The next hop, right? 1:19:16.930 --> 1:19:21.550 The next stop is what, 192 160 81. actual it's for. 1:19:21.700 --> 1:19:25.060 But for now it thinks it's one goes to one gets the resolution. 1:19:25.060 --> 1:19:29.620 In the resolution it says it's for it doesn't go need to go to that for it just needs to know what is 1:19:29.620 --> 1:19:30.880 the public address of that phone. 1:19:31.270 --> 1:19:33.400 That public address is installed right here. 1:19:36.880 --> 1:19:38.800 You don't have to worry about where you're going. 1:19:38.830 --> 1:19:40.120 You're not actually going there. 1:19:40.450 --> 1:19:42.220 You can have 1000 networks behind. 1:19:42.220 --> 1:19:43.840 You could be going to any one of those networks. 1:19:43.840 --> 1:19:46.330 What you care about is the next hop to go here. 1:19:46.330 --> 1:19:47.140 What is the next hop 1:19:50.160 --> 1:19:50.310 in? 1:19:50.410 --> 1:19:53.020 A to M and N are related. 1:19:53.620 --> 1:19:55.100 They work together to form the. 1:19:57.880 --> 1:20:00.190 And here is not possible if you don't have your next hop. 1:20:00.190 --> 1:20:00.580 Right. 1:20:02.060 --> 1:20:03.430 One destination is never known. 1:20:03.640 --> 1:20:04.780 Who solves that for you? 1:20:06.570 --> 1:20:15.240 And they said in the next chapter to configure, it's super easy. 1:20:16.020 --> 1:20:22.950 Why you just go up there and shortcut, redirect, shortcut. 1:20:22.950 --> 1:20:23.690 It's done. 1:20:23.700 --> 1:20:26.460 Starts working to understand. 1:20:26.460 --> 1:20:29.490 It takes concept. 1:20:29.490 --> 1:20:32.730 And that's exactly why they brought this whole thing. 1:20:32.730 --> 1:20:41.580 They've removed frame relay with Dmvpn because of these concepts, so many different routing concepts 1:20:41.580 --> 1:20:41.880 in there. 1:20:42.750 --> 1:20:47.130 These are we didn't do anything with IPsec just copied IPsec pasted it here. 1:20:47.460 --> 1:20:47.940 Yes. 1:20:47.940 --> 1:20:49.650 If you use transport mode, it will work. 1:20:51.780 --> 1:20:52.250 PVCs. 1:20:52.260 --> 1:20:52.680 Yes. 1:20:52.680 --> 1:20:53.670 Which this one? 1:20:53.670 --> 1:20:54.390 Not really. 1:20:54.390 --> 1:20:57.270 If you understand how it's working now, it will not be if you're using. 1:20:57.270 --> 1:20:57.420 Yes. 1:20:58.860 --> 1:20:59.330 Yeah. 1:20:59.760 --> 1:21:01.080 You will have to use full mesh. 1:21:03.520 --> 1:21:08.860 So if you don't use full mesh obviously spoke to spoke, communication will not be possible. 1:21:09.910 --> 1:21:11.040 Everything will go through the hub. 1:21:13.470 --> 1:21:16.860 Okay, clear everyone. 1:21:17.460 --> 1:21:20.670 Also for frame relay, there is also another new kind of not new. 1:21:20.700 --> 1:21:24.700 It's a different type of VPN called get VPN with frame relay. 1:21:24.720 --> 1:21:29.790 What you have is your connectivity is always there here because this is the internet. 1:21:29.790 --> 1:21:33.060 I needed to make sure that 10.4 and 10.4 communicate to each other. 1:21:33.870 --> 1:21:37.740 If you have frame relay here, this communication will always be set beforehand. 1:21:37.920 --> 1:21:40.050 The service provider will do that for you. 1:21:40.890 --> 1:21:42.210 Here you have to set it up. 1:21:44.180 --> 1:21:46.930 Yes, because that's what they do, right? 1:21:46.940 --> 1:21:48.500 They connect to your private networks together. 1:21:48.500 --> 1:21:50.480 So you don't have to worry about that part here. 1:21:50.480 --> 1:21:52.790 You have to make sure that these communicate For that. 1:21:52.790 --> 1:21:55.520 You have to run a routing protocol for routing protocols. 1:21:55.520 --> 1:21:58.340 You have to let multicast go through a lot of different things. 1:22:01.240 --> 1:22:01.780 Okay. 1:22:02.720 --> 1:22:07.030 You know, I was just again, Channel zero. 1:22:07.300 --> 1:22:10.850 Whatever is going through the tunnel interface, zero. 1:22:12.820 --> 1:22:14.410 Every time we have traffic from the tunnel. 1:22:14.410 --> 1:22:18.700 So anything going to the network of 192 168 1.0 is through the tunnel. 1:22:19.150 --> 1:22:22.330 If the next stop is 192 168 1.0 it goes through the tunnel. 1:22:24.310 --> 1:22:27.020 In crypto in crypto matches. 1:22:27.220 --> 1:22:30.250 How do you compare that in crypto maps? 1:22:30.280 --> 1:22:34.000 You use an ACL and apply to the interface the map. 1:22:34.060 --> 1:22:37.900 So when it hits the interesting traffic, the tunnel is formed. 1:22:37.990 --> 1:22:39.640 In here you don't do that. 1:22:39.820 --> 1:22:41.320 You use a much simpler term. 1:22:41.320 --> 1:22:43.000 You give it another interface. 1:22:44.390 --> 1:22:46.870 Tell me anything which is sourced from this interface. 1:22:47.890 --> 1:22:48.640 We'll go through the tunnel. 1:22:49.760 --> 1:22:50.680 So there is interesting. 1:22:51.160 --> 1:22:51.760 For what? 1:22:51.790 --> 1:22:55.840 Here if if you have this network advertised. 1:22:56.380 --> 1:23:00.820 If this network is advertised in EGP, hello packets will always go through the tunnel. 1:23:02.510 --> 1:23:03.190 Yes. 1:23:04.180 --> 1:23:04.960 I will never go down. 1:23:04.960 --> 1:23:07.690 Five minutes, five seconds will keep on sending interesting traffic. 1:23:08.890 --> 1:23:10.060 The tunnel will not go down. 1:23:12.550 --> 1:23:12.820 Clear. 1:23:14.570 --> 1:23:14.790 That. 1:23:16.490 --> 1:23:17.480 This is a single hub. 1:23:18.200 --> 1:23:21.320 Now, we'll do what after the break.