Well, unfortunately, no one really watched these videos, and they were super labor intensive to create - so, not worth the time invested to produce them.
This is, so far, one of the best descriptions of these concepts. I especially liked the one for NAT. Excellent! Looking forward to the next installment
This is a pretty good overview for newbies just starting out. Re the routers self advertising their IP as the DNS server. They are using the ones you have assigned but are just acting as a proxy. In most cases this is fine and means if you change them in the router config, you don't have to change them in the DHCP setting also. Also, I don't put anything on the IP .1, my router lives on .254. Reason being, is if you plug in a device that needs configuring, there is no IP address clash and you don't have to reconfigure anything to access it. For grandpa at one just needing internet, not really an issue but if, as I do, need to configure devices for other people who don't know how to themselves, this is a godsend. Looking at the steps for the Netgear and their insistence on using their app, so glad I don't use their stuff. I can command line configure a Cisco router and get it online with the same level as the Netgear in the same amount of time and I have no Cisco training.
Excellent explanation. Geat that you mentioned the basic router for most home users who are not using high speed routers for gaming! It seems like most WiFi router reviews cover the highest speeds of the high end routers when most home ISP don't provide Gigabit speeds! Well done !!! 👍👍👍
Hi Chris! I'm learning a lot with your videos, not only with these ones from 101 series but with all the others too. Thanks a lot for the initiative! Great job! Best regards from Brazil!
Excellent series! As a semi- knowledgeable consumer, I always like to know the exact meanings of the many, many networking acronyms and what they actually do!
Rebooting the Modem is often a good troubleshooting step - this can fix the issue and should be done before calling the ISP. Great video - you have a knack in explaining things to people who are not technical. I can see myself referring people to these videos to help them better understand their network.
This is a great refresher series. I even discover several new terminologies that are certainly useful for my home network since I'm running a web server, NAS and Plex.
Love the series so far. For my home, I am setting up pfSense in combination with HomeAssistant. I would love it if you could make some general recommendations / best practices for VLAN setup in a similar environment as the series progresses.
Thank you for going over the edge router x. I had been considering either this with a few WAPs and switches or getting a Dream Router. I think I might just go the edge router for my needs.
I ran the Edge Router X for a couple years before upgrading to the UDM Pro. I think the ER-X is a fantastic option to get the ability to create VLANs and get started on more advanced routing capabilities. Certainly better than your average consumer router!
@thestigzerozerozero1551 all I have right now is a consumer wifi router. I don't have a home lab or any of that so even the edge router might be more than I need, but I have a bunch of IOT devices so I want to split those from other devices.
If enough people were interested, I’m sure Chris could provide online training. But, due to amount of work, you must pay a tuition fee. Please don’t ask for free training beyond this YT tutorial.
Love your channel Chris! Please review a Firewalla device if you can. Have been on the fence for a while but would love to hear your opinion. Thank you!
In the Ubiquiti EdgeRouter X setup, the custom DNS server addresses were saved in both the WAN and LAN sections. However, is specifying these addresses in the LAN section really necessary if they are already specified in the WAN section? To the best of my knowledge, if custom DNS server IP addresses are specified in the WAN section, while the DNS server IP address in the LAN section is left at the router's default gateway address, when a device on the network requests a DNS lookup, the router will automatically forward the request to the first DNS address in the WAN section, and if that times out, then it will use the second DNS address in the WAN section. Does repeating the DNS server IP addresses in the LAN section speed up DNS lookups? If not, what is the purpose of listing them in both the WAN and LAN sections?
Hello, I am setting up network in my home, your channel is really helpful. Now I have a question. my home is about 1500 sf with a same size besement. main floor is wood floor. I will install an AP on my main floor, do I need another AP for lower floor? Again, only plywood between two floors.
I have a home server for storing media and photos. 1 x 16tb HDD raid 1 with backup 4 x 4tb ssd raid 0 and 4 x 22 tb hdd raid 5 for storage. Basically its a 82TB google drive. I also been buying more and more smart devices ( smart light bulbs, google chrome cast, smart plugs , cameras , ring , thermometer , google home) and kinda notice that internet is slower, the range and reception is weaker. My questions are 1. Are my smart devices slowing down my internet / interfering the range? 2. Should I get a wifi extender or an extra router for better range and connection? 3. Should I have a separate server for my smart devices or should I use the same home server ? 4. If you have a server for storage databases and more and more smart devices , how would you set it up? I would prefer the easiest and most cost-effective solution. Thx
Hey Chris, excellent content as always. Question: My ISP has provided an “all in one” modem, which contains the modem, router, firewall, switch and wifi. Wondering if you will be covering how to put this type of device into “bridge” mode (as you described in video 1 of the series) as this concept is not well described by any literature provided by my ISP and their tech support for home owners (non-businesses) is lacking to say the least? Reason being is that I want to connect a UDM PRO and accessories (switch, access points, etc.) to this modem. Thanks again for always providing great content!
Nope - I have two independent networks going currently: The existing network from my ISP’s router and a second network that is driven by Ubiquity equipment.
LAN Port on router, Im using one of these ports going 60ft away under the house to a 8 port switch. For rebundcy can i run a second line to that same unmanged switch?
if the basic router is pointing to the router's ip address for the dns, isnt that the same thing as the public dns server you put in? What other dns servers would it be using?
No. When you first plug in a router, your ISP gives you their DNS server which they control. A "public" DNS is one controlled by a company other than your ISP. That's the difference. Google DNS is an example of a public DNS.
@@RBzee112 I believe that what @bountym84 is stating that if Google DNS was entered into the router's WAN section, and the LAN section's DNS has the IP address of the router, then DNS queries will be automatically forwarded to Google's DNS servers. That is, once Google DNS server IP addresses are entered into the WAN section, there is no need to enter them again in the LAN section of the router's control panel interface.
One reason you might want to set the router as your client's DNS server is so that you can resolve internal addresses if you have that requirement. Google/OpenDNS etc are not going to be able to resolve those names on your internal network.
Do you know if a switch for home use had these options: "Port State Monitoring" or "Link Monitoring." Would like to be able to disable a port if someone unplugs the ethernet cable from a camera.
Great video! Question though: If NAT changes my private IP into a public IP address, how can it tell the difference when data comes back. Ex. 2 computers are accessing the same website. How does it know which computer to send the data to once it's received?
Great Videos so far. One question that is not clear to me is you say NAT manages traffic on your internal network so that it can deliver packages to the requestor. What confuses me is that is what I thought the IP address was for. Even on the internal network each device has an IP address (which is linked to the devices MAC ID). So why is NAT needed if I already have an IP address?
the internal ip addresses are just for LAN devices - they cant communicate over the internet. What NAT Does it is holds in "storage" the internal IP address of the specific device that made a request, say to youtube, and shows the WAN IP over the internet as the requestor, when the data requested comes back to the router it knows which device requested that specific data. a private ip address cannot communicate over the internet
This is a great series. However, I am keen to understand your thoughts on the unifi routers, you used the edgeX which is quite old now, could the UISP be used instead, or perhaps a top-link omada instead? If so, what’s the best option for say under 100 bucks, under 200 bucks and 300 bucks plus? Really keen to understand your thoughts on this and why… thanks
Great stuff. Helped me a lot on some of the more advance terminologies and functions. Question: Is there any benefit to using Netgear's Armor Security? I do forward a port on one of my computers for videos and I get at least one notification a day saying Armor blocked a malicious attempt to that port. So, wouldn't my firewall do this or my computer?
Chris, Have you tested a "First Mile M6 Gateway" to WAN Aggregate multiple ISPs? I saw this guy take one and input multiple Starlinks & 5G hotspots and it increases your capability. I kinda want to get one of these to feed the Unifi DM Pro. I wish the DM Pro had the WAN Link Agg as an option on their Mulit Wans instead of just Failover or Dist. Thoughts? Or is there a better(cheaper) device?
Hi Chris. Thanks for teaching me networking. a question: are there advantages of having a EdgeRouter installed between the ISP modem and the UDM PRO or can the UDM Pro do the same stuff as the Edgerouter?
The EdgeRouter and UDM-Pro are both router/firewall devices. The difference is that the EdgeRouter is ONLY a router/ firewall vs the UDM-Pro which has a lot more stuff. You don’t need both.
about that DHCP server: i have 2 of them available but not active, one in my pi-hole, the other in my pfSense firewall. how do i get them to give the clients a specific IP address to use for DNS? i want them to use my pi-hole as a DNS server. how can i do that?
If the router was configured to use public dns then the devices being set to use the router as it's dns wouldn't that already use public dns since it's dns was that so changing in the dhcp for devices wasn't needed correct?
@@RBzee112 you've misunderstood my reply. I know that. He had the router already configured to use public dns so setting it in the Lan was not necessary cause it was already set on the Wan side
hey guys.....i have tried to setup a home network. I went into the advanced settings and setup that no password would be needed to access each computer. But i keep getting a wrong credential message....what am i doing wrong?
For those, who may get confused, on when to use dedicated router, switch and AP and when to use a combo unit, or what speeds they need. It really depends. There is no single school of thought about designing your network (about which I'm sure will be a video). For instance, you can take different approach, to what Chris showed about port speeds. Say you live somewhere, where fastest offered Internet speed is 200/50, then there is no need to buy a 10 gig router, because it will likely never handle that fast of a connection and something like EdgeRouter X or other typical gigabit router will perfectly handle that kind of network. But say, you received a 10gig capable NAS pre-set up from your children as a gift, going for a switch, that has one or two 10gig ports and connecting all wired devices and APs into it instead of the Router might be a good idea. This way, all devices connected to that switch's gigabit ports will be able to utilize full gigabit speed, when accessing that NAS simultaneously. Using a 10gig port or connecting the Router to the switch is in such a setup waste, because it will never handle more than what flows in from your ISP. You can think about flows of data in your network similarly to flows of water in plumbing. putting thicker pipes, or in this case faster ports, only where they're needed. As a rule of thumb, your WAN speed should be the lowest speed anywhere on your network, unless you have some specific uses, like wired cameras, IoT devices or smart home appliances, but those would be subject of a more advanced network. A scenario like this might come into place, for instance, when living in multi-generational house somewhere in the sticks. As for, how to connect your devices together, the way I see it, there are two schools of thought. Begin at the router and simply add a switch, when you'll run out of ports, growing the network somewhat organically. The other way then would be to grow the network in a tree like shape, trying to get all kinds of devices on your network in such a way, that the router stand's kind of in the tree's base. This is the way most professionals try to set up their network, or at least the simplest version of it, where one big switch has all the services provided (NAS, printer, access points, etc.), the router and maybe a smaller switch, when there are two devices close to each other (say in home office, for desk phone and computer to work on). This is done, because switches are faster than routers, when handling data, because they only forward it, don't analyze it that much. Now, these two approaches can be combined, for instance, in our large family three generations living in the same house, because grandma and grandpa only access the Internet and don't access the NAS, you can segregate physically their data from the rest and save port on your switch for yourself. Again, thinking about where the water usually flows. And finally, what set up is the best is greatly influenced by your home setup. If you have brick walls, running more cables can be tricky. You don't have that many places, where to hide them, so putting your router say next to your TV with it itself connected directly to it, as well as your NAS for media library, and having one small switch on the other side of the house, connecting kids computers and and a wifi AP to the network, while another switch connected to the router has dad's work station and printer hooked to it. If you'll have a particularly long house to wire, you can even use multiple switches in a row connected like individual hops. While this last one is not seen as the best design, if situation calls, this too will work. To give a more concrete example. My entire network but ISPs are Gigabit In order of distance from my ISP, I run ER-X into a 24 port Zyxel switch,which hosts all my servers (two NAS devices, a UniFi controller device and printer) from which I run a number of strands. First of these goes to a 5 port Zyxel switch, which is in dad's room and has his TV on it and a link further down to my room, where I have a 8 port Zyxel switch on my gaming desk, and another run from it to my 24 port TP-Link switch, which houses my work issued work station, and which I use, whenever I want to do some experiments with the network, such as try out a new device. Returning to the 24 port Zyxel, second strand runs from it to kitchen, where there is one UniFi AP AC Pro a switch for dad's second TV and a Nano M2 Loco. I need this Nano M2, to beam WiFi to our garage, where there is another Nano M2 Loco catching it, another switch for future cameras and finally a UniFi AP AC Lite, providing WiFi to the garage. Returning again to the the 24 port Zyxel, there is third and final string stemming from it to the second UAP AC Pro, providing with the other Pro WiFi coverage over our flat, which is built of thick bricks, hence why I need to use so many switches and need two very powerful access points, to provide reliable connection to all my devices.
@49:10 But won't any devices connected to the router be getting their DNS from the router's DNS servers which you set up under WAN ? Why do you have to set them up again in the LAN section ?
No. Modems and routers are 2 different devices. However, most internet providers will provide/rent you a gateway box which usually includes a modem, router, and wifi access point all in one unit. Some people erroneously think they only have a modem or only have a router when in fact, its a combo unit box.
I really, really hate this push to internet-based (cloud) services and management that a lot of these companies are doing. I get it, if you want it, more power to you. For me, no. Local must be priority. The option for cloud is nice, but I'll never use it. If the internet goes down, I lose access to MY stuff. At least with local management, I can still login and check status, etc.
I am still kind of confused with how to use firewall. I am not a technical person of how to use routers and first time owner than renting one. Are there specialized firewall routers that connects to your WiFi router that protects the router and other devices connected to WiFi, or you have to download firewall in the router’s firmware?
All modern routers have a basic hardware firewall built-in. There's usually security level settings in the router. The default setting blocks any unsolicited or suspicious incoming packets. If one of your devices requested the packets, the router/firewall lets them in.
28 minutes in: putting an unconfigured router on the internet? whoa, i'm having a gibsonian response: what could possibly go wrong? FIRST set up the security, THEN unleash the internet on it. 30:38 do as i say, not as i do, huh? 34:40 and that's yet ANOTHER reason why i don't like netgear. 34:53 whoa, lots of red flags goin' up! the wifi password in cleartext on the homepage? is that their standard procedure now? WTF ARE THEY THINKING??? 36:53 you have a couple of piholes running, right? why not use them? 40:42 and that's why i won't go back to all-in-one routers. years ago i upgraded to unifi and i don't regret it.
With the Netgear routers that I have configured, WAN administration was disabled by default. Therefore, even if someone knew the password for the router's control panel, they would not be able to access it from the Internet, only from the LAN side. In addition, by default, Wi-Fi security was configured by Netgear with a password printed on a label attached to the router. Unless someone within 300 feet were to see this label, they would not be able to connect to the router via Wi-Fi. As he was setting up the router, he had it connected to his laptop with an Ethernet cable. Therefore, at the time of setup, his laptop was the only device connected to the router. Having the Wi-Fi password displayed on the screen at this point is not a security issue unless there is someone with nefarious intentions in the room with him at the time or possibly peeking through the window. I have even heard Steve Gibson mention that displaying the password on the screen is not an issue unless you are in an environment where others are close by. As this router is being set up in the owner's home office, I do not see any security issues here. In addition, the password should be clearly displayed to the user to ensure that it was typed correctly. If the password was hidden and a typo was made, it would frustrate the average user when he attempted to connect his devices to the Wi-Fi.
@@Eternal_Tech "a password printed on a label" the thing is, you can change the password, and what's printed on the label is now useless. or do you replace the label with an updated one?
@@mrxmry3264 I recommend writing the new SSID, WPA key (password), and control panel login information on a piece of masking tape and then taping this to the router. The old information will be useful if the router is ever reset to factory default settings.
I would never buy TP Link. The default encryption is WAPI which is a mandated standard of the Chinese government. That may not be secure. Its also been suggested TP Link steals IP and uses it in their routers. We should not support that type of activity.
I have a TP-Link Archer AX3000 wireless router. It does not even offer WAPI as an option, let alone the default. For Wi-Fi encryption, it offers WEP, WPA, and WPA2, with both TKIP and AES being options. In addition, I have set up other models of TP-Link routers, and I have never seen WAPI as an option. This was in the United States, but maybe TP-Link routers in China offer WAPI as an option there. Who has suggested that TP-Link steals intellectual property?
@@CrosstalkSolutions all the assisted GUI style setups have a much higher drop rate then completely cutting them out. The drop rates were much higher 4+ years ago but I still see the issues with ppl that don't know to skip them.