1
00:00:09,930 --> 00:00:10,550
Hello everyone.

2
00:00:10,580 --> 00:00:15,330
This might have that here we are now on the first level of discourse and in this lab I'm going to show

3
00:00:15,330 --> 00:00:20,080
you how we can't comprehend the DNS functionality on the Mike Crowder.

4
00:00:20,170 --> 00:00:22,610
So as you can see here we have 17 points to do.

5
00:00:22,620 --> 00:00:25,100
So it's a long lab as I already said.

6
00:00:25,290 --> 00:00:29,990
But before I start doing the points let me just explain to you what is the lab scenario what that we're

7
00:00:30,000 --> 00:00:32,610
going to do and what we are going to do in this lab.

8
00:00:33,090 --> 00:00:34,640
So this is our lab scenario.

9
00:00:34,650 --> 00:00:38,700
We have my critics out there sitting here that is connected to the Internet.

10
00:00:38,700 --> 00:00:45,630
That means that this shelter can go to the Internet and from the other side I'm connecting my computer

11
00:00:45,630 --> 00:00:49,030
which is here to the Internet to the face of the mike the crowd.

12
00:00:49,650 --> 00:00:50,240
OK.

13
00:00:50,250 --> 00:00:54,540
So the idea is just following my mike dick out there is connected to the Internet.

14
00:00:54,540 --> 00:01:01,800
So I want to do some work on the DNS of the mike to go out there so on the mike takes after you have

15
00:01:02,010 --> 00:01:07,710
a place where you can do some work on the DNS such as should you allow the request for DNS to come to

16
00:01:07,710 --> 00:01:08,190
that order.

17
00:01:08,190 --> 00:01:14,130
That means that users like this B.S. He can send the DNS request to the mike dicks out there and the

18
00:01:14,130 --> 00:01:19,200
Mike freaks out there were forwarded to the DNS server which is somewhere and the Internet maybe your

19
00:01:19,200 --> 00:01:20,300
ISP.

20
00:01:20,430 --> 00:01:23,880
And also I'm going to show you how you can do the caching on the DNS.

21
00:01:23,880 --> 00:01:30,140
So that means that any request which come to the mike the IT THEN IT WILL cache a record for it that

22
00:01:30,220 --> 00:01:33,250
therefore the domain name map to the IP address.

23
00:01:33,330 --> 00:01:36,210
And I'm going to show you also how you can make a static DNS.

24
00:01:36,210 --> 00:01:42,870
That means that you map and a domain name to an IP either statically on the Mike Crowder without data

25
00:01:42,870 --> 00:01:45,210
needs to go to the DNS server.

26
00:01:45,240 --> 00:01:48,890
So those are the main things that I'm going to do it this lot.

27
00:01:48,900 --> 00:01:54,300
Let's now go to the points I start doing them one by one but no one from the you're out there being

28
00:01:54,330 --> 00:01:57,210
2 8 8 8 8 do you have a reply.

29
00:01:57,210 --> 00:02:02,280
So as I already have said that the Microsoft that is already connected to the Internet.

30
00:02:02,490 --> 00:02:06,670
So we have to ping through that IP others which is the DNS server or Google.

31
00:02:06,720 --> 00:02:08,370
First let me just put the picture here.

32
00:02:08,400 --> 00:02:09,090
OK.

33
00:02:09,150 --> 00:02:16,650
So we'll go now to inbox and then I will connect to the MAC address because on my computer at this moment

34
00:02:16,680 --> 00:02:18,580
there is no IP address.

35
00:02:18,600 --> 00:02:18,870
OK.

36
00:02:18,870 --> 00:02:23,180
So I would connect with the MAC address of out there and I would say connect.

37
00:02:23,250 --> 00:02:25,880
Now they asking us to bring a that they that data.

38
00:02:26,460 --> 00:02:27,240
So let's do that.

39
00:02:27,330 --> 00:02:35,520
I have to go here to the terminal and I said being able to enter and as you can see I have a reply.

40
00:02:35,550 --> 00:02:39,990
And that's because the Microsoft out that is already connected to the Internet if you don't know how

41
00:02:39,990 --> 00:02:45,030
to connect the Mike take it out to the internet I have a free course that you can join for it.

42
00:02:45,060 --> 00:02:50,650
And then I will show you all steps how you can connect the mike Crocker to the Internet.

43
00:02:50,760 --> 00:02:54,900
But no one has done phone number two from the router pink to Google dot com.

44
00:02:54,930 --> 00:02:56,010
Do you have a reply.

45
00:02:56,070 --> 00:02:58,740
And if yes or not then you have to say why not.

46
00:02:59,100 --> 00:03:02,220
So now we need to link to the Google server.

47
00:03:02,250 --> 00:03:05,190
But we need to bring to the domain name itself.

48
00:03:05,190 --> 00:03:05,820
Let's do that.

49
00:03:05,850 --> 00:03:14,140
I will go to the market counter again to the new terminal and I would say here Bing Google dot com.

50
00:03:14,770 --> 00:03:20,370
And as you can she is saying invalid value of Mac others Mac others require divided value for the argument

51
00:03:20,370 --> 00:03:27,450
IP version 6 and why resolving IP others could not get the answer from the DNS server.

52
00:03:27,450 --> 00:03:27,780
All right.

53
00:03:27,810 --> 00:03:32,990
So we can see here that there is a problem that the market dropped that is trying to ping Google dot

54
00:03:33,020 --> 00:03:38,700
com but he doesn't know what is die the others of the Google dot com because it doesn't have the DNS

55
00:03:38,700 --> 00:03:39,800
server set on it.

56
00:03:40,160 --> 00:03:40,460
OK.

57
00:03:40,470 --> 00:03:46,010
So that means that the packet is being lost and he doesn't know anything about Google that com because

58
00:03:46,020 --> 00:03:49,350
as I already said that also doesn't understand the domain name.

59
00:03:49,350 --> 00:03:52,230
He needs to understand the IP others of that domain name.

60
00:03:52,410 --> 00:03:53,640
So point number two is done.

61
00:03:53,640 --> 00:04:01,060
We don't have a reply on the Google dot com because it looks like there is no DNS set on the Michael

62
00:04:01,150 --> 00:04:06,710
Crowther now but number three said the DNS on the router to tendency to the tune of that one and tried

63
00:04:06,710 --> 00:04:08,940
to pin the Google dot com doesn't work.

64
00:04:09,210 --> 00:04:11,940
So we don't have a DNS server under my Kickstarter.

65
00:04:11,940 --> 00:04:16,340
That's why you cannot begin to do the server of Google dot com.

66
00:04:16,350 --> 00:04:20,900
Now we need to set the DNS server on the micro counter and we would check if it works.

67
00:04:20,970 --> 00:04:25,430
And they're saying that we have to put the tendency to the zero the one that's DNS.

68
00:04:25,500 --> 00:04:26,220
So let's do that.

69
00:04:26,340 --> 00:04:35,870
We go here to the Mike Vick again to inbox and from here I have to go to IP DNS and here you have servers.

70
00:04:35,900 --> 00:04:36,290
OK.

71
00:04:36,560 --> 00:04:41,490
So here they said to tend to due to the genius upon why we are putting standards here this year that

72
00:04:41,510 --> 00:04:48,630
one because actually if I go back to the picture here what I have here before the software is connected

73
00:04:48,840 --> 00:04:54,690
to the Internet is connected to a Mike the crowd that also that's the Microsoft there from where I'm

74
00:04:54,690 --> 00:05:03,480
getting the Internet and from here Mike takes out the IP others of this interface is 10 0 0 1 and then

75
00:05:03,480 --> 00:05:10,710
this Microsoft has also DNS set on it to be able to allow all request to come and go to the Internet.

76
00:05:11,400 --> 00:05:17,960
OK so what I need to do I need to put here then the zero the zero that one on the DNS of this might

77
00:05:17,980 --> 00:05:18,550
go.

78
00:05:18,810 --> 00:05:26,880
So I go back to the one box here and we were on IP DNS and here I have to put this Daniel Julia Gillard

79
00:05:26,880 --> 00:05:30,690
of one and then I'll have to say okay.

80
00:05:30,720 --> 00:05:35,440
But before I click on Okay look here you can add here the DNS.

81
00:05:35,460 --> 00:05:39,410
If you have more than the NSA you can add more than 1 DNS server.

82
00:05:39,460 --> 00:05:42,550
OK but in my case I only need now only one.

83
00:05:42,690 --> 00:05:50,180
So I pretended 0 0 that 1 and then I will say OK now I have added the DNS on my folks out there.

84
00:05:50,210 --> 00:05:53,330
Let's now try to ping Google dot com again to see if it's working.

85
00:05:53,880 --> 00:06:01,830
So I'll say Bing and Google dot com and as you can see now the reply is coming.

86
00:06:01,830 --> 00:06:08,840
Because what's happening that the packet is being sent to the router the router send it to the Matrix

87
00:06:08,840 --> 00:06:14,130
out which has the IP of tend to do the deal that one might start or send it to the DNS server which

88
00:06:14,130 --> 00:06:15,200
is somewhere.

89
00:06:15,840 --> 00:06:23,040
OK point number three is done we have set the DNS on the router 210 the 0 0 1 and we tried to ping Google

90
00:06:23,040 --> 00:06:28,080
and it's working all right now configure your routing to provide internet to your PC.

91
00:06:28,560 --> 00:06:36,880
So if we go back here to the picture what I have now is I do have now Internet on the mike the cockpit

92
00:06:36,890 --> 00:06:37,300
on the.

93
00:06:37,490 --> 00:06:44,430
So this mike Decatur can go to the internet but I also warn that these species here also can go to the

94
00:06:44,430 --> 00:06:51,390
Internet via the mike rather so I need to configure the microphone rather in a way to provide internet

95
00:06:51,480 --> 00:06:58,890
to the species that means I already have now the Internet on the router I need to make the source not

96
00:06:59,730 --> 00:07:06,450
so that means I want that the IP address which I'm going to put it on the P.C. here which is 1 9 2 1

97
00:07:06,450 --> 00:07:15,040
6 8 that one not one so I was this IP others will be translated to be able to go to the Internet.

98
00:07:15,040 --> 00:07:15,440
All right.

99
00:07:15,570 --> 00:07:18,600
So that's what I need to do from this Microsoft.

100
00:07:18,600 --> 00:07:24,990
And then of course on the P.C. we need to put the iPod that is the subnet mask we need to put also the

101
00:07:25,050 --> 00:07:29,360
gateway and we need to put the DNS so it go through the Internet.

102
00:07:29,760 --> 00:07:35,490
So let's do the configuration to the species that I have inside my network can go also to the Internet

103
00:07:35,640 --> 00:07:43,200
I'm not one one box and from here I have to say IP and I will go to firewall and then from here I have

104
00:07:43,200 --> 00:07:46,910
to go to now and I will say source that.

105
00:07:46,920 --> 00:07:55,520
That means any IP others coming from the range of 1 9 2 1 6 8 that 1 the zero slash 24 please look at

106
00:07:55,540 --> 00:07:56,340
be picture.

107
00:07:56,340 --> 00:07:59,870
So this is the rest of my IP which are inside.

108
00:07:59,970 --> 00:08:04,230
That means that IP where my computer is getting an IP from them.

109
00:08:04,260 --> 00:08:08,980
So my computer is going to be one I don't say that one dot wants or that is from this ranch.

110
00:08:09,060 --> 00:08:19,470
So any IP coming from 1 8 2 1 6 8 1 0 then the action is to masquerade Masquerade means to not it to

111
00:08:19,470 --> 00:08:22,620
translate it then it goes to the Internet.

112
00:08:23,270 --> 00:08:23,590
OK.

113
00:08:23,630 --> 00:08:26,050
So that's the only thing I need to do here.

114
00:08:26,190 --> 00:08:31,190
Of course if you need also on the router to have around but that's already I haven't because they're

115
00:08:31,190 --> 00:08:36,210
out is already on the Internet connected and you have to put an IP others on the interface all those

116
00:08:36,210 --> 00:08:37,470
things are basic things.

117
00:08:37,470 --> 00:08:43,620
And as being this course an advanced course I assume that you already know how you can put your router

118
00:08:43,620 --> 00:08:44,990
to the Internet.

119
00:08:45,120 --> 00:08:49,850
But now what this is what I only need is to make the source net.

120
00:08:50,160 --> 00:08:55,230
So the computer can go now to the Internet via disruptor but not before is done.

121
00:08:55,260 --> 00:09:01,090
Point number five set on your P.C. the DNS 2 1 9 2 1 6 8 1 2 5 4.

122
00:09:01,140 --> 00:09:03,900
So what is 1 8 2 1 6 8 1 2 to 5 4.

123
00:09:03,900 --> 00:09:14,650
If I go here look at this IP address here this IP address is 1 9 2 1 6 8 1 8 2 5 4.

124
00:09:14,730 --> 00:09:19,080
So this deal I've got this off with the net to where my computer is connected to it.

125
00:09:19,470 --> 00:09:24,870
So actually what I need to do I have to go through the settings of the IP address on this computer.

126
00:09:24,990 --> 00:09:30,810
I have to put it one and two and say that one of the one I'll have to put the subnet mask have to put

127
00:09:30,810 --> 00:09:37,760
the Gateway which is 1 and 2 and say that 1 2 5 4 also because the computer has to get away from this

128
00:09:37,760 --> 00:09:38,360
side.

129
00:09:38,490 --> 00:09:43,910
That means this is the way he needs to go in order to go to the Internet and I will put the DNS one

130
00:09:43,910 --> 00:09:52,260
that don't sectors 1 2 5 4 on my b c so let's do that I will open now my computer here the settings

131
00:09:54,160 --> 00:10:00,770
and from here I have to go through a network sharing and the on the adapter.

132
00:10:00,800 --> 00:10:09,020
So this is the adapter that is connected to the Matrix although I will have to go to properties and

133
00:10:09,060 --> 00:10:13,820
from here I will put first the others 1 9 2 1 6 8.

134
00:10:13,830 --> 00:10:19,670
That one the one the subnet mask is going to be 2 5 5 to 4 5 4 5 0 0 0.

135
00:10:19,680 --> 00:10:27,520
The Gateway has 1 9 2 1 6 8 1 2 5 4 because that's the way you can go to the outside and the DNS.

136
00:10:27,520 --> 00:10:35,450
They said to put it 1 9 2 1 6 8 1 2 5 4 which is the IP of Internet 2 of the mike the.

137
00:10:35,850 --> 00:10:36,090
Right.

138
00:10:36,810 --> 00:10:42,540
And I have to be sure that the mike dicks out there has this IP on its Internet to interface.

139
00:10:42,540 --> 00:10:51,390
Let's check that I will go to one box and I will go IP address and we actually don't have this IP.

140
00:10:51,390 --> 00:10:56,720
I will put it not one I to one state that 1 2 5 4 slash 24.

141
00:10:56,730 --> 00:11:00,040
That is on the interface Internet to

142
00:11:03,820 --> 00:11:09,450
now this interface has an IP address and my computer has an IP others from the same range.

143
00:11:09,460 --> 00:11:19,780
So now if I try to bring it from my computer being 1 9 2 1 6 8 1 2 5 4 I am getting a reply.

144
00:11:20,040 --> 00:11:20,820
OK.

145
00:11:21,010 --> 00:11:25,350
So the computer and the router are we able to see each other.

146
00:11:25,630 --> 00:11:27,680
Well number five is done.

147
00:11:27,700 --> 00:11:33,340
Port number six open I see to be as my network training that come from your P.C. does it work.

148
00:11:33,370 --> 00:11:35,120
If not fix the problem.

149
00:11:35,210 --> 00:11:38,820
All right before I open that I just want to try.

150
00:11:39,190 --> 00:11:45,250
If I make being for example a day to day to day to see if my computer is connected to the Internet you

151
00:11:45,250 --> 00:11:50,260
can see that I'm able to bring to the Internet.

152
00:11:50,260 --> 00:11:50,520
All right.

153
00:11:50,550 --> 00:11:55,720
So that means that my computer can go to the router and rather send its packet to the Internet and bring

154
00:11:55,720 --> 00:11:56,320
it back to him.

155
00:11:57,130 --> 00:11:58,120
All right very good.

156
00:11:58,120 --> 00:12:01,500
Now we need to open Ashley T.P. as my network training.

157
00:12:01,510 --> 00:12:03,730
That come from the and see if it opens.

158
00:12:04,240 --> 00:12:05,330
So that is my brother.

159
00:12:05,330 --> 00:12:08,440
Now I will go here to CPS

160
00:12:13,510 --> 00:12:19,380
my network training Tom and would check if it's gonna open

161
00:12:22,370 --> 00:12:29,150
and we can see it's not opening if we try to open for example any other Web site like Facebook dot com

162
00:12:29,570 --> 00:12:31,090
let's try Facebook.

163
00:12:34,580 --> 00:12:36,090
And also we see it's not opening.

164
00:12:36,140 --> 00:12:43,640
While we have seen that if we think like we just made out with food being a day to day date which is

165
00:12:43,640 --> 00:12:46,460
the Internet here and I faddish on the Internet we have a reply.

166
00:12:46,970 --> 00:12:49,080
So what is the problem why.

167
00:12:49,470 --> 00:12:53,930
I can go from might be seen to this another way of being but I cannot open the browser.

168
00:12:53,930 --> 00:12:59,030
Actually it's again a problem in DNS and I'm going to show you that in a moment.

169
00:12:59,030 --> 00:13:06,530
So we have to open the monitoring that come and it's not working and saying if not fix the problem.

170
00:13:06,530 --> 00:13:07,940
So we have to fix the problem.

171
00:13:07,940 --> 00:13:17,390
The problem is if I go back here and we go to IP DNS that's on the router the DNS actually if I show

172
00:13:17,390 --> 00:13:18,730
you here on the picture.

173
00:13:19,570 --> 00:13:26,970
So what's happening at this moment the she is saying to the mike fix author I want to go to my network

174
00:13:26,970 --> 00:13:28,270
training dot com.

175
00:13:28,560 --> 00:13:30,450
And the man who is otherwise say okay fine.

176
00:13:30,480 --> 00:13:31,770
My network training dot com.

177
00:13:31,770 --> 00:13:35,080
What is the IP others of office was trying to check with the DNS.

178
00:13:35,370 --> 00:13:41,280
But then he said oh you're requesting for DNS query but I cannot help you because all my settings I

179
00:13:41,280 --> 00:13:49,500
don't have any possibility for you to allow you to request DNS query that in this case the request that

180
00:13:49,500 --> 00:13:55,050
is coming from the U.S. will be stopped would be dropped completely because it's not allowing the request

181
00:13:55,050 --> 00:13:56,870
to go further.

182
00:13:56,880 --> 00:13:58,240
The DNS requests.

183
00:13:58,350 --> 00:14:04,650
So what we need to do we have to make on the mike the cloud to a way to allow the DNS requests to come.

184
00:14:04,650 --> 00:14:10,560
So when you say I want to go to my network training dot com the Microsoft will say oh OK let me check

185
00:14:10,590 --> 00:14:14,290
the IP address of this my network threatening dot com Web site.

186
00:14:14,430 --> 00:14:20,520
And then he will transfer that to the router which is standard user of 1 the router will send it to

187
00:14:20,520 --> 00:14:22,900
the DNS server and then it comes back.

188
00:14:22,920 --> 00:14:26,010
So that's the main problem that we are having now.

189
00:14:26,010 --> 00:14:26,310
All right.

190
00:14:26,340 --> 00:14:28,040
So how to solve this problem.

191
00:14:28,050 --> 00:14:33,600
Actually if we go through the Microsoft Word here and I will show you again from IP DNS.

192
00:14:34,830 --> 00:14:40,260
We have here something called allow a remote request and that needs to be checked.

193
00:14:40,260 --> 00:14:46,620
So do you check that then it will allow the DNS request to come to the micro counter and he can use

194
00:14:46,620 --> 00:14:49,250
it you can forward it to the DNS server.

195
00:14:49,410 --> 00:14:55,950
Of course you have to be careful that when you select that because in case your microphone output is

196
00:14:55,950 --> 00:15:04,080
not secure then this can be like a DNS request for also users who are outside your network that can

197
00:15:04,080 --> 00:15:06,210
use it as being a DNS for them.

198
00:15:06,270 --> 00:15:12,390
So that means that all the traffic will come to your router and the router will send the DNS queries

199
00:15:12,390 --> 00:15:13,660
to the DNS server.

200
00:15:13,680 --> 00:15:19,470
So what you need to do you have to secure your network in a way that you don't allow DNS requests coming

201
00:15:19,470 --> 00:15:22,200
from outside to make the crop.

202
00:15:22,440 --> 00:15:22,770
All right.

203
00:15:23,190 --> 00:15:25,350
So that's what you need to do you have to check.

204
00:15:25,350 --> 00:15:33,390
Allow remote requests and then we say OK now if I try again now to open my network training that can

205
00:15:33,500 --> 00:15:36,690
destroy my network training dot com.

206
00:15:36,840 --> 00:15:39,900
You can see now it is working.

207
00:15:39,960 --> 00:15:42,900
That's the only thing that you need to do in order to fix the problem.

208
00:15:42,910 --> 00:15:45,060
Point Number Six is done.

209
00:15:45,090 --> 00:15:51,720
Point Number Seven check the DNS cache on the rather so we have already opened my network training that

210
00:15:51,720 --> 00:15:57,780
come let's go through the router and if we go to IP DNS we go to cash.

211
00:15:57,990 --> 00:16:03,940
You can see all those information are based on when I open my network of training that you can see here.

212
00:16:04,320 --> 00:16:12,090
So that cash which are left inside that out or if you want you can hear say flash cash then it will

213
00:16:12,090 --> 00:16:16,360
delete everything and then I will open my network training.

214
00:16:16,740 --> 00:16:23,970
Let's do it this way so when I open the browser you can see that some information but also I'll flash

215
00:16:23,970 --> 00:16:33,470
it again now and I will right here my network training dot com and directly you can see that it will

216
00:16:33,470 --> 00:16:36,620
cache the information inside the DNS.

217
00:16:36,620 --> 00:16:36,970
OK.

218
00:16:36,980 --> 00:16:44,960
That's very important to see because the caching can go faster your request in case someone else the

219
00:16:45,080 --> 00:16:50,290
for my network training is already in the cache and the mapping happened directly.

220
00:16:50,310 --> 00:16:50,560
OK.