Docker networking is CRAZY!! (you NEED to learn it)
NetworkChuck2022-08-06
Docker#Linux#Ubuntu#networking#ccna#routes#routers. Switches. Virtualization#containers#switching#networks#internet
1M views|2 years ago
💫 Short Summary
The video segments cover the importance of learning Docker networking, deploying Docker, configuring network interfaces, creating user-defined bridge networks, setting up Mac VLAN networks, and utilizing IP VLAN mode. It emphasizes the significance of network isolation, security, and efficient service access within Docker containers. The segments also touch on setting up static routes, layer three networking, overlay networks, and the concept of a 'null network' for secure communication. Overall, the video promotes the benefits of Docker networks, encourages experimentation, and highlights the practical applications of different network configurations in Docker.
✨ Highlights
📊 Transcript
✦
Importance of learning Docker networking.
02:30Emphasizes speed and lightweight nature of Docker.
Explores different network deployment options for Docker containers.
Encourages experimentation and play with Docker networking.
Introduces default bridge network in Docker and its capabilities.
✦
Deployment of Docker and Network Interface Configuration.
03:06Changing network settings in VirtualBox to connect a virtual machine directly to the home network is demonstrated.
Installation of Docker, creation of a new virtual bridge interface, and exploration of Docker networks are shown.
Emphasis is placed on the importance of network drivers in Docker and the process of deploying containers in the default network is explained.
A container named 'Thor' is deployed using the BusyBox image to showcase the speed and efficiency of Docker.
✦
Networking aspects of Docker containers.
06:31Docker automatically creates virtual Ethernet interfaces connected to the Docker Zero bridge.
Containers communicate within the bridge network and share IP addresses, DNS, and routing capabilities.
NAT mapping is used for internet connectivity.
Default bridge network facilitates communication between containers; Nginx web server can be installed on the Stormbreaker container.
✦
Importance of Managing Network Configurations in Docker.
08:59Demonstrates the process of manually exposing ports for services like websites in Docker.
Shows how to expose port 80 to access a website, redeploy containers, and create a user-defined bridge network.
User-defined bridge network is recommended over the default bridge network for better isolation and control.
Emphasizes the significance of managing network configurations in Docker for efficient service access and isolation.
✦
Importance of network isolation in Docker.
12:36User-defined bridges are recommended for better security and isolation of workloads.
User-defined bridges offer container-to-container DNS resolution for convenience and stability.
Bitdefender premium security is promoted as a comprehensive solution for online protection.
Bitdefender offers features like anti-virus, threat defense, ransomware remediation, and anti-spam for safeguarding devices from online threats.
✦
Bitdefender offers comprehensive privacy protection with features such as VPN, password management, webcam, and microphone protection.
15:05The program also includes tools to prevent tracking and parental control.
Users can select different profiles for various activities, balancing between performance and security.
Bitdefender provides the option to let the program operate in autopilot mode for convenience.
The host network in Docker enables containers to share IP addresses and ports securely, allowing them to run as regular applications on the host.
✦
The Mac VLAN network in Docker provides containers with their own Mac addresses and IP addresses for direct connection to the physical network.
17:35Setting up a Mac VLAN network requires specifying the subnet, gateway, and linking it to a physical network interface.
This network simplifies Docker networks and virtual interfaces, offering a straightforward connection to the host network.
The process involves creating the Mac VLAN network, defining the subnet and gateway, and connecting it to a physical network interface for seamless container connectivity.
✦
Setting up a new network with a network switch, specifying IP addresses, and assigning images.
21:55Mac VLANs assign each Docker container its own Mac address, causing problems with port security and promiscuous mode.
Enabling promiscuous mode on network devices and virtual machines resolves the issues.
Successfully connecting to the home network using Mac VLAN demonstrates its advantages over a bridge network.
✦
Deployment of a web server in a Mac VLAN without exposing ports.
23:08Downsides include lack of DHCP and Docker automatically choosing IP addresses.
Importance of specifying IP addresses for containers to avoid conflicts.
Mac VLAN's bridge mode connecting to the network and introduction of 802.1Q mode for sub-interfaces and VLANs.
Practical steps for creating and managing a Mac VLAN network with Docker containers.
✦
Creating a new subnet, gateway, and sub interface in Docker.
26:50The process of creating a sub interface and auto-creating it in Docker when needed.
Introducing IP VLAN as a solution to promiscuous issues with Mac VLANs.
Setup process for IP VLAN mode L2 and benefits over Mac VLAN.
Demonstration of launching containers on the new network and verifying the shared Mac address.
✦
Layer three networking enhances security and isolation for containers.
29:24IP addresses, routing, and connections are key components of layer three networking.
Broadcast traffic is eliminated in layer three networking, allowing for more control.
Containers are restricted from communicating outside their network, increasing security.
Layer three networking enables strict isolation measures and secure communication within the network.
✦
Setting up static routes in a home network.
32:18The process involves instructing the router to reach specific hosts by specifying destination IP addresses.
Creating a new network, specifying subnets, and setting up the parent interface as the gateway are crucial steps.
Deploying containers within the network involves assigning IP addresses to each container.
The segment concludes with inspecting the network setup and verifying container connectivity, providing a practical guide on configuring static routes and deploying containers in a home network using Docker.
✦
Setting up IP VLAN L3 networks and utilizing Docker container networks.
35:20Importance of network isolation and routing is emphasized, demonstrated through pinging different networks and devices.
Introduction of overlay networks for managing communication between containers on different hosts.
Mention of the 'null network' concept as the most secure option in networking, focusing on simplicity and security in network configurations.
✦
Importance of Docker networks in enhancing resume.
38:11Implementing Docker networks in home labs simplifies networking tasks and adds a fun element to learning.
Different network types are mentioned in conclusion.
Viewers are encouraged to engage with the video through likes, comments, and subscriptions.
Ethical practices in hacking the YouTube algorithm are emphasized.
00:00You need to learn Docker
networking right now. It's crazy.
00:03I can't stop playing
with it. I mean, yeah.
00:05We can all agree that Docker containers,
I mean, they're, they're pure magic.
00:08They're wicked fast lightweight. That's
why everyone's using them. Oh, wait.
00:12What's that behind your ear?
Yeah. I told you they were magic,
00:15but there's something that's
always bugged me a big mystery.
00:18How in the world does the networking
work? I mean, think about it by default.
00:23It kind of just works. But when
we add these containers to a host,
00:26are they on their own network? Can we
create more networks? Can we isolate them?
00:30Can we expose them? Which we often
have to do to make things work?
00:33Which is that our only option what's
going on here. So yeah. Um, seven,
00:38there are seven different types of
networks we can deploy with Docker
00:42containers. Isn't that
crazy? How did I miss this?
00:45How did I never play with this?
00:47So I like to invite you to go on a
journey with me. Take the red pill.
00:51Let's go down the rabbit
hole of Docker networking.
00:54You will never look at Docker containers
the same. So get your coffee ready.
00:58Let's dive in and shout out to the
sponsor of this video fit defender.
01:02We'll talk more about how they can help
protect you from the spooky side of the
01:07internet later now,
01:08to understand Docker containers
and how the networking works.
01:10You're gonna have to play with it
like right now. So let's get your lab,
01:13spin up.
01:14Let me tell you what you need and feel
free to follow exactly what I'm doing.
01:17It's completely free. The first thing
you'll need is a bit of knowledge,
01:20knowledge. On fact, I met that guy
in Vegas. Hey, I just saw Ty Lopez.
01:24He's blogging me blog. I know how
we at G seven X. Yeah, man, we.
01:27Go that you'll need to know a thing
or two about Docker containers,
01:30what they are and why they are awesome.
01:32Now I'm not gonna cover
that here in this video,
01:34but I already did end
this video right here.
01:36So go ahead and watch it and click it up
there or down the link below so you can
01:39keep watching. But I advise if you
don't know what I'm talking about.
01:42When I say Docker, you're
like wet locker. No Docker.
01:44If you don't know what I'm talking about,
01:45then go ahead and watch that one
and come back and see me. I'll wait.
01:48Don't worry. I'll be here. And
second, you'll need a host,
01:51a Linux virtual machine
where we can install Docker.
01:53I'll be using the latest
version of the free boun.
01:55Two desktop deployed in my favorite free
type two hypervisor virtual box. Now,
01:59if all those words just scared you then
go and watch my video right here on
02:03virtual machines, you will be
caught up to speed. And by the way,
02:06I'm still gonna wait here for you. So
come back and see me when you're done.
02:09But if you're not scared, the final
thing you need is coffee. Of course,
02:12because everything in it
requires coffee. Never.
02:15Chuck tuck coffee with my coffee
in hand. Now I'm ready for the lab.
02:19Let's do this. Do you have your
coffee? Go, go get it here in my lab,
02:22I have a fresh install of Ubuntu desktop.
As I mentioned before, nothing on it.
02:26I'll go ahead and start that bad boy
up right now, man. Isn't that pretty?
02:29I love this.
02:30The first on our journey into Docker
networking will be the default bridge,
02:33which is the first and sometimes only
network we deal with when we deploy
02:36Docker. And it's the default for a
reason, cuz it is a little magic.
02:39Like trust me, you're
gonna have fun with this.
02:40Let's deploy this and see what magic
we have inside. Now here on my machine.
02:44I have not deployed
Docker yet, which is cool.
02:46Cause I wanna show you one thing real
quick and go ahead and do this with me.
02:48If you have not deployed Docker, I wanna
watch my terminal, love the terminal.
02:51Feel someone home here. Let's take
a look at our network interfaces.
02:54Let's type in IP address show and see
what we have and pretty much what I
02:57expect.
02:58We have our loop back interface and then
we have our main interface connecting
03:01us to our home network, which actually
by the way, let's make this change.
03:04If you're using virtual box, go
ahead and follow along with me.
03:06I'm gonna change the network for
my VM by going to settings network.
03:09And I'm gonna change it
from Nat to bridge adapter,
03:13which will connect my VM
directly to my home network.
03:15Getting an IP address from my router.
03:17You'll wanna do this for something
amazing coming up called Mac VLANs. I,
03:20I don't wanna spoil it for you,
but trust me. It's awesome.
03:22So now with that change in place, I'll
do my IP address show once more and yeah,
03:26look, my IP address changed. This is now
directly connected to my home network.
03:30Perfect. So like any good magician,
03:31let me show you the current state
of things before we perform magic.
03:34Here's the host running a boon two.
03:36Here's his interface with the IP address
of ten seven one two three two on my
03:40home network, which connects
it directly to my router,
03:43the internet and me now
let's install Docker,
03:46do a little pseudo PT update
action to update my repositories.
03:50If my password is right,
my goodness. Okay, cool.
03:53And then we'll do pseudo PT install,
docker.io dash Y it's all we need.
03:58Install quick coffee break while it's
doing its thing and it is done. Cool.
04:04So now some magic just just
happened. Let's take a look,
04:07IP address show once more in our
terminal and let's see if we have any new
04:10interfaces. look,
if we do there he is.
04:13We have something called
Docker zero. What is that guy?
04:16Look where'd the IP address
come from that's new Docker.
04:19Zero is our new virtual bridge interface.
04:21It is the default interface and
network for the default bridge,
04:24the default network and Docker and pay
attention to his IP address right here.
04:28Just remember that. Now there's more
Docker magic. We can uncover real quick.
04:31Let's try this command
Docker network LS, bam.
04:35This will list our current Docker
networks. One guy. We already know Mr.
04:38Bridge right here. That's his name,
04:40but two we don't and we'll actually
cover them here in a moment.
04:42They are two of the seven networks in
Docker and they're there by default
04:46obviously.
04:46But one thing I do want you to notice
is notice that little menu item up here.
04:49The section called driver and Docker
speak driver basically means network type.
04:54So our bridge network is name
bridge, and his type is also bridge.
04:58He's using the bridge driver. You'll see
that terminology everywhere in Dockers.
05:01So just like network type drivers.
That's what I do now. What do you say?
05:04We deploy some containers in our default
network. Come on, follow along with me.
05:07We'll use command Docker run.
05:09We'll do a few switches dash ITD to make
it interactable and detached running in
05:14the background and
we'll do a dash dash RM.
05:16So it will clean up after
itself when we're done with it.
05:18We'll name our container. See
what am I into right now? Um, oh,
05:22I just watched Thor. Thor holds up,
man, that movies. Awesome. So anyways,
05:25 we'll call it Thor.
05:26And then finally we'll specify the
image we're gonna use for our container.
05:30I like busy box. It's quick,
lightweight, fast. It's just good.
05:33So let's try it out. Bam and
done. I love how fast Docker is.
05:36I will never get over how magical that
feels. All right, let's do one more.
05:39Let's hit her up arrow this time.
05:41We'll just change the name of
Thor to let's do Mulk. Okay.
05:45No how do you
spell Milner?
05:50I I'm butchering it. I'm gonna Google
it real quick. Okay. Way off MiiR.
05:53What's Miya. There we go. Bam. Two
containers down. Now I wanna add one more,
05:57but this time I wanna add in instead
of busy box, we'll do N engine X,
06:01NGI and X as the image and we'll
name this one, uh, storm breaker.
06:07Yeah, let's try it out. It's gonna
download the image and it's almost done.
06:11Okay. It's done cool. Let's make sure
they're up. Pseudo Docker, PS there.
06:15They all are all pretty. Now
I want you to notice this.
06:17When we deployed our containers, did we
say anything about networking at all?
06:21No we didn't. We just let
it do its thing by default,
06:24which means it got thrown into our
bridge network we've been talking about,
06:27and here's what it did when we deployed
those containers in the default network,
06:31Docker automatically created three virtual
ethernet interfaces and connected it
06:35or linked it to the Docker zero bridge.
06:37And it kind of acts like a switch and
there's a virtual ethernet interface for
06:41each of our containers. So the
containers, Ethan at zero interface,
06:44we'll connect to those bad boys.
Now don't take my work for it.
06:47Let's take a look. If we
do IP address show again,
06:49look at that three new
interfaces. 1, 2, 3.
06:53And then if we try this
command bridge link,
06:56it will actually show us their name
and the fact that they are connected to
06:59Docker zero. Super cool. Right?
I love seeing that stuff.
07:02Now that bridge was busy. Not only did
he create virtual ethernet interfaces,
07:05but he also handed out IP addresses,
which means he's also running some D HCP.
07:10Let's go take a look. Actually,
07:11we can take a little dive into our bridge
network with this really neat command.
07:15You'll use this all the time. When
messing with Docker, Docker inspect,
07:18you can inspect anything,
07:19but this time we're gonna inspect a
network named bridge. Let's take a look.
07:24Now that's a lot of info, but let
me pinpoint what I want you to see.
07:26Miss scroll up just a bit. Do you
notice some familiar faces or names?
07:29Looking at our bridge.
07:30We've got our three containers
mul near Thor and storm breaker.
07:34And what else do you see?
Do you see it right here?
07:36They each have their own IP address in
that same Docker zero network we talked
07:40about and like every
good network it has DNS.
07:43It actually takes a copy of the et C
resolve file from the host and puts a
07:47sucker into the container.
07:49So they're using the same DNS and because
the Docker zero network acts like a
07:52switch. As you can imagine,
07:54the containers can talk to each other
all day and don't take my word for it.
07:57Let's jump into each of 'em right
now. We'll do a Docker exec dash. It,
08:02the name of our container.
08:03I'll do th first and we'll jump into
his shell or N type an IP address show.
08:08I can see his IP address. Let's try to
ping mill near. I think it was dot three.
08:11And as you may have expected,
the container can ping
the internet. So network,
08:16chuck.com totally works
because if I do an IP route
08:20inside of Thor here, his default
route, his gateway, his Docker zero,
08:24which you're probably
wondering how does that work?
08:26How does Docker zero get
Thor out to the internet?
08:29And it's the magic called Nat maade.
We're not gonna cover that right now,
08:33but it's also magic as you would
expect. And that is the bridge network.
08:36Pretty awesome. Right? No wonder
it's default, but hold on.
08:38We did forget something though. Did you
forget about our web server over here?
08:42Stormbreaker remember
we installed engine X,
08:44which by default is a website and
it will use port 80. Now question,
08:48can we reach that website? And what I
mean by we is can my computer over here,
08:52which is, you know, me, can
it access that web server?
08:56Can I go to ten seven one two, three, two,
08:59the IP address to the host on port
80 and navigate to the website?
09:02Probably not right. You saw this
coming 10, 7.1 2 3, 2 port 80.
09:06You specify that nothing can't be reached
and that right there is one of the
09:10annoying things about the bridge network.
09:11If you want to access any of the services
that your Docker containers might
09:14offer, like a website,
it won't work by default.
09:17You actually have to manually expose
those ports and you may have done this
09:21before. In fact, let's do it right now.
09:22We need to expose port 80 to the world
to allow us to access. And after that,
09:26we're gonna have to redeploy
storm breaker, nothing too crazy.
09:28I'm gonna jump out of thal, quick type
an exit, gonna remove storm breaker,
09:32or I'll just stop. And he'll remove
himself. Docker stopped storm breaker,
09:35and let's redeploy him with that same
command up arrow a billion times.
09:39I'm so I don't have to
type the command in again.
09:41So here right before I do the name,
09:43I'll do a dash P for port
and I'll do 80 colon,
09:4680 telling Docker to expose this
container's port 80 to my host, port 80.
09:49Let's try it out. Done super
fast. If I do a Docker PS,
09:52this is a great way to see like,
Hey, what ports are being exposed?
09:55It'll tell you right there. And now
if I go and refresh my page Yasi,
09:59it's working. Did I just see Yasi? I
don't know why I said that. I'm sorry.
10:03I'll probably do it again now. Honestly,
10:04that's annoying when you're having fun
in your home lab and you're like, oh,
10:06I have to expose another port,
10:08but it is a pretty good practice to
have that because it does put a layer of
10:11isolation between your containers and
your network. And for that matter,
10:15the host and spoiler,
10:16there will be networks where we
don't have to expose anything.
10:19And they're just amazing.
They're my favorite.
10:20But we'll get to that here in a
moment. And speaking of isolation,
10:22let's move on to our next network.
10:24This one's pretty fun cuz you get
to actually create it now again,
10:27the default bridge is cool,
10:28but what if I told you Docker doesn't
want you to use it? They're like, yeah,
10:31it's there, but please don't use it.
10:32They want you to use this next network
type because they want you to create your
10:37own networks. Which honestly I'm like,
okay, fine. I'll create my own networks.
10:40That sounds pretty fun.
10:41This network is pretty much
exactly like the default bridge.
10:44It's just simply called
the user defined bridge,
10:47which means you're just
defining it. You're making it.
10:49So let's make one real quick user
defined bridge. It's gonna be crazy hard.
10:52Watch. I'm just kidding. It's so easy.
One command Docker network create.
10:56And then what do you wanna name
it? Let's name it. Um, Asgard.
10:59That's it enter network
created. that simple.
11:03If we do IP address show,
11:05we'll see a new virtual bridge is being
created right here with a new network.
11:08Instead of do 17, we got
1 72 18 now a new bridge,
11:12which if we do our other
command network LS,
11:15there he is as guard with driver
type bridge. Now what do you say?
11:19We throw some containers in Asgard.
It's kinda lonely in there right now.
11:21Same stories before, except we
do have a new switch this time.
11:24We'll do dash dash network because
now we're outta default world.
11:28We're gonna actually do something
dash network. And then after that,
11:30the name of your network, simple as that
Asgard, that's it. Then we'll name it.
11:34Let's do, um,
11:36let's do low this time and then
finally the name of our image busy box.
11:40And that should be it done so
easy. Let's do it once more.
11:43Let's add a friend in there. Change the
name from Loki to, I don't know Oden.
11:47Yeah, let's do Oden. Awesome. And just
like before, if we do IP address show,
11:51we have some virtual interfaces
created looking at our bridge link.
11:54We can see those new interfaces tied to
that virtual bridge that was created.
11:58And then we can inspect
that network, pseudo Docker,
12:00inspect Asguard and take a
look at what IP addresses,
12:04OIN and Lokey got handed in the 1 72
18 network. And here's our network now.
12:08And I might be wondering, okay,
why, why is this preferred?
12:12Why should we do this?
12:12And the keyword here is isolation because
right now as guard, let me label it.
12:17Actually we gotta label Asguard
here. Asguard is isolated.
12:19It's protected from the default network.
They can't talk to each other actually.
12:23So if I jump into, let's say Thor,
12:24once more as we did earlier and I try to
ping, let's say Oden or an ping Lokey.
12:29I'm not gonna get anything back. They
are isolated. If you're already in it,
12:32you know how important network isolation
is? We wanna isolate your workloads.
12:36And this is why Docker recommends a
user defined bridge. Bridges are the,
12:39probably the best network in Docker.
12:41If you're gonna be using Docker in
production and you wanna define your own
12:43networks and there's actually one more
cool benefit when using a user defined
12:47bridge versus a default bridge.
12:48And that's you get some cool
container to container DNS action.
12:52Like let me show you let's jump
into Lokey. And here in Lokey,
12:55all I have to do is ping. Let's just
say OIN Oden's name and it resolves.
13:00So in the name of your containers,
we'll have DNS injuries.
13:02You can ping it by name,
13:03which is pretty cool because often
container IP addresses will change.
13:07As you redeploy your workloads. You do
not get that in the default network.
13:10So just define your own networks. Like
we just showed you super easy to do. Hey,
13:13it's time for a quick coffee
break. Oh, that's cold.
13:16I've been recording too long. Eh, I still
need some I'll power through. Anyways,
13:20this coffee break is sponsored by bit
defender and the best way to protect your
13:23computer and yourself online bit defender,
13:25premium security bit defender premium
security is a premium privacy and security
13:30pack for absolute digital freedom.
I'll like the sound of that.
13:33It's got everything best
protection, unlimited VPN,
13:36a password manager and priority support.
13:38It's multi-platform I've got it right
here in my windows machine. Shoot.
13:41I even have it on my phone, which
I didn't know. That was a thing.
13:43Once you have bit defender installed,
it'll protect you all the standard stuff.
13:46You have to worry about. Anti-virus
threat defense vulnerabilities,
13:49and then even like other things, because
this is like a multi-layered approach.
13:52They do online threat prevention, a
cloud-based global protective network.
13:56That's pretty cool. Secures your
device by blocking any online threat.
13:59And of course the firewall,
Ooh, ransomware remediation.
That's that's sweet.
14:03Why don't I have that
on turn it on reverses.
14:05Any damage done by ransomware
by restoring encrypted files,
14:08that's pretty killer. And
anti-spam which by the way,
14:11getting phishing emails and things are
one of the worst and most popular ways to
14:15get like ransomware
and viruses on your PC.
14:17I gotta make sure my employees use this.
14:19And I know because you watch my channel,
14:20you do care about privacy and bit
defender has your back on that.
14:23As we mentioned, they have
VPN and password management.
14:25They also help you safely pay in places
cuz you don't wanna lose your credit
14:28card and stuff to bad dudes.
14:30They also have webcam and microphone
protection because I know you're always
14:34thinking, Hey, is someone watching
me is my webcam on with bid defender.
14:37You don't have to worry about that. Also
dude, stop people from tracking you.
14:40Google wants to know who you are.
14:42We've talked about that before on the
channel bid defender will help them not
14:45find out in the parental control,
which I need cuz I have six kids.
14:49Thank you bit defender.
14:50Now in the past programs like
this may have slowed down your PC,
14:53but with bit defender,
they, they think about that.
14:55They got you actually first the coolest
setting dark mode. But as far as speed,
14:59we can actually change the
profile based on what we're doing.
15:01We can have a work profile movie profile
game profile using that one, a lot,
15:05a public wifi profile, tailored
to what you need in that moment.
15:09Do I need performance or do I
need security? Do I need both?
15:11And the answer's always yes,
15:12but they'll help you mitigate so
that stuff or go into autopilot.
15:16It'll figure it out for you. So
you don't have to worry about it.
15:18Now if only bid defender would
help keep my coffee warm,
15:20it would be absolutely
perfect. But beyond that,
15:22you should definitely check
it out. Link below there.
15:24What I use to protect my computers.
15:25And if you wanna protect yourself and
your computer and your privacy and all
15:28that stuff, we talked
about, check them out,
15:30help support the channel and help support
awesome sponsors like bid defender
15:33anyways, back to Docker. And I wanna
take one more sip of cold coffee. Ah,
15:38now this next network is, um, it's kind
of weird. It's one of the weirder ones.
15:42It's actually pretty awesome.
15:43It's called the host and that might
sound familiar because it was one of the
15:46default networks already there.
15:48And the best way to explain it is just
to show you so here, what I'm gonna do.
15:51Remember our web server storm breaker
operating on port 80 let's uh,
15:54let's delete him real quick.
15:55We're gonna take him out and redeploy
him in a host network. Let's try it.
15:59Docker, stop storm breaker. Then Docker
run once more with all our same stuff,
16:03except this time we're gonna
do two different things.
16:05First we will define our network.
16:07Our network name will just be hosts
and then we will not expose any ports.
16:11Leave it as is. We'll keep
the same name storm breaker.
16:13And then of course specify EngineX
at the very end. That's it deploy it.
16:17Now I wanna show you something really
strange. It's gonna be weird now so far,
16:20nothing too strange,
16:21but let me show you what it looks
like in our network right now with him
16:23deployed in a host network.
16:24Storm breaker will be moved right
up here next to his Papa right next
16:29to the host. And that's it.
16:32 when you deploy a
container to the host network,
16:35he doesn't even really
have his own network.
16:37He just totally bums off the host
he doesn't even have anything.
16:42He shares his IP address
his ports that's that's it.
16:44Now why this is cool is that you don't
have to expose any ports. Check this out.
16:49If I, again, go out to 10.7 0.1 2
3, 2. The IP address of my host. Um,
16:54it's working because right now essentially
Stormbreaker is running as a regular
16:58application on the host, even
though he is a container,
17:00this is super cool for a lot
of reasons. Actually, my buddy,
17:03Christian's gonna tell you how he uses it.
17:04If you deploy a wire guard,
VPN container, for example,
17:07you might not want to
isolate this container with a
separate virtual IP address.
17:11Instead you wanna run this application
directly connected to the host network,
17:15just like every other application
that's installed without.
17:18Docker. So that's all there pretty
much is to the host network.
17:20It's just really lazy, which is awesome.
It just runs like an application.
17:24The downside is there's
really no isolation, right?
17:26It's like right there next to the
host. Yeah, no isolation at all.
17:29Now this next network is
my all time. Favorite.
17:31This thing I could not believe
it's a real network and Docker,
17:35this sucker is called the Mac VLAN and
it's gonna, it's gonna break your brain.
17:39Here's the kn VLAN. What if
we could erase all this stuff,
17:43all the complication, all the
Docker networks and the virtual,
17:45either interfaces, the separate networks.
17:47What if we could take it all away and
to simply connect our Docker containers
17:52directly to our physical
network. That's a Mac VLAN.
17:55This is basically how it would look.
If I connected Thor and Y near yum,
18:00sorry to a Mac VLAN network,
18:03it would pretty much be like
their ethernet interfaces
are connecting directly
18:06to my switch in my house. They
even get their own Mac addresses.
18:10I'm just gonna make random ones up and
they will have their own IP addresses on
18:15my network, on my home network.
That sounds amazing. Right?
18:18They're they're acting like virtual
machines. Let's do it real quick.
18:20I know you can't wait.
Let's do it right now.
18:22Let's first create our Mac VLAN network.
This one will be a bit more involved,
18:25but it's not too crazy. So same story.
18:27As before Docker network
creates this time,
18:30we have to specify what type
of driver we're going to use.
18:33So we'll do that with dash D and then
the driver, which will be Mac VLAN.
18:37And then I'll do a back slash continue
my command on the next line to make it
18:40easier. And prettier.
Now here at the Mac VLAN,
18:42we're gonna have to specify the
subnet. We're putting it into,
18:44and in our case it'll be my home
network or your home network.
18:47So I'll do dash dash subnet. And then
right after that, my home network subnet,
18:52which is mine right here, 10.7 0.104
slash 24. Do another line here.
18:56We also have to specify the gateway.
The router in your home network.
19:00Mine is 10.7 0.1 0.3. And
then finally, one more thing.
19:03One very important thing. Do on one more
line, we'll do a dash oh for options.
19:07And we'll say parent equals E N P zero
S three. And you're probably like, wait,
19:12what? here.
19:13We have to actually tie our Mac
VLAN to our host network interface.
19:18So looking back at our
network diagram here,
19:20the main interface of my Ubuntu
machine it's name was EMP zero S three,
19:24define yours, go IP address, show
and terminal. You'll see what it is,
19:27but you must tie your Mac Von
network to a physical Nick,
19:31the Nick that's connected to the network.
19:32You wanna connect your Docker
containers to so that's, that's it.
19:36And then finally right
after that, just name it.
19:38I'm gonna name mine new as guard. And
that should be it. Let's hit enter.
19:43Yeah, that's done. Let's do a little
Docker network LS action real quick.
19:47There he is. New Asguard Mac VLAN.
So now we have to try it out, right?
19:51So let's put Thor and mul
near into that new network.
19:54Like we have here first off to stop them
and we can do that with one command,
19:57just Thor and then mule
near just like that.
20:01And then we'll deploy them
inside that new network.
20:03And of course here with
our network switch,
20:05we'll specify new Asguard I'll do a back
slash to make things pretty on a new
20:09line. And then there's one more
thing we have to do. I know,
20:11I keep saying new things.
20:12We're gonna have to specify and
assign the IP address ourselves.
20:15I'll explain why here in a bit.
20:17We'll go ahead and just do dash dash IP
and then the IP address we want to use.
20:20Just make sure it's not being used in
your network and that's outside your D HCP
20:24range. I'll do ten seven point one
92. They'll name it four like before,
20:28and then finally specify busy box as
our image. That should be it. Enter.
20:32Good to go. And now Thor
is connected to my network,
20:35like a regular virtual
machine. Well actually,
20:38maybe let me show you.
Let's jump into Thor real quick,
20:42jumping into his shell.
If I do IP address show,
20:45I can see he does indeed
have that IP address, bam,
20:47but let's see if we can ping anything
in my network. Like let's say, uh,
20:50let's ping my default gateway,
which should be his as well. Hmm.
20:54Nothing happening this right
here. Illustrates one of
the downsides of Mac VLAN.
20:58It sounds all cool. Like it's amazing,
right? But remember with Mac VLANs,
21:01each of your Docker containers
are getting their own Mac address.
21:05Now where that becomes an issue is your
network may not be able to have multiple
21:09Mac addresses on one switch port. So
really when I drew this out the cable,
21:13the connection is sharing
a port with the host.
21:16They're all connected to the same port,
which will see multiple Mac addresses.
21:19And a lot of times ports can't handle
that. It might have port security,
21:22which says, you know, can only have one
or maybe two Mac addresses on one port.
21:26And that breaks things. You'll often
see this called promiscuous mode.
21:29I think I'm gonna spell this right?
21:30And if you wanna try this you'll need
that enabled. So if you're like me,
21:33it probably didn't work right now, but
we can enable it and it should work.
21:37Fingers crossed we'll
first start with the host.
21:39We have to actually enable promiscuous
mode on its network interface.
21:42One easy command IP link set. And that
will specify our network interface.
21:47Mine is E N P zero S three, then
promi. That's how the cool kids say it.
21:52Promi promiscuous on that should do it.
21:55Let's jump back in a Thor and see if
that worked P my default gateway still
21:58nothing.
21:58That means we have to go off the chain
and change on each network device.
22:01Now you're seeing the pain here,
right? It's like, oh my gosh,
22:03Mac bland sounded really
cool until we hit this issue.
22:06There's a different way to do it coming
up in the next network. But hold on,
22:10let's try one more thing. And virtual
box, we can also enable promiscuous mode.
22:13Let me jump into my virtual
machine settings, go to network,
22:16click on advanced and right here,
promiscuous mode is in deny mode. Well,
22:20of course it's not gonna
work. So let's enable that.
22:22Let's just do allow everything.
It's a lab who cares click. Okay.
22:26And now fingers crossed. Give it a
second. Okay. Chuck, from the future here,
22:31I did have to reboot my host and then
do that command once more IP set, link,
22:36whatever. And now fingers crossed.
22:40It totally works connected
directly to my network.
22:43So the Mac VLAN literally has all
the benefits of a bridge network,
22:46except it's directly connected to
your home network. Isn't that crazy?
22:51And when I say all the benefits, I
really do mean it like let's deploy.
22:54What was the other dude? Let's the
other dude in our network. Oh, Mulk.
22:57Let's deploy him. If I jump into him
real quick, watch this. I can ping Thor.
23:01We still have that cool
container DNS resolution thing.
23:04And what this also means is if I
deploy a web server in a Mac VLAN,
23:08I don't have to expose any ports. It's
on its own IP address. Let's try it out.
23:12We'll deploy Jane Foster as an EngineX
web server, and it'll put it on,
23:16make sure this IP address is available.
Yes, 96. And now if we just go out to,
23:21this is so cool, 10, 7, 1
96, it just sneak and works.
23:25That's my preferred Docker way to
do things. It's awesome. Now, again,
23:28as I mentioned, the Mac feeling has
a downside. Actually, two of them,
23:31that whole Mac address thing
happened to have promiscuous mode,
23:33which you may have no control over
and something we haven't mentioned.
23:36And that's the IP address thing. No DHCP.
23:39You would expect that if you connect your
device directly to your home network,
23:42it'll get an IP address from your, your
router or whatever's offering D ACP. No,
23:47in fact, it's even worse.
if you don't specify an IP address,
23:50when you deploy your container,
Docker will choose one for you.
23:53Docker will use its own D ACP and assign
like dot two or dot three or dot four.
23:58You know, the way it does
a normal bridge network,
24:01which could create a
little bit of the conflict.
24:04 because you got two DHP servers
in your network. So in that scenario,
24:08dude, just specify your IP address with
every container or you can do it like
24:12Christian does. So.
24:13I do it this way. I specify the IP
address range of the IP addresses.
24:18The Docker host should
assign to the containers.
24:20And I know limit this
to just one IP address,
24:24not used by any other device within
that network. This is really dumb.
24:28Let's be honest.
24:28And yes, I agree with Christian.
24:29It is pretty stupid that
Docker does that.
24:32Why would I want that with
the Mac VLAN network Docker.
24:34Now we'll talk about how we can solve
the problems with Mac VLAN with the next
24:37network type, but the Mac
VLAN, it has two modes.
24:42Didn't see that coming. Did you, the
mode we're looking at now is bridge mode.
24:46It acts just like a, a bridge network,
except it connects to your network,
24:49which is again amazing. But
there's another mode in this one.
24:53 it's gonna make the network
geeks cry a little bit with joy,
24:57tears of joy. It has an 8 0 2
do one cue mode with this mode.
25:02 and if you're a networking
geek, you already know where it's going.
25:05Not only can you connect your
containers directly to your network,
25:08but you could also specify this is so
crazy a sub interface. So for example,
25:13eat zero 20, eat zero dot three,
25:16which will have Docker actually
create sub interfaces auto magically.
25:21And it will send these individual
networks, these VLANs over the link,
25:26like it's a trunk, which
if I lost you here,
25:28then you probably don't care about
networking as much as I do. And others do.
25:30So think route or on a stick with Docker
containers on a host and I'll show you
25:34what it looks like real quick.
25:35So let's assume 20 is VLAN 20 and 30 is
VLAN 30 and here's their IP addresses.
25:39It's a completely different network.
Let's create it real quick. First.
25:42I will delete my existing Mac VLAN
I'll first, uh, stop Thor and Mulk.
25:46I'll remove the network with pseudo
Docker network, R M and then new Asgard.
25:51The name of the network.
Oh, wait, I forgot. He had
one more end point in there.
25:54He had Jane Foster. Sorry, Jane
Foster. I forgot about you. Okay.
25:57Now it's removed.
25:58Now let's recreate that Mac VLAN with
a few pretty big differences. Here.
26:02We get a new subnet, a new
gateway and a new sub interface,
26:06which it'll be the host, uh,
interface. Same as before.
26:09So it'll be parent equals EAN.
Was it PP? Yeah. Zero S three.
26:14And then to create that sub
interface, it'll be dot 20,
26:17which that sub interface
currently does not exist,
26:19but Docker will auto create it when it
sees you doing this and then we'll name
26:22it. I'll just go Mac VLAN 20. Oh,
26:26I totally forgot to do create network.
Okay. Network. There we go. Oh,
26:30too many ticks. Am I O there we
go. Why is it not working? Oh,
26:33totally forgot to do Docker network
create. Okay, gotta get that right.
26:36There we go. So don't have to do
IP address, show new sub interface.
26:41Now of course, in that scenario, you
would need to have, have trunking set up,
26:43which I'm not gonna cover.
That's outta scope of this.
26:45That's pretty sticking cool.
26:46Now I'm gonna delete that cause
I don't need it right now.
26:49And let's talk about
our next network. Now,
26:50this one solves the big problem with Mac
VLANs, that stinking promiscuous stuff.
26:55And it's actually, I think
probably my favorite over Mac VLAN,
26:58because it has two very funky
modes. While one of them's spunky,
27:02the other mode is fine. This is
called IP VLAN. It has two modes,
27:05L two and L three.
27:07We're gonna focus on L two because it's
pretty much the stink and same as Mac
27:11VLAN with one very awesome
difference. And it solves our problem.
27:14So whereas Thor and mail
near and a Mac VLAN,
27:17they are assigned their own Mac
address, which sounds cool in theory.
27:20But it really isn't because it messes
with our switches and the promiscuous
27:24stuff. You got it right with IPV lands.
Nope. They don't do that. Instead.
27:28They keep all the awesomeness of
connecting it directly to your network and
27:31getting a real IP address.
27:32But they allow the host to share
its Mac address with the containers.
27:37So Thor Millner its Mac address
will match exactly to the host,
27:41but they'll still have IP
addresses on our network.
27:43This seems to resolve all
issues. And in most cases will,
27:46as long as you switch your router security
stuff is are okay with there being
27:50one Mac address with like 20 IP
addresses. But for the most part,
27:53it should be fine.
27:53So let's actually create that right
now to solve our promiscuous issues,
27:56to create that network,
27:57same stories before Docker network create
we'll do a dash D for our driver we're
28:02gonna use, and it will be IP V
L now to do IP VLAN mode L two,
28:06you don't have to think about
it just that's the default mode.
28:08So leave it as is.
28:09And at this point it's pretty much the
same as the Mac VLAN to specify subnet
28:13gateway, parent interface,
we'll name it again.
28:15New Asgard will work and that's it.
28:17And when we add our containers specifying
to use the new Asgard network and
28:20assigning our IP address, cuz it will
still have that annoying IP address issue.
28:24Didn't get rid of that. We'll launch
Thor. Let's jump into Thor real quick.
28:27See if we can pick our gateway golden,
28:29let's pick the internet and then let
me show you how they have the same Mac
28:32address. Let me exit I'll do
IP address show on the host.
28:35Notice the Mac address of EMP zero
S three is ready to go right here,
28:39ending in 33, 8 or ad. If
I bring up the command,
28:43prompt on my computer and ping 10, 7.1 92,
28:47it'll take a second to resolve it. It's
trying to get through a bunch of stuff.
28:50There it goes. Have me nervous
for a second. Yeah. Still working,
28:53but check my a table. We'll look at that.
28:55The Mac address I see for ten seven,
one ninety two is the same as my O Buntu
28:59host. Okay, cool. IPV land. L two,
nothing too crazy. Pretty much.
29:02Same as Mac VLAN,
29:03except just a little bit better in a lot
of situations now time for L three and
29:07this one's probably my favorite out of
all of them because of how crazy it is.
29:10The internet was begging for this and
Docker finally made it happen and it's
29:13pretty much a love letter to networking
nerds. So you're welcome. IP VLAN,
29:17L three is all about layer three.
And when I say layer three,
29:20I mean IP addresses, routing routes.
That's all we're talking about here. So,
29:24so far actually with our bridge Mac VLAN,
IPV, VLAN, it's all been very layer.
29:29Two focused dealing with Mac
addresses, ARP responses and requests.
29:33Everything's very layer two and
switch like, but with L three, Nope,
29:39no more switching. No more
switching. No more ARP.
29:41We're all layer three IP addresses.
So with IP V and L three,
29:45we're not connecting our containers
to our network. Like it's a switch.
29:49We're connecting it to our
host. Like the host is a router.
29:53 what I'll explain. Watch
this. Let me give you an example.
29:55So here we're gonna create two new
networks out of thin air. Okay.
29:59You've got new as guard
up here with the network
30:021 9 2, 1 68 94, 0 slash
30:0624. And then we'll do,
I don't know like earth.
30:09I'm getting lazy with my examples
earth with 1 92, 1 68 95 0.
30:14Now what I wanna point out right now
is that these networks brand new,
30:16they don't exist on my network at all.
30:18My home network has no idea how
to reach these totally brand new.
30:21When we deploy these networks and
throw these containers in there,
30:24these containers connection to the
outside world is completely layer three.
30:29They connect to the host like it's a
router. These are layer three connections.
30:34And what that means for networking people
is that there's no broadcast traffic
30:39anymore, no broadcast draft, which you
know, can be a very, very good thing.
30:43Because if you have a pretty
complex layer, two network,
30:46you've got bridging loops, you have to
worry about all those BPDU Pippi dos,
30:50spin it around and for a bit,
30:51it's been best practice to remove a bunch
of layer two and focus on layer three
30:56connections to your top
rack switches, right?
30:58I know I'm going real deep on
networking, but that's what this is for.
31:00So because layer three, no broadcast.
It's not responding to our request,
31:04which again is very
cool for network nerds.
31:06But the problem we have
here is that right now,
31:07these containers really can't talk to
anyone outside of their own network.
31:11Like for example, Thor cannot go to
the internet. Thor can't talk to me,
31:16which is really sad. I can't talk to Thor.
31:19I cannot reach containers in that network
at all exposed ports doesn't happen.
31:23That's not even a thing.
31:24Cuz we're dealing with layer three
and we're dealing with routing.
31:26And right now my network and all my
hosts in my network have no idea how
31:31to reach 1 92, 1 6, 8 94, 0 that's Anno.
Like they don't have a route for it.
31:36It's not in their routing table. So that
might sound kinda stupid. It's like,
31:38why would you deploy this?
If they can't reach anything?
31:40Well it's because you get more control
and control is the name of the
31:44game here.
31:44You can do some crazy isolation with
your containers and you can restrict and
31:49isolate them via layer three via
networks. So again, right now,
31:52no one can reach them, but I
can control who reaches them.
31:55All I have to do is in my
network, my home network.
31:58I just have to tell my router, Hey,
if you wanna reach 1 9 2 1 6, 8 94 0.
32:03I know where you should go.
32:04I want you to go to the host
ten seven one two three, two.
32:08The ATU host he'll know how to get there.
32:09Cause remember he's
functioning as the router.
32:12So I'm just telling my home network.
Hey, this network is kind of a weird one.
32:15If you wanna talk to these guys,
they're over there. Talk to that dude.
32:18And that's really how networks work.
That's static route. It's so cool.
32:21Let's deploy it real quick.
32:22You can deploy this in your
own home network right now.
32:24You just have to have access to
your router to be able to do this.
32:26So real quick,
32:27I wanna delete my previous I P B land
network because you can't have more than
32:30one network linked or assigned to, uh,
a network interface. And I only have,
32:34I only have one network interface on my,
uh, machine here, so I will stop Thor.
32:38No one can stop Thor, but me.
32:40Then I will remove new ASCAR and
now let's create an IPV V L three
32:45network. Same story.
32:46As before I've been saying that
a lot Docker network create our
32:51type will still be IPV land when we do
dash D and then we'll specify our subnet,
32:56which is gonna be a brand new network
we're creating right now, 94, 0 slash 24.
33:00And then the big thing we don't do here
is we don't specify a gateway because
33:04with a I P VLAN L three network,
33:07the gateway is gonna be the
parent interface. We tie it to,
33:10we don't have to specify that. It'll
just be that way. Um, that's pretty cool,
33:13but we will have one more new thing.
33:15So let's do a dash O parent we'll
specify the parent interface,
33:18which again was for me E N P zero S three.
33:21Then we have one more dash O is
how you specify additional options.
33:25We'll do IP VLAN, underscore
mode equals L three.
33:30And that puts it in the L three mode as
it, you know, you might have guessed,
33:33you might think, oh, Hey,
that's it. No, no, no.
33:35We're gonna go ahead and
specify our other network.
33:38We'll do subnet and
we'll do 1 92, 1 68 95 0
33:43didn't know we could do that. Did
you? And we actually have to do that.
33:45If we're gonna create more than one
network that are gonna be using the same,
33:50uh, physical interface. But anyways,
let's go ahead and name it real quick,
33:52new agar. And that's it. Now, as far
as like what's been created in Docker,
33:56nothing outta the ordinary, you'll see
anything it's all in the background.
33:59So let's go ahead and deploy
some containers in there.
34:01Same story as before our network will
indeed be new ASCAR and you could at this
34:05point specify or not specify N IP address,
34:08but because we have two
subnets in this network,
34:10we will have to specify which
one we want them to go into.
34:12And we'll do that just by simply assigning
the IP. I'll do 94.7 for this one.
34:16This will be four busy box bam.
And then we'll add another one.
34:20We'll change the name to mul near. We'll
keep 'em in the same subnet as well.
34:23We'll do a dot eight and then we'll add
the other guys lowkey. We'll do, uh,
34:27the new subnet 90 five.seven
and then Oden 95 do eight.
34:32Now we did a lot here,
34:32but we pretty much just copied
what we drew in our diagram here.
34:35This is how it looks and
let's go inspect that network.
34:37We'll inspect new Asgard and we can
see our containers with their assigned
34:42IP addresses. Now let's jump into Thor.
Like we always love to do first Thor.
34:46He can't reach the internet while he
does have a route out. If I do IP route,
34:50see his route is to Ethan net zero,
which goes back to my physical interface.
34:54But right now, when he
does make that journey out,
34:57nothing knows how to get back to
him. Now don't feel too bad for Thor.
35:00He can still ping his friends.
He can ping Milner even by name.
35:04Can he ping the other network? Kenny?
He ping earth. Let's try pinging Lokey.
35:08Yeah, totally can. Even though it's in
a different subnet, he can ping Lokey.
35:11And that's a key thing you have
to know about IP VLAN, L three,
35:14that's a mouthful and a half when
separate networks share this same parent
35:17interface like these two networks do,
they can talk to each other all day.
35:20So if you want that network isolation
you'll need to connect them to a different
35:23physical interface with IPV V line
L three S but I feel bad for them.
35:27I want them to have access to everything.
35:28So let's add a static route in my
network and I'll show you how this works.
35:32It's so neat. I'll jump into my
unified, which is what I use for home.
35:34Networking, jump to my
router here and I'll create,
35:37create two static routes telling
them the next top is ten seven one.
35:40Let me just actually make sure my IP
address is the same. Oh, it's 2 29.
35:43Now it's changing. It changed.
35:45So 10.7 1 2 29 and then
I'll add one for earth.
35:49So by creating these static routes, I've
told my router and my entire network,
35:54how to get to these container
networks. So in theory,
35:57if I jump into Thor
once more, that rhymed,
36:01I should be able to ping google.com
ho I should be able to ping my
36:06router.
36:06I'll ping my NA in my office and my
computer should be able to ping Thor as
36:11well. So Thor is of IP address is
36:131 9 2 1 68 94, 7 94 7 bam.
36:17So that's pretty cool. IP V L L
three, turns your host into a router,
36:22allowing you to create Docker container
networks that are layer three only and
36:26routed, which is like the best practice
of networks. I love it so much now.
36:31I'm pretty sure this video
has gone on pretty long,
36:33but we've gotten through five networks.
36:35We only have two more left
and they're very, very quick.
36:37The sixth network is
called an overlay network,
36:40and I'm not gonna show you what
that is because it's more for,
36:43if you have different
hosts, like right now,
36:45we're working with one host and that's
normally what you'll do in your home and
36:48your lab, but in production and in
the cloud or wherever you're gonna be,
36:50you might have multiple hosts running
a bunch of containers all across these
36:53different machines. And they're probably
running something called Docker swarm,
36:56which is very similar to Kubernetes.
It's just Docker's version of that.
37:00Now you can imagine if you had multiple
hosts with containers that maybe you
37:04want to talk to each other on all the
different hosts that could get kind of
37:07complex, that networking
can get kind of crazy.
37:10That's where an overlay
comes into play overlays.
37:13A very common thing in networking now,
37:14and basically it kind of abstracts or
removes the complication for you and
37:19allows you to simply make rules on how
those containers can talk to each other.
37:22It's very cool, very complicated. And
it's all the rage networking. Just know.
37:26You'll probably not use that right now
unless you're dealing with Docker swarm
37:29and you're gonna create overlay
networks. So go look that up.
37:32I'm not gonna cover it. And then I
saved the most secure network for last.
37:36This is like, you can't get any more
secure than this security guys. Get ready.
37:41Allow me to unveil ready, drum, roll
37:45the nun network. The name says
it all. It is absolutely nothing.
37:49I don't have to create it. It's already
there. See none. The driver is null.
37:53And if I create a container inside there
network, none. I love putting that.
37:57We'll say gore as the name
busy box, as the image,
38:00we'll jump in there real quick.
If I do an IP address show,
38:02there's nothing to show.
All it has is loop back.
38:04You're not giving you anything.
It's got nothing, none, that's it.
38:08So those are the seven Docker networks.
38:11This will open up a whole new world for
you in your lab and possibly in your
38:15career. Having Docker networks has a skill
on your resume. Do put that on there,
38:19do this lab and put
that lab on your resume.
38:21And let me know how you implement
this into your home lab.
38:24I'm already starting to,
38:25it makes things so much simpler when
you know how the networking works.
38:28And frankly, it's just really, really fun.
38:30And let me know which
one is your favorite.
38:31I'm kind of in between the Mac
VLAN I P VLAN L two and, and uh,
38:35L three L three. I'll probably never,
ever use actually. You know what?
38:38I will use that just because I
wanna be comp complicated. Yeah,
38:41I'm gonna use it anyways.
That's all I have guys.
38:43Thanks for having some coffee with me and
discussing something very fun and very
38:46cool. I know this video may have
been a bit longer, but it was a,
38:49it was a pretty complex video.
38:51And thanks again to Christian from that
digital life for his awesome content.
38:54If you haven't already subscribed to
him and check him out linked below,
38:56and by the way, have you hacked
the YouTube algorithm today?
38:59Let's make sure you do hit that light
button notification, bill comment,
39:02subscribe comment. Or you said comment
you gotta hack YouTube today.
39:06Ethically of course. And yeah,
that's really all I have. Um,
39:10I'll get you guys next time.
🎥 Related Videos