1
00:00:00,840 --> 00:00:04,540
So why do we need net or network address translation.

2
00:00:04,560 --> 00:00:08,190
The major reason is IP version 4 address exhaustion.

3
00:00:08,190 --> 00:00:14,400
For years there's been a worry that IP version for addresses would run out and the heavy essentially

4
00:00:14,400 --> 00:00:22,750
run out today is the drive to move to IP version 6 because of IP version 4 address exhaustion.

5
00:00:22,800 --> 00:00:30,510
However it's probably more than likely that he's still using an IP version for dress and in a lot of

6
00:00:30,510 --> 00:00:36,050
networks today engineers still need to make the move to IP version 6.

7
00:00:36,060 --> 00:00:45,630
One of the reasons for that is because of RAFC 1918 RAFC 1918 was drafted in February 1996.

8
00:00:45,870 --> 00:00:48,990
So in other words it's been around for a long time.

9
00:00:49,050 --> 00:00:53,750
This discusses the address allocation for private internets.

10
00:00:53,790 --> 00:00:57,390
I'm not going to bore you going through the entire document.

11
00:00:57,390 --> 00:01:01,350
But notice in section 3 they talk about private address space.

12
00:01:01,350 --> 00:01:07,650
The Internet assigned numbers of 30 or I honor has reserved the following three blocks of IP address

13
00:01:07,650 --> 00:01:15,650
space for private internets 10.00 that zero up to 10 or 255 255 255.

14
00:01:15,660 --> 00:01:25,700
In other words a 10 slash 8 Prefect's 172 to a 16.00 up to 1 7 2 3 1 2 5 5 2 5 5.

15
00:01:25,740 --> 00:01:36,250
This is a 1 7 2 door 16 slash 12 Prefect's and then we have 1 1 2 1 6 8 0 2 0 2 1 2 1 6 8 255 255.

16
00:01:36,270 --> 00:01:42,570
This is a 1 9 2 1 6 8 slash 16 Prefect's in my example here.

17
00:01:42,720 --> 00:01:47,830
I'm using a 1 9 2 1 6 8 189 address internally.

18
00:01:47,910 --> 00:01:49,570
What are you using on your PC.

19
00:01:52,010 --> 00:01:59,090
More than likely if you're at home using one of these are provision for addresses in companies as mentioned

20
00:01:59,090 --> 00:02:04,580
such as Apple or HP you may be using a public IP address.

21
00:02:04,580 --> 00:02:09,640
So RAFC 19:18 was drafted to try and conserve IP addresses.

22
00:02:09,650 --> 00:02:17,800
The idea here is that rather than allocating public IP addresses to every device in the Internet devices

23
00:02:17,800 --> 00:02:25,090
within companies could be allocated these addresses and they could be enacted or translated when they

24
00:02:25,090 --> 00:02:29,740
needed to access the Internet with port address translation or pat.

25
00:02:29,740 --> 00:02:36,160
The idea is is that you overloading an IP address hence the term that Cisco uses.

26
00:02:36,160 --> 00:02:42,130
We could have one public IP address used by 500 internal devices.

27
00:02:42,160 --> 00:02:47,700
These are F.C. 19:18 addresses are non ratable on the Internet.

28
00:02:47,710 --> 00:02:55,390
In other words Internet service providers will block or drop in traffic going to or coming from these

29
00:02:55,390 --> 00:02:56,720
address ranges.

30
00:02:56,980 --> 00:03:03,460
Well that's assuming that they've configured they rightest correctly but they should have access lists

31
00:03:03,820 --> 00:03:08,500
blocking those addresses so that they non-radical on the Internet.

32
00:03:08,560 --> 00:03:16,150
These are iffy 19:18 addresses are used internally within organizations and hence we have the term private

33
00:03:16,150 --> 00:03:24,780
addresses used within private networks and public addresses used on the global public internet now.

34
00:03:24,780 --> 00:03:30,720
Technically there's nothing stopping private IP addresses from being routed across the Internet.

35
00:03:30,720 --> 00:03:37,520
The reason they non-radical is because ISP are blocking traffic to or from those address ranges.

36
00:03:37,560 --> 00:03:43,270
So the issue is if private IP addresses are non-profitable how do we get onto the Internet.

37
00:03:43,530 --> 00:03:50,340
Well that's way network address translation that comes in that allows us to translate a private IP address

38
00:03:50,730 --> 00:03:57,690
to a public IP address your Internet service provider or ISP will allocate you an IP address or a range

39
00:03:57,690 --> 00:04:05,490
of IP addresses a router or other type of device will translate to your internal private IP addresses

40
00:04:05,520 --> 00:04:10,140
to that globally readable public IP address.

41
00:04:10,140 --> 00:04:17,070
Now the terminology that Cisco use can be confusing and it's something that people often struggle with

42
00:04:17,670 --> 00:04:25,260
Cecka use the terms inside a local address inside a global address outside local address and outside

43
00:04:25,260 --> 00:04:26,790
global address.

44
00:04:26,790 --> 00:04:31,050
Now the terms used to network address translation can be very confusing.

45
00:04:31,050 --> 00:04:34,060
This is probably one of the hardest things to understand with Nat.

46
00:04:34,100 --> 00:04:41,580
So you use these terms inside a local address inside global address outside local address and outside

47
00:04:41,580 --> 00:04:45,390
global address to try and help you remember these terms.

48
00:04:45,390 --> 00:04:47,340
Think of the following analogy.

49
00:04:47,610 --> 00:04:53,830
The PC in this apology PC one is an insider in your organization.

50
00:04:53,850 --> 00:05:00,990
Insiders in your organization are people who work for your company or who have access to the Insight

51
00:05:01,290 --> 00:05:04,490
Network or local area network.

52
00:05:04,530 --> 00:05:11,650
So this PC is an inside host or inside the server on the other hand is an outsider.

53
00:05:11,790 --> 00:05:14,370
It doesn't belong to your organization.

54
00:05:14,520 --> 00:05:16,830
It's on the global Internet.

55
00:05:16,830 --> 00:05:23,850
It is an outside host the network that the PC is connected to is the local area network.

56
00:05:23,880 --> 00:05:27,930
This is a local LAN or local network.

57
00:05:27,990 --> 00:05:34,680
If you run with a shock on this network and captured packets they would be deemed to be local addresses

58
00:05:34,710 --> 00:05:38,870
because they are on the local LAN the Internet.

59
00:05:38,910 --> 00:05:41,850
On the other hand once again is global.

60
00:05:41,850 --> 00:05:49,280
Think of traces in the Internet as global addresses because they are on the global Internet.

61
00:05:49,320 --> 00:05:52,470
So in other words think of addresses as follows.

62
00:05:52,680 --> 00:06:03,150
Inside a local is the IP address of this inside host on the local LAN inside global is the IP address

63
00:06:03,150 --> 00:06:09,770
of the local PC PC one as seen on the global Internet.

64
00:06:10,160 --> 00:06:19,140
If he sniffed traffic on a local LAN you would see the inside a local address of the PC if he sniffed

65
00:06:19,200 --> 00:06:28,050
traffic using Y shack on the internet you would see the inside global address of the PC outside a local

66
00:06:28,140 --> 00:06:31,170
is the IP address of this outside server.

67
00:06:31,290 --> 00:06:41,160
When seen on the local area network outside global is the IP address of this server on the global Internet.

68
00:06:41,160 --> 00:06:44,290
So in summary this is an inside host.

69
00:06:44,340 --> 00:06:50,580
So we have an inside local address an inside global address the inside hosts IP address on the local

70
00:06:50,850 --> 00:06:58,410
area network is an inside local address this inside hosts IP address when seen on the global Internet

71
00:06:58,980 --> 00:07:04,820
is the insight global address inside host on local network inside.

72
00:07:04,830 --> 00:07:12,090
Host on global Internet this outside PCs IP address when seen on the global Internet uses the outside

73
00:07:12,120 --> 00:07:13,260
global address.

74
00:07:13,380 --> 00:07:19,440
But when seen on the local area network is the outside a local address.

75
00:07:19,440 --> 00:07:21,030
I hope that helps you remember the terms.