1
00:00:00,730 --> 00:00:04,490
So what are you doing in this example the source address translation.

2
00:00:04,610 --> 00:00:11,560
We're not going to do destination address translation as source address translation tends to be the

3
00:00:11,560 --> 00:00:18,010
most common implementation of MacT and that's what you need to know for the CCN a certification with

4
00:00:18,010 --> 00:00:24,880
source address translation you're typically netting devices on your internal network that use our FC

5
00:00:24,880 --> 00:00:33,300
19:18 addresses for those devices to access devices on the Internet their addresses need to be translated

6
00:00:33,660 --> 00:00:40,170
or changed from an RF see 19:18 address to a publicly readable address.

7
00:00:40,200 --> 00:00:48,640
In this example the router has an IP address of 1.1 but one to one and we are going to not host 10 wondered

8
00:00:48,670 --> 00:00:53,110
one but one to an IP address of one that one that one but two.

9
00:00:53,130 --> 00:00:58,670
So in this example we not netting the PCs IP address to the routers IP address.

10
00:00:59,040 --> 00:01:01,830
I'll show you that example in a moment.

11
00:01:02,070 --> 00:01:09,870
In this example we are enacting one internal IP address or private IP address to a dedicated public

12
00:01:10,020 --> 00:01:11,610
IP address.

13
00:01:11,730 --> 00:01:16,630
In this example we've also got a server on internet with an IP address of to to to to to to to.

14
00:01:16,840 --> 00:01:20,720
So the Rodda will populate to the next table as follows.

15
00:01:20,760 --> 00:01:22,610
Inside a local address is tendered.

16
00:01:22,620 --> 00:01:22,920
Wondered.

17
00:01:22,920 --> 00:01:23,220
Wondered.

18
00:01:23,220 --> 00:01:31,590
One inside global is one that one one to a T outside local and outside global are set to to to to to

19
00:01:31,590 --> 00:01:32,860
to talk to.

20
00:01:33,150 --> 00:01:40,520
In this example we not netting the outside address we are only getting the inside address if you are

21
00:01:40,550 --> 00:01:47,170
sniffing this local area network connection between the PC and the router using Y shock and I'm going

22
00:01:47,170 --> 00:01:53,890
to demonstrate that in a moment what you would see is that the source address of the packet is set to

23
00:01:53,890 --> 00:01:56,020
10 to 1 to 1 to 1.

24
00:01:56,020 --> 00:02:02,330
That's the physical IP address of the host the destination address for Traffic is to to to to to to

25
00:02:02,330 --> 00:02:03,150
a T.

26
00:02:03,220 --> 00:02:06,940
In other words the PC has initiated a session to the server.

27
00:02:07,150 --> 00:02:14,080
And if you capture traffic on the local network so addresses the PC's actual IP address and destination

28
00:02:14,080 --> 00:02:16,810
address is the servers IP address.

29
00:02:16,810 --> 00:02:23,320
However when the traffic hits the router the Radu will look in the NAT table because it's receiving

30
00:02:23,320 --> 00:02:30,280
traffic on an inside interface which you configure and the traffic is destined to an outside interface.

31
00:02:30,430 --> 00:02:33,950
So you configure the Rodda with the inside and outside interfaces.

32
00:02:34,120 --> 00:02:40,300
And because of that configuration the router looks in the next table to see if addresses should be noted

33
00:02:40,810 --> 00:02:44,940
in this case the source IP address matches an entry in the table.

34
00:02:45,220 --> 00:02:50,980
So the source IP address is going to be changed to one that won that one but to the destination address

35
00:02:50,980 --> 00:02:57,250
is not going to be changed it's going to remain as two toe to toe to toe to the right will change the

36
00:02:57,250 --> 00:02:57,940
source address.

37
00:02:57,970 --> 00:03:03,580
And then for the traffic to the Internet the source address matches the same tree of ten that wandered

38
00:03:03,640 --> 00:03:09,980
one one and the destination address matches this entry to to to to to to to.

39
00:03:10,180 --> 00:03:17,770
So the router is going to change the source IP address to 1.1 but one to two has per the inside global

40
00:03:17,770 --> 00:03:20,330
entry in the NAT table.

41
00:03:20,470 --> 00:03:25,210
In this example the outside local and outside global addresses are the same.

42
00:03:25,210 --> 00:03:29,230
So the router doesn't change the destination address in the packet.

43
00:03:29,500 --> 00:03:35,740
If you sniffed the traffic using wireshark on this link from the router to the internet you would see

44
00:03:35,740 --> 00:03:41,470
that the source address is set now to 1.1 but one to two rather than 10.

45
00:03:41,590 --> 00:03:47,920
One but one but one which it was said to you on the inside network when the traffic arrives at the server

46
00:03:48,110 --> 00:03:55,510
and the server receives the traffic the server believes that it's talking with a host with an IP address

47
00:03:55,510 --> 00:04:01,990
of 1.1 but one to two the server never sees that the actual source IP address was tendered wondered

48
00:04:01,990 --> 00:04:07,850
wondered one when the server replies the source and destination addresses are swapped around.

49
00:04:07,990 --> 00:04:14,130
So the source address is now to to to to to to a T and the destination address is now.

50
00:04:14,140 --> 00:04:14,670
Wondered.

51
00:04:14,680 --> 00:04:16,180
Wondered wonder tea.

52
00:04:16,390 --> 00:04:21,990
The packet is now routed across the Internet and arrives at the NAT router.

53
00:04:22,330 --> 00:04:28,160
When the router receives the traffic it sees that the traffic is destined to not be address of 1.1 but

54
00:04:28,240 --> 00:04:34,090
wander to the road it will check in its NOT table whether it has a matching entry.

55
00:04:34,270 --> 00:04:37,190
In this case it does the inside global address.

56
00:04:37,210 --> 00:04:41,690
He's wondered wondered wonder too which matches the destination address.

57
00:04:41,890 --> 00:04:44,420
So what the router will do is it will not.

58
00:04:44,620 --> 00:04:45,570
The IP address.

59
00:04:45,580 --> 00:04:46,860
Wonder wonder wonder.

60
00:04:47,080 --> 00:04:49,420
T and change it to 10.

61
00:04:49,440 --> 00:04:54,360
That one that one but one before forwarding the traffic on to the local network.

62
00:04:54,610 --> 00:05:00,940
The source address of people too is not changed because those entries are the same in the net table

63
00:05:00,940 --> 00:05:04,110
for outside local and outside global.

64
00:05:04,120 --> 00:05:10,510
So once again if you sniffed the traffic between the route and the PC you would see that the destination

65
00:05:10,510 --> 00:05:14,810
address is tendered wondered wondered one source or races to to to to to to t.

66
00:05:14,890 --> 00:05:21,450
And that's because the router has changed the destination IP address based on the inside local entry.

67
00:05:21,460 --> 00:05:24,180
Now that's essentially how that works.

68
00:05:24,190 --> 00:05:28,420
This is a simple one to one mapping with basic Nat.