1
00:00:00,330 --> 00:00:07,860
Now if they were multiple hosts on Insight Network let's say we've got PC one and PC to PC one has an

2
00:00:07,860 --> 00:00:13,510
IP address of 10 to 1 to 1 and 1 PC to has an IP address of 10 that one would wonder.

3
00:00:13,890 --> 00:00:21,420
In this example if we were using 1 to 1 Nat rather than port address translation Pat we would need to

4
00:00:21,420 --> 00:00:24,730
create a net entry for each host.

5
00:00:24,810 --> 00:00:31,710
So Host 1 as an example would be enacted to one that one would want a to and host to a PC ti would be

6
00:00:31,710 --> 00:00:41,640
netted to one but one would 1.3 the net increase would look as follows 10 1 1 1 2 1 1 1 2 10 1 1 2 2

7
00:00:41,750 --> 00:00:48,990
2 2 1 2 1 2 1 2 3 as the inside global address outside local outside global in this example would be

8
00:00:48,990 --> 00:00:49,840
the same.

9
00:00:49,860 --> 00:00:55,530
So the inside local address would be the actual IP address of the host the inside global address would

10
00:00:55,530 --> 00:01:00,440
be the nattered global address as seen on the Internet.

11
00:01:00,690 --> 00:01:05,670
The outside local and outside global addresses in this example would remain the same because we are

12
00:01:05,670 --> 00:01:12,990
not enacting the destination IP address only the source IP address will be netted in this example.

13
00:01:13,050 --> 00:01:19,650
The problem with Pier network address translation as shown in this example is that you would need a

14
00:01:19,800 --> 00:01:28,860
public IP address for every internal host that uses a private RAFC 19:18 address that kind of defeats

15
00:01:28,860 --> 00:01:34,590
the whole purpose of network address translation where we want to conserve IP addresses in the real

16
00:01:34,590 --> 00:01:35,210
world.

17
00:01:35,220 --> 00:01:43,800
We tend to use Pat or port address translation which so Scott also call not overloading Pat allows multiple

18
00:01:43,860 --> 00:01:51,440
inside host addresses such as 10 1 on 1 and 10 1 20 to be netted to the same public IP address.

19
00:01:51,450 --> 00:01:58,250
So in this example both PCs are indebted to the same inside global address.

20
00:01:58,260 --> 00:02:00,320
Its not a one to one mapping.

21
00:02:00,360 --> 00:02:06,900
In this example two private IP addresses on Nottage to a single public IP address.

22
00:02:06,900 --> 00:02:09,890
In addition in this example one dog wandered wandered.

23
00:02:09,900 --> 00:02:13,470
One is the router is configured IP address.

24
00:02:13,590 --> 00:02:15,230
That raises another issue.

25
00:02:15,540 --> 00:02:22,650
How does the router to free initiate traffic that's destined to itself versus traffic destined to PC

26
00:02:22,650 --> 00:02:26,350
one versus traffic destined to PC.

27
00:02:26,670 --> 00:02:33,000
So when PC one since traffic onto the Internet to the server and the traffic is returned How does the

28
00:02:33,000 --> 00:02:38,340
router know that that traffic belongs to PC one rather than PC.

29
00:02:38,350 --> 00:02:42,100
Two if the traffic is going to the same IP address.

30
00:02:42,180 --> 00:02:48,090
So in other words how does the router differentiate between different sessions or different flows if

31
00:02:48,090 --> 00:02:54,330
multiple hosts on the inside are talking to the same server on the internet while that's where port

32
00:02:54,390 --> 00:02:56,730
address translation comes in.

33
00:02:56,730 --> 00:03:00,250
In this example multiple hosts are sharing the same IP address.

34
00:03:00,270 --> 00:03:08,790
So the way to make the entries unique is to combine an IP address with a port number to differentiate

35
00:03:08,790 --> 00:03:14,420
between the different sessions or different host devices.

36
00:03:14,820 --> 00:03:21,420
And that's where the port address translation term comes in because multiple hosts are sharing the same

37
00:03:21,420 --> 00:03:22,660
IP address.

38
00:03:22,710 --> 00:03:31,290
The way to get a unique entry in the inside global table is to combine a port and an IP address.

39
00:03:31,290 --> 00:03:38,940
So the combination of port and IP address provides a unique value which allows the router to differentiate

40
00:03:38,940 --> 00:03:40,470
between entries.

41
00:03:40,500 --> 00:03:48,470
So in this example both PC 1 and pc 2 are sharing $1.1 1.1 as they inside global address.

42
00:03:48,510 --> 00:03:55,050
However when host 1 initiate the session to the server it's going to choose a random way femoral port

43
00:03:55,050 --> 00:04:02,310
number to uniquely identify the session on the local PC when the traffic hits the router.

44
00:04:02,310 --> 00:04:09,540
The router will use that chosen source port number to represent the next entry in the table.

45
00:04:09,810 --> 00:04:20,110
So the PC chose 1024 and that's the entry used in the inside global net table entry if PC to initiate

46
00:04:20,120 --> 00:04:21,570
a session to the server.

47
00:04:21,750 --> 00:04:27,510
And let's say for argument's sake it chose ten twenty five as the source port number that's the entry

48
00:04:27,510 --> 00:04:31,710
used on the router to uniquely identify the session.

49
00:04:31,740 --> 00:04:37,350
So when traffic is sent from these PCs to the server and it's returned back to the router from the server

50
00:04:37,830 --> 00:04:43,460
the server is able to differentiate between traffic that's destined to tend not one but one to one.

51
00:04:43,680 --> 00:04:49,590
There's this traffic that's destined to tend at one did wondered too because of the unique IP address

52
00:04:49,620 --> 00:04:51,860
and port number combination.

53
00:04:51,870 --> 00:04:58,170
So what happens if both PCs for whatever reason randomly choose the same source port number.

54
00:04:58,200 --> 00:05:06,610
So let's assume both PC one and PC to chose 10:24 while all the router does is it just changes the entry

55
00:05:06,610 --> 00:05:10,780
in the inside global table to keep the entry unique.

56
00:05:10,780 --> 00:05:18,400
So take one one to chose 10:24 is the port number and the router simply changes that to another port

57
00:05:18,400 --> 00:05:21,520
number to keep the valley's unique in the table.

58
00:05:21,820 --> 00:05:26,560
So in the service sense traffic to the Rodda destined to wondered wondered wondered.

59
00:05:26,560 --> 00:05:29,090
One port number ten twenty five.

60
00:05:29,230 --> 00:05:35,800
The router simply changes the address to 10 that wanted one to two port number 10:24.

61
00:05:36,280 --> 00:05:41,570
So if you are sniffing the traffic on this local area network connection you would see traffic with

62
00:05:41,570 --> 00:05:42,880
the address of 10.

63
00:05:42,880 --> 00:05:43,700
Doug wondered wondered.

64
00:05:43,700 --> 00:05:50,210
One port 10:24 going to the servo with address 1:58 to port 80.

65
00:05:50,210 --> 00:05:57,430
You would also see traffic from PC with IP address change but one would want to port number 10:24 going

66
00:05:57,430 --> 00:05:58,920
to the same server.

67
00:05:59,080 --> 00:06:01,530
To to to to to to to port 80.

68
00:06:01,600 --> 00:06:06,970
However when the traffic hits the router the route is going to change those valleys when the traffic

69
00:06:06,970 --> 00:06:11,160
is noted by the Rodda before sending the traffic onto the Internet.

70
00:06:11,200 --> 00:06:14,130
The radical change to the source addresses.

71
00:06:14,350 --> 00:06:21,490
So if you are sniffing the traffic on the Internet interface you would see traffic from PC one now having

72
00:06:21,880 --> 00:06:29,420
a source IP address of one but wondered one that one port 10:24 destination address remains the same.

73
00:06:29,500 --> 00:06:34,610
We are not changing the outside global and outside local addresses.

74
00:06:34,650 --> 00:06:41,200
You would also see traffic from PC to the source address would now be wondered wondered what one port

75
00:06:41,330 --> 00:06:46,830
10:25 on this interface with the destination set to the server.

76
00:06:47,140 --> 00:06:53,980
So the router has netted both the IP address and in this case it's also changed the port number to keep

77
00:06:54,250 --> 00:06:56,080
the values unique.

78
00:06:56,080 --> 00:07:00,500
The server in this example believes that it's got two sessions from the same host.

79
00:07:00,530 --> 00:07:01,670
One does wonder wonder.

80
00:07:01,680 --> 00:07:09,070
One way is in actual fact they are two separate PCs but the server is unaware of that as it only sees

81
00:07:09,070 --> 00:07:15,100
the nattered IP address when the server returns traffic to the Rodda it's going to return traffic to

82
00:07:15,120 --> 00:07:21,670
wondered wondered what at one port 10:24 source address would now be two door to door to door to port

83
00:07:21,670 --> 00:07:25,000
80 as well as destination address and wondered.

84
00:07:25,000 --> 00:07:25,330
Wondered.

85
00:07:25,330 --> 00:07:25,640
Wondered.

86
00:07:25,630 --> 00:07:26,470
One port.

87
00:07:26,490 --> 00:07:27,680
Ten twenty five.

88
00:07:27,760 --> 00:07:31,420
Source address of two toe to toe to toe to port 80.

89
00:07:31,660 --> 00:07:37,900
The server once again believes that it's talking to the same host but different sessions so same IP

90
00:07:37,900 --> 00:07:40,010
address but different port numbers.

91
00:07:41,310 --> 00:07:49,010
The Radan gnats that increase traffic based on the inside global table so traffic destined to one dog

92
00:07:49,040 --> 00:07:57,900
wanted 1.1 port 10:24 is changed to standard one that one but one port 10:24 and forwarded on to the

93
00:07:57,900 --> 00:08:05,720
local segment traffic destined to wondered wondered why at one port 10:25 these translated to 10 dead

94
00:08:05,750 --> 00:08:11,100
wonder wonder to port 10:24 and forwarded on to the local segment.

95
00:08:11,100 --> 00:08:17,550
The PCs as well as the server are unaware that their traffic has been Nottage.

96
00:08:17,550 --> 00:08:23,370
They are essentially oblivious to the changes that have been made on the router to the IP addresses

97
00:08:23,370 --> 00:08:25,110
and port numbers.

98
00:08:25,200 --> 00:08:31,740
Traffic is rodded correctly PCs are unaware of what's going on and that's essentially how much overloading

99
00:08:32,040 --> 00:08:35,430
or port address translation or Pat works.