00:00:00
in this video I'll talk about Network
00:00:02
address translation how it works and why
00:00:05
we need it but first let's hear a bit of
00:00:08
backstory where do these little baby IP
00:00:10
addresses come from
00:00:12
anyways back in the late' 70s a couple
00:00:15
of clever researchers were thinking
00:00:17
about how long IP addresses should be
00:00:20
why is this important you have to
00:00:22
consider that in every data packet we
00:00:25
have to encode the sender IP and the
00:00:27
receiver IP if we only reserve a few
00:00:30
bits to encode an IP address we can keep
00:00:33
packet sizes small however we'll also
00:00:36
have few IP addresses to hand out to
00:00:38
people if on the other hand we choose to
00:00:41
have lots of bits to encode an IP
00:00:43
address we'll have lots of IP addresses
00:00:46
to hand out but will also have huge
00:00:48
packets which increases the
00:00:50
communication overhead so as you can see
00:00:53
there's a bit of a trade-off going on
00:00:55
here you can either have small packets
00:00:58
or lots of IP addresses
00:01:00
they ended up deciding that they'd go
00:01:02
with 32 bits for an IP address that left
00:01:06
them with roughly 4.2 billion IP
00:01:09
addresses you have to consider that back
00:01:11
then the internet which wasn't even
00:01:13
called the internet back then was just a
00:01:16
toy for academics it was definitely not
00:01:18
meant for regular people like you and me
00:01:21
and that's what's known today as IP
00:01:23
version 4 now hang on a second let's do
00:01:27
a bit of math here we have 4.2 2 billion
00:01:30
IP addresses to hand out but we also
00:01:33
have 7 billion people living on this
00:01:36
planet as of
00:01:37
2012 and also consider that each of
00:01:40
those 7 billion people may want to use
00:01:43
multiple devices to access the internet
00:01:46
so yeah we have a bit of a problem on
00:01:49
our
00:01:50
hands what are we going to do about this
00:01:52
now cuz clearly having only 4.2 billion
00:01:56
machines on the internet is not going to
00:01:57
be an option we have to figure something
00:02:00
out and there is a fix but it's as
00:02:04
you'll see a bit of a workaround let's
00:02:07
keep it at that there is in fact a way
00:02:10
that we can keep using IP version 4 and
00:02:13
get more machines onto the internet
00:02:15
here's a typical home network setup this
00:02:18
is John's laptop this is Jane's laptop
00:02:22
and this is Jane's smartphone they're
00:02:25
all connected to the home router that
00:02:28
home router in its turn is connected to
00:02:30
the internet now when you register with
00:02:33
your ISP you get to use an IP address
00:02:36
that is accessible throughout the
00:02:38
internet and that's assigned to your
00:02:40
home router so in this case we have
00:02:45
12.13.4 15 assigned to the home router
00:02:49
this is a public IP address that
00:02:51
theoretically anyone on the internet can
00:02:53
send packets too our laptops and
00:02:56
smartphone also get their own IP address
00:02:58
but instead of getting one of those 4.2
00:03:01
billion public IP addresses they get a
00:03:05
private IP address that private IP
00:03:08
address is designed to them by the home
00:03:10
router and is not accessible from the
00:03:13
internet now if these IP addresses look
00:03:16
familiar to you that's probably because
00:03:18
they are this is one of two ranges that
00:03:21
are reserved for private networks all
00:03:24
addresses starting with
00:03:27
192.168 are reserved for priv networks
00:03:31
as well as all addresses that start with
00:03:33
number 10 you can use these IP addresses
00:03:37
without having to worry that some random
00:03:39
web server already uses that IP address
00:03:42
they can because it's specifically
00:03:44
reserved for private networks now let's
00:03:47
consider the connection from Jane's
00:03:49
laptop for a second Jane's laptop has an
00:03:52
IP address of
00:03:57
192.168.1.3 here's an example scenario
00:03:59
where Jane's laptop wants to know what
00:04:01
the current weather is in Texas and to
00:04:04
get this information it will try to
00:04:07
contact the server at 4030
00:04:10
do210 to get that information to reach
00:04:14
this web server James's laptop will have
00:04:16
to go through the home router through
00:04:19
the internet and finally then arriving
00:04:21
at the web server first Jane's laptop
00:04:24
has to send out a packet requesting the
00:04:27
information it says what's the the
00:04:29
current temperature in San Antonio Texas
00:04:32
now the message here isn't really
00:04:34
important the web server should know
00:04:36
what to do with that and we won't get
00:04:38
into that right now but what you should
00:04:41
know is that there is a source IP
00:04:44
address here with a source port and a
00:04:47
destination IP address with a
00:04:49
destination port in this case it's Port
00:04:51
80 which is frequently used for HTTP
00:04:55
traffic now let's send this package on
00:04:57
its way shall we
00:05:02
when it arrives at the web server the
00:05:04
web server will process the incoming
00:05:06
request and try to formulate a
00:05:09
reply the reply packet will be addressed
00:05:12
to the sender but in this case because
00:05:15
it was sent from
00:05:18
192.168.1.3 it will not be reachable
00:05:21
because it's a private IP address so
00:05:24
what do we do now let's rewind that tape
00:05:27
for just a second
00:05:31
Jane's laptop sends out a packet
00:05:33
requesting the current temperature in
00:05:35
San Antonio taxes It Gets Sent along to
00:05:38
the home router but instead of sending
00:05:40
it right over the Internet the home
00:05:43
router does something that's a little
00:05:45
bit
00:05:46
sneaky when that packet reemerges you'll
00:05:49
notice that the source IP address has
00:05:51
been changed this is not the only thing
00:05:54
that the home router does in addition it
00:05:57
also creates an entry in the NAT for
00:05:59
forwarding table now we'll talk about
00:06:01
the net forwarding table again in just a
00:06:03
second but for now all you have to
00:06:05
remember is that this thing allows us to
00:06:08
know which packets are to be sent to
00:06:10
Jane's laptop when they come in and
00:06:13
which packets are to be sent to that
00:06:15
smartphone or John's laptop moving right
00:06:18
along the packet travels over the
00:06:20
internet and arrives at the web server
00:06:23
the web server will now create a reply
00:06:26
packet and will notice that the
00:06:27
destination IP address is is no longer
00:06:30
private no instead it's sent to the
00:06:33
public IP address of our home router on
00:06:37
that specific
00:06:42
Port now that our home router has
00:06:45
received the response it's time for
00:06:47
another tiny lie it creates a packet
00:06:51
that looks as if it was addressed from
00:06:53
the web server directly to Jane's laptop
00:06:56
which is not what happened but that's
00:06:59
all Jane laptop needs to know cuz it it
00:07:01
doesn't care about how it got there it
00:07:04
just wants to get the packet and get
00:07:06
this over with but how does it know
00:07:08
where to send that packet it just
00:07:10
received the answer is in the natat
00:07:13
forwarding table we just received that
00:07:16
packet on Port
00:07:18
24604 and that means if we look in our
00:07:21
net forwarding table that we have to
00:07:24
change the IP address on the private
00:07:26
site to
00:07:28
192.168 .13 on that specific Port over
00:07:32
there in the forwarding table Jane's
00:07:35
laptop receives the packet and the rest
00:07:37
is history Jane's laptop doesn't have to
00:07:40
care about any of that Gat stuff the
00:07:43
home router completely handles it for
00:07:45
Jam's laptop and it is completely
00:07:48
transparent so Jam's laptop doesn't have
00:07:50
to worry about public and private IP
00:07:53
addresses no this is something the
00:07:55
router fixes and Jam's laptop doesn't
00:07:58
have to worry about it
00:08:00
of course ideally every computer would
00:08:02
have its own public IP address which is
00:08:04
wir slowly but well actually just slowly
00:08:08
moving over to IP version 6 remember how
00:08:12
IP version 4 had 4.2 billion IP
00:08:15
addresses at its disposal well IP
00:08:18
version 6 has a lot more and I do mean a
00:08:22
lot seriously try noting 34 and Then
00:08:26
followed by 37 zos and that's how much
00:08:30
IPv6 addresses we have approximately
00:08:33
that is a lot if we can give every
00:08:37
computer its own public IP address we
00:08:40
won't be needing Network address
00:08:41
translation anymore this means that
00:08:44
routers can once again focus on their
00:08:46
Core Business which is routing packets
00:08:49
not doing awkward Switcheroo
00:08:51
tricks now I can hear you saying this is
00:08:55
nice and all but why haven't we switched
00:08:57
yet this IP version 4 thing is a mess we
00:09:00
only have 4.2 billion IP addresses and
00:09:03
that is clumsy as hell well it's not
00:09:06
that simple we have a lot of Internet
00:09:09
infrastructure that was built up over
00:09:11
the years and they all work with IP
00:09:13
version 4 so we have laptops desktops
00:09:17
home routers but also stuff on the ISP
00:09:19
side and web servers and they all work
00:09:22
with IP version 4 all these devices need
00:09:26
to have hardware and software that
00:09:29
supports IP version 6 before we can
00:09:32
entirely switch over and that is a huge
00:09:36
task just to give you an idea the IP
00:09:39
version 6 standard was finalized in
00:09:42
December of 1998 and yet here we are 14
00:09:47
years later and we're still running on
00:09:49
IP version 4 you can see how this is one
00:09:52
hell of a task all righty if there's
00:09:55
anything you'd like to see explained
00:09:57
please do let me know in the comments
00:09:59
below
00:09:59
thanks for watching and I'll see you
00:10:01
next time
