Subtitles of the Movie

Another use for a router is a network address translator. And the purpose of network address translation is to save IP Address spaces or, and/or to hide the real IP addresses that are used in a private network, by translating source and destination addresses. So what does all that mean? Well, if I have got my private networking addressing scheme all set up, I don't necessarily want the whole world to know what it is, because that would make it that much easier for somebody to try to spoof an IP Address. In other words, appear that they are supposed to be there, that their device is supposed to be there. But, actually they are not, actually what they are is a security risk to me. So, what I want to do is hide my real IP Addresses, so that when my real IP Addresses are needing to use the Internet, they are actually translated to another IP Address, and presented as another IP Address outside globally. So network address translation happens when the router for example takes an address of 10.10.10.10 and translates it to 1.1.1.1 before it goes out. And then when it comes back, it translates it back from 1.1.1.1 to 10.10.10.10 and delivers it to the correct host. When it is a one-to-one mapping like that, that is just plain old network address translation. Now, we can take this one step further; with port address translation, we will further save address spaces because we really only need to map one public IP address, and we can map it to as many private IP addresses as we want. So, for example, an organization could register one public IP Address, but every single computer in their organization could have Internet access. And every single computer in their organization would then be translated to the router's public IP Address, the outside interface. So the private addresses would be translated to the public address before they are sent out. Well, if it is all being translated back to one number, then how does the system keep up with it? Well, what the router does, is it keeps up with a port number. It assigns each device that it translates a particular port number, and then when it sees that packet come back and its destined to back to that port number, then it knows exactly where to send it. So this isn't just network address translation, this is called port address translation. So, when we set up a router for network address translation or for port address translation, basically what we are doing is, we are saying - Look, these inside interfaces - or actually we are identifying them. These are the inside interfaces of this router, these are going to be the outside interfaces, then we are identifying the traffic that it's going to be translated, we will discuss access lists later on. And then we identify a pool of numbers that we are going to use for translation, and then we just sort of marry all of it together. When we do, then we should be able to see the results; we should be able to ping from the inside, and we should be able to, using a debugging program, be able to see if the network address translation is actually happening. For example, if I were to take a look at my router A, you can see that I am actually translating from 10.140.1.1, the inside local, going out to my inside global address of 1.1.1.1. In other words, I am going through, I have used router A as a network address translator. And I am not really going out to the Internet in this case, I am just going through this router. But when it goes through this router, it gets translated. So what I did is, I pinged 10.3.3.3, which was one of those networks that, remember I couldn't even see, unless we were using RIP. So this was not a directly connected network. And when I pinged 10.3.3.3, the IP Address went out initially as 10.140.1.1 and was translated to 1.1.1.1. And then you just see that over and over again, because the debugging program was telling me that. So basically it is just telling me - Yes, your network address translation is actually working. So, network address translation is something that we can set up on a router, don't necessarily need to know all of the intricacies of setting up network address translation for 640-607. On later lessons, we will take a look at exactly how I set all that up. The main thing that I would know is the difference between network address translation and port address translation, for example. And know that network address translation saves IP Addresses. Port address translation saves even more IP Addresses. In our next chapter, we will discuss a tool that allows us to identify devices and their capabilities in a CISCO Network. It's called a CDP Protocol and that's next. .0] In our next chapter, we will discuss a tool that allows us to identify devices and their capabilities in a CISCO Network. It's called a CDP Protocol and that's next.