Hi, this is your host Habib and now that we have progressed and covered the basis of the communication models, the OSI model to the TCP IP model and the range of the IP addresses of the internet we have also discussed the RFC 1918 addresses that are non routable. And if you recall those addresses were, were provided by Ayana to for private use by anyone. We're going to move on to our topic of Nat and from this topic and onwards we will be doing real practical labs from here or simulations as you can say, and by giving you my own work experience about Nat Nat means IP addresses are translated to outside IP addresses once the private source IP address leaves the outside interface of your CE router. Now in most of the organizations as I mentioned, they have basically internet access as you know, they could have another link to the outside world using their Wang connection.

But internet is basically the most important access that any organization requires. The diagram here in front of you is a typical network diagram. And the middle router is usually the CE router. And there would be another router which is the PE router that belongs to the ISP. If you look at your network closely, you will notice that and within your si router What they did is they usually give you an IP Nat outside IP address, which is a public IP address. That could be a block of eight IP addresses given to your organization with eight public addresses.

Sometimes it's two sometimes it's one depends on what you can afford right? What your organization can afford. The IP Nat inside link is basically the IP address is yours. Basically, you provide that IP address and it's this link basically the internal link is called the transient link. Sometimes this ca router could be just your firewall, right? could be any firewall Juniper, aasa.

14 Net. So great. Now what what are the types of Nat Nat number one is this tactic That which is still in USD, I have seen it myself. And I have actually done configurations for static Nat I used to work for a manufacturing organization. And we had 5000 square feet manufacturing facility with a lot of machinery. And we used to have a lot of companies vendors coming in and providing us with some of their servers that they would connect to our network.

And some of these vendors would like to basically sometimes monitor the servers from the internet from anywhere in the world. And that's where static Nat comes in. The static Nat also serves as security for your network. You do not want to provide your internal IP address to those vendors. And you don't want them to know what sort of IP range internal you're using, as that should be covered part of your security policy. But however, you can give them your public IP address, right?

So that's when static Nat comes in this configuration is very important. I wish myself if when I was doing my, my CCNA, somebody has told me about their own experience, but nobody has mentioned to me and I kept on thinking when I will use static Nat, right. So it's still in USD, I would like to be very comfortable in configuring static Nat by using the lab exercise, the simulation that we will be doing after this lesson. The second type of Nat is the dynamic Nat which is also known as not full Dynamic Nat is a one to one mapping similar to the static Nat. But dynamic Nat is a NAT pool. So I don't think it's any more feasible for organizations to buy a pool of public IP addresses for form for their environment.

I mean, if you have even 10 servers, I mean, it's really not feasible that you pay monthly for 10 IP addresses that would be routable to the internet. So nobody I have not seen anybody doing dynamic Nat or not pool anymore. Okay. The third, the third and the most famous Nat is the NAT overload or the path which is the port address translation. It means many IP addresses to to single outside IP P address. That means if you have an environment of 1000 users and they're all accessing the internet, you will notice all their IP address from outside will look as if it's a single IP.

And that's when that comes in. Basically, what it does is it's conserving the use of public IP addresses. And it's basically using TCP to translate the traffic of the web traffic or any traffic, but it keeps only one single IP address. So if you are in an organization and you are accessing your, your, the Internet, and if you do what's my IP, for example, Google will tell you your IP address and that will be basically your public IP address. And if you go check with another user who's in the same same desk or same network As you are in, he will be probably getting the same public IP address. But the difference is when you access the internet you are using different port than he is using, because that's handled by Nat and it keeps the sessions for each user separately.

So I hope this topic was informative and I hope you can join me in our practical lab scenario that we will be implementing I will, I will do it step by step from designing this topology giving the IP addresses to to the servers and I'm showing you how the configuration is done. Thank you very much.