you SUCK at password security so PLEASE get a password manager like Dashlane: ntck.co/dashlane50 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy In this next episode of NetworkChuck’s you SUCK at Subnetting course, we dive a bit deeper into how RFC1918 and NAT saved the internet from crumbling due to IP address exhaustion. So don’t miss out as Chuck goes into detail about RFC1918, NAT, and you guessed it…. More Subnetting! Are you ready to get serious about your CCNA? --------------------------------------------------- ►CCNA Courseware: ntck.co/bscw (Boson) (Affiliate) ►CCNA Lab: ntck.co/bccna (Boson NetSim) (affiliate) ►CCNA Practice Exam: ntck.co/bnexccna (Boson ExSim) (affiliate) ►CCNP Lab: ntck.co/bsenns (Boson NetSim) (affiliate) ►CCNP Practice Exam: ntck.co/bsenex (Boson ExSim) (affiliate) 0:00 ⏩ Intro 0:35 ⏩ your passwords suck too 2:48 ⏩ The internet Band-Aid 6:02 ⏩ The even bigger solution, NAT 10:58 ⏩ IPv4 + 2 12:54 ⏩ Outro 14:01 ⏩ Are you working on your CCNA??
Jokes on you, ONLY selfhosted vaultwarden/bitwarden or offline keepassxc is the best, Just like selfhosting your files or storing them on a flash drive is better then storing them on someone's computer (cloud). Edit: added a bit more stuff
The quality of your free certificates or minimum cost’s is great and all. A lot of what your talking about i got thru a local community college degree #CIT Want to really unlock your mind is understanding the other side. #ocwmit on RUclips. Labs are not free, the books are not free. But the actual classes are. You come full circle. Sponsored by #mit #Harvard
In case anyone is wondering why we skipped IPv5: Because, while it did have significant improvements over IPv4, it still used the 32 bit addresses (the 4 octets) that IPv4 used. It was a thing but never became a widely adopted standard. You can thank IPv5 for a few things, such as VoIP, though!
Jumping into tech as 32 yr old single mom with a special needs child, who works full time, . I'm gearing up to get IT certs and this channel is coming in CLUTCH!! You explain when, how, why, where, how much- SO WELL. The visuals, everything.I can't thank you enough!!!!!!!!
Fun Fact: there was a period early in the life of the telephone where it WAS common for people to share phone numbers. It was called party line service and basically meant everyone in the building or on the block shared the same wire to the telephone exchange (as a cost cutting measure) so when a call came in, every phone on the line would ring and anyone who picked up could hear whoever was talking, and unless and until they hung up, nobody else could use it to call out. Needless to say it was a hotbed of neighborly snooping & gossip and people actually went to jail for hogging the line and refusing to hang up when others were trying to call emergency services.
We had party lines all over my area until the late 1990s. They had special phones (which you had to rent from the phone company) which only rang for your number, so you didn’t have to memorize your ring pattern like the old days, but all the rest of the problems remained. When you picked up the phone to make a call you might find it in use by your neighbor so you had to wait and try later. If someone talked a long time, it could challenge your patience. At least nobody was crazy enough to try getting on the internet with a dialup modem! Also, most exchanges in my area had local calling only within the exchange, so basically if you wanted to call the next town it was a long distance call, and billed by the minute. This was extra inconvenient on a party line because when you dialed another exchange, you had to wait for the operator to come on the line and ask you your phone number so they could bill the call to you. You could give them the number of one of your neighbors on the same line and they would bill your neighbor instead. Oh, and the operator said “Number please” so often than he was always hoarse and you could hardly understand him.
if the password manager is true to their word being encrypted as much as they are than it isn't a concern.. I been using Dashlane for years ..I am majoring in Computer Science I am very well-versed in Tech .... and a good password manager is encrypted ..Dashlane uses AES-256 encryption on the device.. believe me no one is hacking that for a very long time...The military uses this standard lmao....if you forgot your master password your not going to even be able to recover your passwords.. the weakness would be the master password.. only way to hack that is through social engineering. That is why it is good to use a large easily remembered but hard to guess password.. (EFF Dice-Generated Passphrases) 6-9 words is super hard to crack...Diceware & Passwords - Computerphile
@@Farreach That’s why use password safes that use biometrics. There are 3 cornerstones to encryption, something you know (password), something you are (fingerprint), something you have (keycard). Using all three makes unauthorized access difficult.
Your videos are seriously helping me with my IT studies in school right now. Classes and textbooks are great, but your visual aids are the cherry on top. Thank you for another great video!
Network Engineer here - I've learned more from RUclips than any school or book. Some people just learn easier with visuals and audio. RUclips makes learning easy.
Another solution some ISPs implemented to their network with the exhaustion of IPv4 addresses is Carrier-Grade NAT (CGNAT), where 1 Public IP is shared across multiple subscribers. Basically, it's like having another layer of NAT from your ISP and it works but there are a lot of downsides like you can't host stuff (since it's blocked from your ISP) without some clever tricks like reverse proxy (or something similar to the "Don't call me, I'll call you" analogy).
Don't forget the problem of getting your true public ipv4 address blocked by a website/service if someone else sharing that public address got themselves blocked. Or that (without ipv6 or ipv6 support) a good chunk of online multiplayer games won't matchmake properly under CGNAT. The faster everyone (ISPs AND websites/services) adopts ipv6, the better.
@@Skyline_NTR true that! Since CGNAT has a very strict firewall rule by design, you may find it difficult to host your multiplayer games. You can connect to someone but you can't host on your own without some help at least.
People being able to have the same IP address and the server still knowing which device to route the packet to was one of the biggest mysteries to me... Thanks Chuck... Love all your videos.
Chuck, I have read multiple articles and watched multiple videos regarding subnetting and it was confusing as hell. This series has made it so simple. I like how you mix in humor, and I get all the nerdy references :) Thank you so much!
Additionally, IPv6 won’t have a subnet mask displayed, but rather a CIDR, which is a shortcut way of telling you the subnet mask. It’ll usually be /64 meaning you can use 64 of the 128 bits that chuck was mentioning.
@@James_Knott that is true, but typically when configuring stuff like IPv4 addresses and routes, you’ll always be using the subnet mask alongside with the IP. An IPv4 CIDR just makes things easier to view what’s going on with it (imo). I might be still used to old devices however. If you have examples of newer devices being configured with CIDRs vs subnet masks, let me know!
@@400EMP I just took a look at my Ubiquiti Unifi access point. It has an address and netmask, where the netmask is 24. I have seen other gear that uses CIDR and not traditional mask. Another example is my computer. I run Linux and in the subnet mask box is /24. Yes, you have to know both forms and how to convert between them, but the old style mask is disappearing.
@@James_Knott that’s cool to know! Thanks for letting me know. Probably for the best. I much prefer the CIDR. The subnet mask is unnecessary. All you really need to know is what bits are network and what are host, compare the CIDR number out of 32, and there ya go! CIDR is much more helpful and subnet masks make the process of subnetting even more complicated than it should be.
@@400EMP I learned both ways, when I took a TCP/IP course at a local college in 1995. Shortly after I read about IPv6 in the April 1995 issue of Byte magazine.
I work at a major Defense Contractor, and we just so happen to be reclaiming multiple /8s /11s and a bunch of /16s so that we can sell them back. you'd be amazed how many public IPs were being privately routed.
Given that the reseller market is about US$51 per IP and can only be sold in /24s or larger that's a good chunk of change to be leaving on the table. The cost will be pushed to customers is all that will happen. It actually helps incumbent providers maintain their position as a new entrant can't fight for more lucrative business contracts on even footing as most businesses will rather stick to IPv4 than invest in IPv6. I still find windows XP machines and the mantra "if it ain't broke don't fix it", I just document accordingly and wait for the impending security breach.
Chuck! I just passed my ccna!! Starter studying mid March. I took it couple hours ago online and passed it. I did a lot of reaeach for the material and study every morning from 3am til 7am prior work. It paid out. Thank you for the material you've provided.
Basically NAT is just a table that has two rows. First row is an ip from your local private network ie. what device made the request and second row is the ip of the target device ie. what website you went to. Whenever packet goes through, NAT rewrites the source with routers public IP and records the request in NAT table, when the response comes from the target the table is used to determine who made the request ie request is translated back to private IP. This is a very simple explanation there are a lot of nuances ie. what happens when two devices make a request to same website etc.
Dude, thank you so much for these vids. Going to college for Cyber and Data Security and for some reason they put us through the Cybersecurity coursework before the networking courses. These vids are helping fill the gaps
You are genuinely the best IT teacher I've ever had. Love how you make everything clear in a fun and engaging way, can't stop watching your videos! Hail Oprah 👑
The private IP range had been used informally much longer. It was essentially part of the range that people squatted on by convention. RFC just made it official
You've bridged the gaps in my knowledge about networking and how IP addresses work, and explained what NAT is in a router. Thank you very much! I always love finding new creators that help me learn new things like this. Definitely worth liking and subscribing to your channel. Again, you're a champion! :)
Network Chunk... This series is awesome... I have been trying to look for simple video like this so that I can show my family (who are not very tech savvy) the basic of computer networking and this is perfect. I will not be able to explain it as well as you do... Now all I have to do is ask them to watch your video hahaha awesome!!! 😎
I have learned more about IP Addresses from watching 30 minutes of your channel than I have from years of messing with (and troubleshooting) devices at home.
On the other hand, NAT has enabled people to drag their heels and delay IPv6 adoption by 25+ years. No joke - a literal quarter of a century and counting.
IPv6 at first was daunting to setup in pfSense but once I have it working it's actually pretty slick. I only allow IPv6 SSH into one of my Linodes VMs since script kiddies are using IPv4 to find open ports. Since IPv6 address space is so huge it's almost impossible to find a server with open ports in short period of time.
Thank you so much. I have no idea why nobody seems to be able to answer the simple question "Why do all routers have the same IP address?" Your answer for this was so freaking simple and made so much sense. In all my searching to that question I don't think anyone made a distinction between a public and private IP. Thank you thank you, I was so mystified. lol
Fantastic video series, I've passed the link on to my team to help with their understanding of IP addressing and subnets as you present it so well and in such an understandable manner - thanks! (I've work in IT for over 30 years and dealt with networking for almost 20 and I learned things too!)
This just proves my point. Its not always the student, its 90% of the time the teacher. Ive struggled in the Danish education system for 17+ years, i always thought man i must be a real pr*ck loser. Then i find someone like network Chuck and things ive struggled to understand, coming from other teachers, is suddenly both fun and easy to understand! You're a great Teacher, thank you for making this stuff fun and igniting my thirst yet again!
11:16 "I'm afraid we might make the same mistakes." *We didn't, I assure you:* If added one more BIT to the IPv4 address, it would have DOUBLED in size. If added one more BYTE to the IPv4 address, it would have expanded by 256 times in size. IPv6 added 12 bytes! Each byte multiplies it to 256x larger than the previous byte. Do you know what that means??? We could give every grain of sand on the entire surface of Earth an IPv6 address. But wait, there's more: We could give every grain of sand within Earth an IPv6 address. But wait, there's more: We have enough left over to give every grain of sand to each of the 8 planets in the solar system an IPv6 address. But wait, there's more: We have enough left over to give every grain of sand to 8 planets for every star in the Milky Way Galaxy an IPv6 address. But wait, there's more: We have enough left over to give every grain of sand to 8 planets for every star in the Milky Way Galaxy *AND* Andromeda Galaxy an IPv6 address. But wait, there's more: We have enough left over to give every grain of sand to 8 planets per star in *56 MILLION GALAXIES* an IPv6 address. 3.4 * 10^38 is a massive, massive number: 3,400,000,000,000,000,000,000,000,000,000 addresses. That is 48,570,000,000,000,000,000,000,000,000 addresses for every human alive today. We did not make the same mistake this time.
3:22 It was one of the band aids, the others being shared hosting where multiple domain names can share the same IP ("Name based Virtual Host"), and the other being carrior grade NAT.
Thank you for making Networking easy to understand. My networking class this month was kicking my butt because I just couldn't understand I GET IT NOW :) !!
We will never run out of ipv6 addresses. The number is so astronomically large, that astronomy itself seems small. You could address every single atom in the observabale universe and still have a stupid amount of IPs leftover
Yes, maybe... but i have currently 1 /64 IPv6 Adress-Space and 1 /56 IPv6 Space at my disposal... One at my vServer thats running a single instance of a website-service and one at home. Why? I dont know. I dont an ip adress for literally any Atom in my flat.
Pretty sure the number of atoms in the observable universe (~1e82) is much higher than the number of IPv6 addresses (3.4e38). You could, however, map every atom in a human body (~7e27) and still have a lot left.
@@Lewisking50 What i wanted to express was likely something like "Lets just not make the same mistakes, please. even if we have that much of adresses for everyone. nobody needs a billion of adresses. Really. a couple of 1000 for a family, okay. a couple of 100000 for a midsized, familyowned company. Also okay, but literally more than for any atom in their flat?"
11:37 for scale, the IPv6 address space is so big that each address in the IPv4 address space could be assigned a whole another IPv4 address space (so basically the whole pre-NAT internet) to it and that whole network would still fit inside the IPv6 address space.
Your an excellent teacher..I'm a beginner..green as could be..but I was learning IPs cause my wifi got hacked .but I wasn't sure how to tell if some of my Wifi IPs were not of Spectrum ..but thanks this ..hels alot ..ur entertaining and u keep my attention
Lol the music from toilet scene is 2010 polish meme-song that translates to "after eating your delicous soup, I don't move my ass off the toilet, this soup was with milk, i'm allegric to milk"
Love the video man, keep them coming. I’m new to the whole IT world currently studying for the A+ Core 2. I’m kind of like I should of started CCNA altogether 🙈. Love the content very helpful. Much love from Cork Ireland
3:53 Actually it doesn't need to be - and often isn't - unique nowadays. That's due to having not a public IPv4 address, but rather a public IPv6 DS-Lite enabled address. DS-Lite uses one or multiple servers of the ISP to tunnel an IPv4 connection to your IPv6 address. Your public IPv4 address in that case is the address of the server that tunnels the connection to your IPv6 address. That IPv4 address is shared across multiple clients, hence it sucks if someone else gets that IP banned. A second example are mobile networks, where my device with a SIM card is given a public IPv4 pool address the moment it connects to the cell tower and goes online. Some time after the device disconnects the public IPv4 address will go back into the pool and eventually another device will get that address assigned. Neat to know when using an LTE router or a LTE USB stick. Again, it sucks if your address got blocked because of a previous user. 4:08 To top it off: You actually can have the same cell phone number on multiple devices with limitations. Most contracts have the option to get another SIM card for the same contract for a small monthly extra fee. You can call, send SMS/MMS and use mobile data on both SIM cards, while you can receive calls or SMS/MMS only on the primary SIM card (which you can set via a code or an app). I've got the primary SIM in my phone and the secondary SIM inside a portable LTE router.
NAT is so amazing lets do it twice!!! Said no one ever... All NAT did was kick the can down the road, like a politician... Sorry Chuck, but NAT is a band-aid, its great what the technical guys managed to figure out to keep things running but even from a security perspective any stateful firewall can provide the same security NAT provides.
A nit, the original RFC I saw was 1994. I started experimenting with NATs in late 1994 before I made them the standard for home networking when I was at Microsoft. They were meant to be temporary till IPv6 but that's a longer story.
"Although I'm scared that we will make the same mistakes" Proceeds to say that there are 2^128 combinations (3,402,837,000,000,000,000,000,000,000,000,000,000,0 combinations)... At that point, our mistakes matter very little.
what's crazy is IPv6 has 79 octillion times as many addresses as IPv4. That's about 4.29 Billion times 79,162,418,842,315,673,828,125,000,000! I know it's just trivial math but it's still blowing my mind.
Awesome video. One question I have, and hopefully it’ll be addressed on a later video, is: how does your router keep track of data coming into your private IP and then route it to the appropriate device / private IP / MAC address? If you’re logged into RUclips for your channel, your daughter is playing a game (Minecraft, Roblox, whatever), and your wife is shopping on Amazon, how does the router keep all the incoming data packets going to the appropriate place?
This is something that won't fit into subnetting but it is dealt with in his CCNA-course I believe. The OSI-model comes in to play but also random temporary port forwarding which can be used for the data to come back in which is handled by NAT. It's quite technical but very interesting! His (unfortunately incomplete) CCNA-course literally taught me more about networking than I had taught myself in the last couple of years.
I just came from the future of the year 2456, in the end, we still created IPv32 a combination of everything you see on your keyboard and more alphanumeric characters that aren't created yet in this timeline. Live long and Prosper!
Hello Chuck.. Iam a big fan.. But in this video you forgot to hide the default gateway while ipconfig 😉 CCNA guy watching you here 😉 Keep going.. Very nice content like usual.. And we appreciate if you can explain the Wi-Fi 6 in another video please. Big respect from all IT to you from UK
12:15 Yes I get a public IPv6 and public IPv4 address on my cell phone. Like I said one cell phone access point can divide the Class A private network into over 4 million networks allowing over 4 million phones to use the same public IPv4 address. That is one of the reasons IPv4 STILL works.
I’m just glad I’m not the guy in the year 2524 learning about IPv4 AND IPv6 as limited technology. Then having to learn how IPv24 works (we skipped 7-23 bc you know)
Just a regular internet user here. I figured out a long time ago that private ip address exists, I just didn't know that's what they're called. It's intranet and internet for me. All my devices would be on an intranet, and the router is the one that talks to the internet. And I assumed internet still knew all our ipv6 addresses, which I'm probably wrong about. And I assumed same thing was going on with phones. All our phones have a private IP address, they connect to the tower. Then tower sends out the same with its public IP address. And I assumed wifi devices get 192.168.1.X because there are less devices. And cellphones get more complicated addresses because more devices connect to a single tower...
What the hell is a toilet IP address? Does an alarm go off when you forget to place the seat a certain subjectively preferable way; or when you place the tp front facing; does it alert the wife when you're in there too long; or God forbid you forgot to flush! How does it malfunction? If you breach some t&cs of the toilet partition protocol; would it just straight up explode and expose all your darkest secrets on the the 255 IP address. Scary stuff Chuck!
Aaaaaackshually we didn't skip v5. IPv5 was dropped before it could go public because it used IPv4's address space. IPv5 lives on as VoIP, a concept rather than a protocol of its own.
the loopback subnet is so large, because the original implementation of the IP protocol wasn't masked. The network ID was determined by the first bits of the IP.
Should give us a video on how to set up a 100% home server rack with NAS and wifi management with everything. In one rack how to configure and manage all that.
Just an ad-on. Going from 2^32 to 2^128 is huge. Every number you had 32 33 34 ect. Means you double the raw amound of ip adresses. So going to 128. Is mega. You double it 98 times.
Not really though, since most subnets to users will be /64. Don't worry, there's still plenty to go around. /64 is still more than enough. And hey, if we ever do run out of that, then we can recover a single /48, properly manage it, and be good forever again.
A minor correction: RFC 1918 (Feb 1996) didn't allocate the private IP address ranges, they were actually allocated with RFC 1597 (Mar 1994). NAT was defined with RFC 1631 (May 1994).
Egevang here. You are right. I made a bug in the checksum code in RFC 1597. The bug is fixed in RFC 1631. At that time everybody expected NAT to go away when IPng (IPv6 was not defined yet) was deployed. And here we are in 2022 still discussing NAT and incremental checksum update.
dude you misspelled dashlane in the start of your video lol i love all your videos you give me such motivation although the coffee keeps me up but ill leave you to it
So basically NAT solved the IP problem the same way I solved my 6144 channel limit problem with Applied Energistics in Minecraft, and split it up with sub-networking. The thing I love about it though is it's basically infinite. Each 255 subnetworks can have 255 subnetworks which can have 255 subnetworks which can have 255 subnetworks and oh look one network is back to the starting number, just need enough nodes is all. XD
![FORTNITE CLASSICS IS BACK! Fortnite Item Shop [November 15th, 2024] (Fortnite Chapter 5)](http://i.ytimg.com/vi/RbQURbeFwqs/mqdefault.jpg)
you SUCK at password security so PLEASE get a password manager like Dashlane: ntck.co/dashlane50
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
In this next episode of NetworkChuck’s you SUCK at Subnetting course, we dive a bit deeper into how RFC1918 and NAT saved the internet from crumbling due to IP address exhaustion. So don’t miss out as Chuck goes into detail about RFC1918, NAT, and you guessed it…. More Subnetting!
Are you ready to get serious about your CCNA?
---------------------------------------------------
►CCNA Courseware: ntck.co/bscw (Boson) (Affiliate)
►CCNA Lab: ntck.co/bccna (Boson NetSim) (affiliate)
►CCNA Practice Exam: ntck.co/bnexccna (Boson ExSim) (affiliate)
►CCNP Lab: ntck.co/bsenns (Boson NetSim) (affiliate)
►CCNP Practice Exam: ntck.co/bsenex (Boson ExSim) (affiliate)
0:00 ⏩ Intro
0:35 ⏩ your passwords suck too
2:48 ⏩ The internet Band-Aid
6:02 ⏩ The even bigger solution, NAT
10:58 ⏩ IPv4 + 2
12:54 ⏩ Outro
14:01 ⏩ Are you working on your CCNA??
I actually had my Google compromised one time but I have dashlane now.
Jokes on you, ONLY selfhosted vaultwarden/bitwarden or offline keepassxc is the best, Just like selfhosting your files or storing them on a flash drive is better then storing them on someone's computer (cloud).
Edit: added a bit more stuff
Chuckk when are you finishing the free ccna coursee
Your Dashlane graphic at 0:57 actually says DAHSLANE... uh... oops
The quality of your free certificates or minimum cost’s is great and all. A lot of what your talking about i got thru a local community college degree #CIT Want to really unlock your mind is understanding the other side. #ocwmit on RUclips. Labs are not free, the books are not free. But the actual classes are. You come full circle. Sponsored by #mit #Harvard
In case anyone is wondering why we skipped IPv5: Because, while it did have significant improvements over IPv4, it still used the 32 bit addresses (the 4 octets) that IPv4 used. It was a thing but never became a widely adopted standard. You can thank IPv5 for a few things, such as VoIP, though!
thanks
Wow. Really appreciate for sharing this. I get to know about something interesting. Thanks to your comments ✨♥️
Jumping into tech as 32 yr old single mom with a special needs child, who works full time, . I'm gearing up to get IT certs and this channel is coming in CLUTCH!! You explain when, how, why, where, how much- SO WELL. The visuals, everything.I can't thank you enough!!!!!!!!
Fun Fact: there was a period early in the life of the telephone where it WAS common for people to share phone numbers. It was called party line service and basically meant everyone in the building or on the block shared the same wire to the telephone exchange (as a cost cutting measure) so when a call came in, every phone on the line would ring and anyone who picked up could hear whoever was talking, and unless and until they hung up, nobody else could use it to call out. Needless to say it was a hotbed of neighborly snooping & gossip and people actually went to jail for hogging the line and refusing to hang up when others were trying to call emergency services.
yes, I remember it. Damnnnnnn
We had party lines all over my area until the late 1990s. They had special phones (which you had to rent from the phone company) which only rang for your number, so you didn’t have to memorize your ring pattern like the old days, but all the rest of the problems remained. When you picked up the phone to make a call you might find it in use by your neighbor so you had to wait and try later. If someone talked a long time, it could challenge your patience. At least nobody was crazy enough to try getting on the internet with a dialup modem! Also, most exchanges in my area had local calling only within the exchange, so basically if you wanted to call the next town it was a long distance call, and billed by the minute. This was extra inconvenient on a party line because when you dialed another exchange, you had to wait for the operator to come on the line and ask you your phone number so they could bill the call to you. You could give them the number of one of your neighbors on the same line and they would bill your neighbor instead. Oh, and the operator said “Number please” so often than he was always hoarse and you could hardly understand him.
Fun fact: Storing your password and your 2FA in the same service is a great way to turn your 2FA into a 1FA
Just buy the stinkin SAAS!
or into a 0FA... hack the password manager and goodbye your passwords...
if the password manager is true to their word being encrypted as much as they are than it isn't a concern.. I been using Dashlane for years ..I am majoring in Computer Science I am very well-versed in Tech .... and a good password manager is encrypted ..Dashlane uses AES-256 encryption on the device.. believe me no one is hacking that for a very long time...The military uses this standard lmao....if you forgot your master password your not going to even be able to recover your passwords.. the weakness would be the master password.. only way to hack that is through social engineering. That is why it is good to use a large easily remembered but hard to guess password.. (EFF Dice-Generated Passphrases) 6-9 words is super hard to crack...Diceware & Passwords - Computerphile
@@Farreach That’s why use password safes that use biometrics.
There are 3 cornerstones to encryption, something you know (password), something you are (fingerprint), something you have (keycard). Using all three makes unauthorized access difficult.
Can’t hack a notepad 📝
Your videos are seriously helping me with my IT studies in school right now. Classes and textbooks are great, but your visual aids are the cherry on top. Thank you for another great video!
Network Engineer here - I've learned more from RUclips than any school or book. Some people just learn easier with visuals and audio. RUclips makes learning easy.
Hey,so you can be my teacher then🤗
Another solution some ISPs implemented to their network with the exhaustion of IPv4 addresses is Carrier-Grade NAT (CGNAT), where 1 Public IP is shared across multiple subscribers. Basically, it's like having another layer of NAT from your ISP and it works but there are a lot of downsides like you can't host stuff (since it's blocked from your ISP) without some clever tricks like reverse proxy (or something similar to the "Don't call me, I'll call you" analogy).
Don't forget the problem of getting your true public ipv4 address blocked by a website/service if someone else sharing that public address got themselves blocked. Or that (without ipv6 or ipv6 support) a good chunk of online multiplayer games won't matchmake properly under CGNAT.
The faster everyone (ISPs AND websites/services) adopts ipv6, the better.
@@Skyline_NTR true that! Since CGNAT has a very strict firewall rule by design, you may find it difficult to host your multiplayer games. You can connect to someone but you can't host on your own without some help at least.
Cgnat is hell with pfsense or any other load balancer
Dynamic VS Static public IP addresses, free the former, paid for the latter. That's what we got.
Exactly, I thought he was going to cover that in this video
People being able to have the same IP address and the server still knowing which device to route the packet to was one of the biggest mysteries to me... Thanks Chuck... Love all your videos.
i guess mac address ?
@@Artropos They're in a different network. Their IP is relative to their network.
Chuck, I have read multiple articles and watched multiple videos regarding subnetting and it was confusing as hell. This series has made it so simple. I like how you mix in humor, and I get all the nerdy references :)
Thank you so much!
Have you seen what PinkPanda and its CEO Adam are up to?
Yeah. Lots going on. I like the Loot connection.
It’s last medium post is so bullish! Can’t wait to grow bamboo.
Additionally, IPv6 won’t have a subnet mask displayed, but rather a CIDR, which is a shortcut way of telling you the subnet mask. It’ll usually be /64 meaning you can use 64 of the 128 bits that chuck was mentioning.
IPv4 also moved to CIDR many years ago.
@@James_Knott that is true, but typically when configuring stuff like IPv4 addresses and routes, you’ll always be using the subnet mask alongside with the IP. An IPv4 CIDR just makes things easier to view what’s going on with it (imo).
I might be still used to old devices however. If you have examples of newer devices being configured with CIDRs vs subnet masks, let me know!
@@400EMP I just took a look at my Ubiquiti Unifi access point. It has an address and netmask, where the netmask is 24. I have seen other gear that uses CIDR and not traditional mask. Another example is my computer. I run Linux and in the subnet mask box is /24. Yes, you have to know both forms and how to convert between them, but the old style mask is disappearing.
@@James_Knott that’s cool to know! Thanks for letting me know. Probably for the best. I much prefer the CIDR. The subnet mask is unnecessary. All you really need to know is what bits are network and what are host, compare the CIDR number out of 32, and there ya go! CIDR is much more helpful and subnet masks make the process of subnetting even more complicated than it should be.
@@400EMP I learned both ways, when I took a TCP/IP course at a local college in 1995. Shortly after I read about IPv6 in the April 1995 issue of Byte magazine.
I work at a major Defense Contractor, and we just so happen to be reclaiming multiple /8s /11s and a bunch of /16s so that we can sell them back. you'd be amazed how many public IPs were being privately routed.
Given that the reseller market is about US$51 per IP and can only be sold in /24s or larger that's a good chunk of change to be leaving on the table.
The cost will be pushed to customers is all that will happen. It actually helps incumbent providers maintain their position as a new entrant can't fight for more lucrative business contracts on even footing as most businesses will rather stick to IPv4 than invest in IPv6. I still find windows XP machines and the mantra "if it ain't broke don't fix it", I just document accordingly and wait for the impending security breach.
Chuck! I just passed my ccna!!
Starter studying mid March. I took it couple hours ago online and passed it. I did a lot of reaeach for the material and study every morning from 3am til 7am prior work. It paid out. Thank you for the material you've provided.
Good job. Now study up and get your Amateur Extra Class radio license and network through the air.
well done
Over 200 devices... it would be interesting to see chuck do an nmap of his private network (redacting any information he can't share obviously)
It's not so hard to reach 200 in a smart home where everything is connected. If everything follow wifi standard
I watched back at some of your videos from 3-4 years ago, and man, have your production skills improved tremendously. You are a god.
Basically NAT is just a table that has two rows. First row is an ip from your local private network ie. what device made the request and second row is the ip of the target device ie. what website you went to. Whenever packet goes through, NAT rewrites the source with routers public IP and records the request in NAT table, when the response comes from the target the table is used to determine who made the request ie request is translated back to private IP. This is a very simple explanation there are a lot of nuances ie. what happens when two devices make a request to same website etc.
I like these series Chuck! Keep them coming! Also interested in your opinion about IPv6 :)
Dude, thank you so much for these vids. Going to college for Cyber and Data Security and for some reason they put us through the Cybersecurity coursework before the networking courses. These vids are helping fill the gaps
You are genuinely the best IT teacher I've ever had. Love how you make everything clear in a fun and engaging way, can't stop watching your videos! Hail Oprah 👑
The private IP range had been used informally much longer. It was essentially part of the range that people squatted on by convention. RFC just made it official
You've bridged the gaps in my knowledge about networking and how IP addresses work, and explained what NAT is in a router. Thank you very much! I always love finding new creators that help me learn new things like this. Definitely worth liking and subscribing to your channel. Again, you're a champion! :)
Network Chunk... This series is awesome... I have been trying to look for simple video like this so that I can show my family (who are not very tech savvy) the basic of computer networking and this is perfect. I will not be able to explain it as well as you do... Now all I have to do is ask them to watch your video hahaha awesome!!! 😎
Your passion for smart toilets are unmatched.
I have learned more about IP Addresses from watching 30 minutes of your channel than I have from years of messing with (and troubleshooting) devices at home.
On the other hand, NAT has enabled people to drag their heels and delay IPv6 adoption by 25+ years. No joke - a literal quarter of a century and counting.
IPv6 at first was daunting to setup in pfSense but once I have it working it's actually pretty slick. I only allow IPv6 SSH into one of my Linodes VMs since script kiddies are using IPv4 to find open ports. Since IPv6 address space is so huge it's almost impossible to find a server with open ports in short period of time.
Also don't use the default port for SSH, and using Fail2Ban to temporarily block hackers IP addresses is probably a good idea too.
Thank you so much. I have no idea why nobody seems to be able to answer the simple question "Why do all routers have the same IP address?" Your answer for this was so freaking simple and made so much sense. In all my searching to that question I don't think anyone made a distinction between a public and private IP. Thank you thank you, I was so mystified. lol
The last 2 seconds of the video was golden. MIND BLOWN
Fantastic video series, I've passed the link on to my team to help with their understanding of IP addressing and subnets as you present it so well and in such an understandable manner - thanks! (I've work in IT for over 30 years and dealt with networking for almost 20 and I learned things too!)
props on the the audio mixing in this series -- nice that it doesn't fight with your information.
This just proves my point. Its not always the student, its 90% of the time the teacher. Ive struggled in the Danish education system for 17+ years, i always thought man i must be a real pr*ck loser.
Then i find someone like network Chuck and things ive struggled to understand, coming from other teachers, is suddenly both fun and easy to understand!
You're a great Teacher, thank you for making this stuff fun and igniting my thirst yet again!
11:16 "I'm afraid we might make the same mistakes." *We didn't, I assure you:*
If added one more BIT to the IPv4 address, it would have DOUBLED in size.
If added one more BYTE to the IPv4 address, it would have expanded by 256 times in size.
IPv6 added 12 bytes! Each byte multiplies it to 256x larger than the previous byte. Do you know what that means???
We could give every grain of sand on the entire surface of Earth an IPv6 address.
But wait, there's more: We could give every grain of sand within Earth an IPv6 address.
But wait, there's more: We have enough left over to give every grain of sand to each of the 8 planets in the solar system an IPv6 address.
But wait, there's more: We have enough left over to give every grain of sand to 8 planets for every star in the Milky Way Galaxy an IPv6 address.
But wait, there's more: We have enough left over to give every grain of sand to 8 planets for every star in the Milky Way Galaxy *AND* Andromeda Galaxy an IPv6 address.
But wait, there's more: We have enough left over to give every grain of sand to 8 planets per star in *56 MILLION GALAXIES* an IPv6 address.
3.4 * 10^38 is a massive, massive number: 3,400,000,000,000,000,000,000,000,000,000 addresses. That is 48,570,000,000,000,000,000,000,000,000 addresses for every human alive today.
We did not make the same mistake this time.
Gal'thabtli trying to connect his personal Dyson sphere to the internet in 14,539AD: we made the same mistake
This series is gold! Wassup with this outro music, banger. Never danced to a learning video! It paired well with the happiness of understanding NAT!
Video starts at: 2:48
Legend
Thank you! This is coming from someone who was struggling with this topic prior to an exam.
We can always rely that Networkchuck will make a good video!
Amazing video!
3:22 It was one of the band aids, the others being shared hosting where multiple domain names can share the same IP ("Name based Virtual Host"), and the other being carrior grade NAT.
the "Big Oprah, littler Oprah" just gets me, dude. I'm absolutely loving your content and learning a ton.
Very educative and easy to learn. Just one thing to mention, in private IP table there was a mistake in subnet masks (8/12/16 prefix length)
Thank you for making Networking easy to understand. My networking class this month was kicking my butt because I just couldn't understand I GET IT NOW :) !!
We will never run out of ipv6 addresses. The number is so astronomically large, that astronomy itself seems small.
You could address every single atom in the observabale universe and still have a stupid amount of IPs leftover
Yes, maybe... but i have currently 1 /64 IPv6 Adress-Space and 1 /56 IPv6 Space at my disposal...
One at my vServer thats running a single instance of a website-service and one at home. Why? I dont know. I dont an ip adress for literally any Atom in my flat.
Pretty sure the number of atoms in the observable universe (~1e82) is much higher than the number of IPv6 addresses (3.4e38).
You could, however, map every atom in a human body (~7e27) and still have a lot left.
@@Lewisking50 What i wanted to express was likely something like "Lets just not make the same mistakes, please. even if we have that much of adresses for everyone. nobody needs a billion of adresses. Really. a couple of 1000 for a family, okay. a couple of 100000 for a midsized, familyowned company. Also okay, but literally more than for any atom in their flat?"
@@ShenLong991 Sure, you're probably right, if those aren't too much already.
My reply was meant for OP though as I didn't @ you.
@@Lewisking50 Oh, i'm sorry. i thought you answered me, my bad. Moving on.
Chuck, youre an amazing teacher. I really enjoy your style, you make this stuff way more interesting than any other teacher or youtuber ive seen
Kudos for you man, you're the best instructor there on the internet, you made this easy as a piece of cake
This is so great, I love even your built-in commercials.
Fun Fact: The NAT protocol can support over 60,000 simultaneous connections with a single WAN-side IP address for the router!
Hearing NAT described so enthusiastically as this wonderful, magical thing makes my soul hurt.
NetworkChuck has mastered the art of teaching 😅. This dude makes it fun as hell to learn!
he is so good at promoting his coffee. every time he sips his coffee, I'm sipping mine too. It's kinda like yawning.
LoL, I'm Polish and you used that toilet song "po twojej pysznej zupie nie ruszam dupy z klopa"
11:37 for scale, the IPv6 address space is so big that each address in the IPv4 address space could be assigned a whole another IPv4 address space (so basically the whole pre-NAT internet) to it and that whole network would still fit inside the IPv6 address space.
Your an excellent teacher..I'm a beginner..green as could be..but I was learning IPs cause my wifi got hacked .but I wasn't sure how to tell if some of my Wifi IPs were not of Spectrum ..but thanks this ..hels alot ..ur entertaining and u keep my attention
Lol the music from toilet scene is 2010 polish meme-song that translates to "after eating your delicous soup, I don't move my ass off the toilet, this soup was with milk, i'm allegric to milk"
Love the video man, keep them coming. I’m new to the whole IT world currently studying for the A+ Core 2. I’m kind of like I should of started CCNA altogether 🙈. Love the content very helpful. Much love from Cork Ireland
You can be my teacher and have me tuition classes🤗
I learned a lot about NAT due to ALWAYS having issues with NAT on Xbox.
You are like the best teacher I never had. Would've taken IT course instead of HRM
3:53 Actually it doesn't need to be - and often isn't - unique nowadays.
That's due to having not a public IPv4 address, but rather a public IPv6 DS-Lite enabled address. DS-Lite uses one or multiple servers of the ISP to tunnel an IPv4 connection to your IPv6 address. Your public IPv4 address in that case is the address of the server that tunnels the connection to your IPv6 address. That IPv4 address is shared across multiple clients, hence it sucks if someone else gets that IP banned.
A second example are mobile networks, where my device with a SIM card is given a public IPv4 pool address the moment it connects to the cell tower and goes online. Some time after the device disconnects the public IPv4 address will go back into the pool and eventually another device will get that address assigned. Neat to know when using an LTE router or a LTE USB stick. Again, it sucks if your address got blocked because of a previous user.
4:08 To top it off: You actually can have the same cell phone number on multiple devices with limitations. Most contracts have the option to get another SIM card for the same contract for a small monthly extra fee. You can call, send SMS/MMS and use mobile data on both SIM cards, while you can receive calls or SMS/MMS only on the primary SIM card (which you can set via a code or an app). I've got the primary SIM in my phone and the secondary SIM inside a portable LTE router.
NAT is so amazing lets do it twice!!! Said no one ever...
All NAT did was kick the can down the road, like a politician... Sorry Chuck, but NAT is a band-aid, its great what the technical guys managed to figure out to keep things running but even from a security perspective any stateful firewall can provide the same security NAT provides.
NetworkChuck dropping the naughtiest bangers before ending the video
I like how you sort of went backwards with your topics, I think it makes it easier to comprehend
Dont even care about CCNA no more just want to see Chuck videos cuz its fun
A nit, the original RFC I saw was 1994. I started experimenting with NATs in late 1994 before I made them the standard for home networking when I was at Microsoft. They were meant to be temporary till IPv6 but that's a longer story.
BRO EVERY VIDEO MAKES ME HAPPY 0:46
So far this series has been amazing!
You just saved my linkedin assesment on networking; with no CCNA cert LOL....Dope vid man
Last -_-
Edit :- 1:42 I just went in shock that you revealed you card details 😂 but after I saw the exp. date, I just started laughing hard🤣🤣
The way he explains things and speaks makes me find watching ads interesting! Good job! I love your channel!
"Although I'm scared that we will make the same mistakes"
Proceeds to say that there are 2^128 combinations (3,402,837,000,000,000,000,000,000,000,000,000,000,0 combinations)...
At that point, our mistakes matter very little.
what's crazy is IPv6 has 79 octillion times as many addresses as IPv4. That's about 4.29 Billion times 79,162,418,842,315,673,828,125,000,000! I know it's just trivial math but it's still blowing my mind.
Fun fact
My college of IT in Austria has a subject, with a free CCNA course.
Awesome video.
One question I have, and hopefully it’ll be addressed on a later video, is: how does your router keep track of data coming into your private IP and then route it to the appropriate device / private IP / MAC address? If you’re logged into RUclips for your channel, your daughter is playing a game (Minecraft, Roblox, whatever), and your wife is shopping on Amazon, how does the router keep all the incoming data packets going to the appropriate place?
This is something that won't fit into subnetting but it is dealt with in his CCNA-course I believe. The OSI-model comes in to play but also random temporary port forwarding which can be used for the data to come back in which is handled by NAT. It's quite technical but very interesting! His (unfortunately incomplete) CCNA-course literally taught me more about networking than I had taught myself in the last couple of years.
Thanks to the routing table in the router I think.
In addition to IP addresses there are also port numbers. That helps with the NAT routing.
Fun fact: chuck's credit card info is visible at 1:40 (its propably a fake one)
9:42 “Let’s say my toilet wants to see some pictures of coffee” is a wild sentence 😂
You are totally amazing at what you do. You have motivated me to learn more and even change my profession.
I'm glad that you know the joke about spending more on coffee than IT. Love your work.
I just came from the future of the year 2456, in the end, we still created IPv32 a combination of everything you see on your keyboard and more alphanumeric characters that aren't created yet in this timeline. Live long and Prosper!
Weird people are everywhere 😂
Hello Chuck.. Iam a big fan.. But in this video you forgot to hide the default gateway while ipconfig 😉
CCNA guy watching you here 😉
Keep going.. Very nice content like usual.. And we appreciate if you can explain the Wi-Fi 6 in another video please.
Big respect from all IT to you from UK
>from Netflix to RUclips
That's very short range
Intentionally disabling or not using IPv6 in 2024 is a crime against humanity
12:15 Yes I get a public IPv6 and public IPv4 address on my cell phone. Like I said one cell phone access point can divide the Class A private network into over 4 million networks allowing over 4 million phones to use the same public IPv4 address. That is one of the reasons IPv4 STILL works.
I’m just glad I’m not the guy in the year 2524 learning about IPv4 AND IPv6 as limited technology. Then having to learn how IPv24 works (we skipped 7-23 bc you know)
Hey Network Chuck please make shorts , it will help us for daily CCNA motivation
Just a regular internet user here.
I figured out a long time ago that private ip address exists, I just didn't know that's what they're called.
It's intranet and internet for me.
All my devices would be on an intranet, and the router is the one that talks to the internet.
And I assumed internet still knew all our ipv6 addresses, which I'm probably wrong about.
And I assumed same thing was going on with phones.
All our phones have a private IP address, they connect to the tower. Then tower sends out the same with its public IP address.
And I assumed wifi devices get 192.168.1.X because there are less devices. And cellphones get more complicated addresses because more devices connect to a single tower...
What the hell is a toilet IP address?
Does an alarm go off when you forget to place the seat a certain subjectively preferable way; or when you place the tp front facing; does it alert the wife when you're in there too long; or God forbid you forgot to flush!
How does it malfunction? If you breach some t&cs of the toilet partition protocol; would it just straight up explode and expose all your darkest secrets on the the 255 IP address.
Scary stuff Chuck!
I'm happy to see you posting videos more often. It would be great to see a new one everyday 😄 you're the best
Aaaaaackshually we didn't skip v5.
IPv5 was dropped before it could go public because it used IPv4's address space. IPv5 lives on as VoIP, a concept rather than a protocol of its own.
You, sir, are the teacher we ALL NEED.
the loopback subnet is so large, because the original implementation of the IP protocol wasn't masked. The network ID was determined by the first bits of the IP.
Should give us a video on how to set up a 100% home server rack with NAS and wifi management with everything. In one rack how to configure and manage all that.
Just an ad-on. Going from 2^32 to 2^128 is huge. Every number you had 32 33 34 ect. Means you double the raw amound of ip adresses. So going to 128. Is mega. You double it 98 times.
Not really though, since most subnets to users will be /64. Don't worry, there's still plenty to go around. /64 is still more than enough. And hey, if we ever do run out of that, then we can recover a single /48, properly manage it, and be good forever again.
@@quinton1661 good to know.
Its why i said raw amound.
A minor correction: RFC 1918 (Feb 1996) didn't allocate the private IP address ranges, they were actually allocated with RFC 1597 (Mar 1994). NAT was defined with RFC 1631 (May 1994).
Egevang here. You are right. I made a bug in the checksum code in RFC 1597. The bug is fixed in RFC 1631. At that time everybody expected NAT to go away when IPng (IPv6 was not defined yet) was deployed. And here we are in 2022 still discussing NAT and incremental checksum update.
We're gonna YOLO them Ipv6 addresses too one day!
thanks for the video! I'm not an IT guy but I am able to follow your videos.
dude you misspelled dashlane in the start of your video lol i love all your videos you give me such motivation although the coffee keeps me up but ill leave you to it
So basically NAT solved the IP problem the same way I solved my 6144 channel limit problem with Applied Energistics in Minecraft, and split it up with sub-networking. The thing I love about it though is it's basically infinite. Each 255 subnetworks can have 255 subnetworks which can have 255 subnetworks which can have 255 subnetworks and oh look one network is back to the starting number, just need enough nodes is all. XD
As someone who knows absolutely nothing about anything networking, this is entertaining
I gotta say, I love how often you reference Harry Potter. This geek is ecstatic.✋
Mannnn!!!!!! That was all INCREDIBLE.🔥🔥🔥 💯💯 HUGE RESPECT & LOVE FOR YOU FROM PAKISTAN 🇵🇰 ❤️❤️❤️❤️❤️❤️❤️
Happy to see the next episode 😊😊
Ay the king has posted
you got a really nice explaining stile its fun to watch even if you alredy know it
There are enough IPv6 addresses to give every particle in the universe a unique public address without even making a dent.
great job done on this series.