we’re out of IP Addresses….but this saved us (Private IP Addresses)
HTML-код
- Опубликовано: 18 май 2024
- you SUCK at password security so PLEASE get a password manager like Dashlane: ntck.co/dashlane50
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
In this next episode of NetworkChuck’s you SUCK at Subnetting course, we dive a bit deeper into how RFC1918 and NAT saved the internet from crumbling due to IP address exhaustion. So don’t miss out as Chuck goes into detail about RFC1918, NAT, and you guessed it…. More Subnetting!! We cover 2 main concepts in this video, Private IP Address and Network Address Translation. We also cover Public vs Private IP Addresses.
Are you ready to get serious about your CCNA?
---------------------------------------------------
►CCNA Courseware: ntck.co/bscw (Boson) (Affiliate)
►CCNA Lab: ntck.co/bccna (Boson NetSim) (affiliate)
►CCNA Practice Exam: ntck.co/bnexccna (Boson ExSim) (affiliate)
►CCNP Lab: ntck.co/bsenns (Boson NetSim) (affiliate)
►CCNP Practice Exam: ntck.co/bsenex (Boson ExSim) (affiliate)
**Sponsored by Dashlane
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck Academy: ntck.co/NCAcademy
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
0:00 ⏩ Intro
0:35 ⏩ your passwords suck too
2:48 ⏩ The internet Band-Aid
6:02 ⏩ The even bigger solution, NAT
10:58 ⏩ IPv4 + 2
12:54 ⏩ Outro
14:01 ⏩ Are you working on your CCNA??
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
#cisco #ccna #subnetting 
Наука
you SUCK at password security so PLEASE get a password manager like Dashlane: ntck.co/dashlane50
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
In this next episode of NetworkChuck’s you SUCK at Subnetting course, we dive a bit deeper into how RFC1918 and NAT saved the internet from crumbling due to IP address exhaustion. So don’t miss out as Chuck goes into detail about RFC1918, NAT, and you guessed it…. More Subnetting!
Are you ready to get serious about your CCNA?
---------------------------------------------------
►CCNA Courseware: ntck.co/bscw (Boson) (Affiliate)
►CCNA Lab: ntck.co/bccna (Boson NetSim) (affiliate)
►CCNA Practice Exam: ntck.co/bnexccna (Boson ExSim) (affiliate)
►CCNP Lab: ntck.co/bsenns (Boson NetSim) (affiliate)
►CCNP Practice Exam: ntck.co/bsenex (Boson ExSim) (affiliate)
0:00 ⏩ Intro
0:35 ⏩ your passwords suck too
2:48 ⏩ The internet Band-Aid
6:02 ⏩ The even bigger solution, NAT
10:58 ⏩ IPv4 + 2
12:54 ⏩ Outro
14:01 ⏩ Are you working on your CCNA??
I actually had my Google compromised one time but I have dashlane now.
Jokes on you, ONLY selfhosted vaultwarden/bitwarden or offline keepassxc is the best, Just like selfhosting your files or storing them on a flash drive is better then storing them on someone's computer (cloud).
Edit: added a bit more stuff
Dashlane and any other online password managers suck.
Trusting a funny company to secure your passwords for your hard-earned money is kinda silly when you can use offline, cross-platform password managers like KeepassXC for free
Chuckk when are you finishing the free ccna coursee
Your Dashlane graphic at 0:57 actually says DAHSLANE... uh... oops
In case anyone is wondering why we skipped IPv5: Because, while it did have significant improvements over IPv4, it still used the 32 bit addresses (the 4 octets) that IPv4 used. It was a thing but never became a widely adopted standard. You can thank IPv5 for a few things, such as VoIP, though!
thanks
Wow. Really appreciate for sharing this. I get to know about something interesting. Thanks to your comments ✨♥️
Have you seen what PinkPanda and its CEO Adam are up to?
Yeah. Lots going on. I like the Loot connection.
It’s last medium post is so bullish! Can’t wait to grow bamboo.
Fun fact: Storing your password and your 2FA in the same service is a great way to turn your 2FA into a 1FA
Just buy the stinkin SAAS!
or into a 0FA... hack the password manager and goodbye your passwords...
if the password manager is true to their word being encrypted as much as they are than it isn't a concern.. I been using Dashlane for years ..I am majoring in Computer Science I am very well-versed in Tech .... and a good password manager is encrypted ..Dashlane uses AES-256 encryption on the device.. believe me no one is hacking that for a very long time...The military uses this standard lmao....if you forgot your master password your not going to even be able to recover your passwords.. the weakness would be the master password.. only way to hack that is through social engineering. That is why it is good to use a large easily remembered but hard to guess password.. (EFF Dice-Generated Passphrases) 6-9 words is super hard to crack...Diceware & Passwords - Computerphile
I use 1Password, and have for years. Works very well for me.
@@Farreach That’s why use password safes that use biometrics.
There are 3 cornerstones to encryption, something you know (password), something you are (fingerprint), something you have (keycard). Using all three makes unauthorized access difficult.
Jumping into tech as 32 yr old single mom with a special needs child, who works full time, . I'm gearing up to get IT certs and this channel is coming in CLUTCH!! You explain when, how, why, where, how much- SO WELL. The visuals, everything.I can't thank you enough!!!!!!!!
Fun Fact: there was a period early in the life of the telephone where it WAS common for people to share phone numbers. It was called party line service and basically meant everyone in the building or on the block shared the same wire to the telephone exchange (as a cost cutting measure) so when a call came in, every phone on the line would ring and anyone who picked up could hear whoever was talking, and unless and until they hung up, nobody else could use it to call out. Needless to say it was a hotbed of neighborly snooping & gossip and people actually went to jail for hogging the line and refusing to hang up when others were trying to call emergency services.
yes, I remember it. Damnnnnnn
We had party lines all over my area until the late 1990s. They had special phones (which you had to rent from the phone company) which only rang for your number, so you didn’t have to memorize your ring pattern like the old days, but all the rest of the problems remained. When you picked up the phone to make a call you might find it in use by your neighbor so you had to wait and try later. If someone talked a long time, it could challenge your patience. At least nobody was crazy enough to try getting on the internet with a dialup modem! Also, most exchanges in my area had local calling only within the exchange, so basically if you wanted to call the next town it was a long distance call, and billed by the minute. This was extra inconvenient on a party line because when you dialed another exchange, you had to wait for the operator to come on the line and ask you your phone number so they could bill the call to you. You could give them the number of one of your neighbors on the same line and they would bill your neighbor instead. Oh, and the operator said “Number please” so often than he was always hoarse and you could hardly understand him.
Another solution some ISPs implemented to their network with the exhaustion of IPv4 addresses is Carrier-Grade NAT (CGNAT), where 1 Public IP is shared across multiple subscribers. Basically, it's like having another layer of NAT from your ISP and it works but there are a lot of downsides like you can't host stuff (since it's blocked from your ISP) without some clever tricks like reverse proxy (or something similar to the "Don't call me, I'll call you" analogy).
Don't forget the problem of getting your true public ipv4 address blocked by a website/service if someone else sharing that public address got themselves blocked. Or that (without ipv6 or ipv6 support) a good chunk of online multiplayer games won't matchmake properly under CGNAT.
The faster everyone (ISPs AND websites/services) adopts ipv6, the better.
@@Skyline_NTR true that! Since CGNAT has a very strict firewall rule by design, you may find it difficult to host your multiplayer games. You can connect to someone but you can't host on your own without some help at least.
Cgnat is hell with pfsense or any other load balancer
Dynamic VS Static public IP addresses, free the former, paid for the latter. That's what we got.
Exactly, I thought he was going to cover that in this video
People being able to have the same IP address and the server still knowing which device to route the packet to was one of the biggest mysteries to me... Thanks Chuck... Love all your videos.
i guess mac address ?
@@Artropos They're in a different network. Their IP is relative to their network.
Your videos are seriously helping me with my IT studies in school right now. Classes and textbooks are great, but your visual aids are the cherry on top. Thank you for another great video!
Network Engineer here - I've learned more from RUclips than any school or book. Some people just learn easier with visuals and audio. RUclips makes learning easy.
Hey,so you can be my teacher then🤗
Video starts at: 2:48
Legend
Over 200 devices... it would be interesting to see chuck do an nmap of his private network (redacting any information he can't share obviously)
It's not so hard to reach 200 in a smart home where everything is connected. If everything follow wifi standard
Additionally, IPv6 won’t have a subnet mask displayed, but rather a CIDR, which is a shortcut way of telling you the subnet mask. It’ll usually be /64 meaning you can use 64 of the 128 bits that chuck was mentioning.
IPv4 also moved to CIDR many years ago.
@@James_Knott that is true, but typically when configuring stuff like IPv4 addresses and routes, you’ll always be using the subnet mask alongside with the IP. An IPv4 CIDR just makes things easier to view what’s going on with it (imo).
I might be still used to old devices however. If you have examples of newer devices being configured with CIDRs vs subnet masks, let me know!
@@400EMP I just took a look at my Ubiquiti Unifi access point. It has an address and netmask, where the netmask is 24. I have seen other gear that uses CIDR and not traditional mask. Another example is my computer. I run Linux and in the subnet mask box is /24. Yes, you have to know both forms and how to convert between them, but the old style mask is disappearing.
@@James_Knott that’s cool to know! Thanks for letting me know. Probably for the best. I much prefer the CIDR. The subnet mask is unnecessary. All you really need to know is what bits are network and what are host, compare the CIDR number out of 32, and there ya go! CIDR is much more helpful and subnet masks make the process of subnetting even more complicated than it should be.
@@400EMP I learned both ways, when I took a TCP/IP course at a local college in 1995. Shortly after I read about IPv6 in the April 1995 issue of Byte magazine.
Chuck, I have read multiple articles and watched multiple videos regarding subnetting and it was confusing as hell. This series has made it so simple. I like how you mix in humor, and I get all the nerdy references :)
Thank you so much!
I work at a major Defense Contractor, and we just so happen to be reclaiming multiple /8s /11s and a bunch of /16s so that we can sell them back. you'd be amazed how many public IPs were being privately routed.
Given that the reseller market is about US$51 per IP and can only be sold in /24s or larger that's a good chunk of change to be leaving on the table.
The cost will be pushed to customers is all that will happen. It actually helps incumbent providers maintain their position as a new entrant can't fight for more lucrative business contracts on even footing as most businesses will rather stick to IPv4 than invest in IPv6. I still find windows XP machines and the mantra "if it ain't broke don't fix it", I just document accordingly and wait for the impending security breach.
I watched back at some of your videos from 3-4 years ago, and man, have your production skills improved tremendously. You are a god.
I like these series Chuck! Keep them coming! Also interested in your opinion about IPv6 :)
You've bridged the gaps in my knowledge about networking and how IP addresses work, and explained what NAT is in a router. Thank you very much! I always love finding new creators that help me learn new things like this. Definitely worth liking and subscribing to your channel. Again, you're a champion! :)
Basically NAT is just a table that has two rows. First row is an ip from your local private network ie. what device made the request and second row is the ip of the target device ie. what website you went to. Whenever packet goes through, NAT rewrites the source with routers public IP and records the request in NAT table, when the response comes from the target the table is used to determine who made the request ie request is translated back to private IP. This is a very simple explanation there are a lot of nuances ie. what happens when two devices make a request to same website etc.
Network Chunk... This series is awesome... I have been trying to look for simple video like this so that I can show my family (who are not very tech savvy) the basic of computer networking and this is perfect. I will not be able to explain it as well as you do... Now all I have to do is ask them to watch your video hahaha awesome!!! 😎
Chuck! I just passed my ccna!!
Starter studying mid March. I took it couple hours ago online and passed it. I did a lot of reaeach for the material and study every morning from 3am til 7am prior work. It paid out. Thank you for the material you've provided.
Good job. Now study up and get your Amateur Extra Class radio license and network through the air.
well done
You are genuinely the best IT teacher I've ever had. Love how you make everything clear in a fun and engaging way, can't stop watching your videos! Hail Oprah 👑
So far this series has been amazing!
3:22 It was one of the band aids, the others being shared hosting where multiple domain names can share the same IP ("Name based Virtual Host"), and the other being carrior grade NAT.
Very educative and easy to learn. Just one thing to mention, in private IP table there was a mistake in subnet masks (8/12/16 prefix length)
The private IP range had been used informally much longer. It was essentially part of the range that people squatted on by convention. RFC just made it official
props on the the audio mixing in this series -- nice that it doesn't fight with your information.
Thank you for making Networking easy to understand. My networking class this month was kicking my butt because I just couldn't understand I GET IT NOW :) !!
IPv6 at first was daunting to setup in pfSense but once I have it working it's actually pretty slick. I only allow IPv6 SSH into one of my Linodes VMs since script kiddies are using IPv4 to find open ports. Since IPv6 address space is so huge it's almost impossible to find a server with open ports in short period of time.
Also don't use the default port for SSH, and using Fail2Ban to temporarily block hackers IP addresses is probably a good idea too.
The last 2 seconds of the video was golden. MIND BLOWN
On the other hand, NAT has enabled people to drag their heels and delay IPv6 adoption by 25+ years. No joke - a literal quarter of a century and counting.
This is so great, I love even your built-in commercials.
Chuck, youre an amazing teacher. I really enjoy your style, you make this stuff way more interesting than any other teacher or youtuber ive seen
You are totally amazing at what you do. You have motivated me to learn more and even change my profession.
I'm happy to see you posting videos more often. It would be great to see a new one everyday 😄 you're the best
I learned a lot about NAT due to ALWAYS having issues with NAT on Xbox.
We can always rely that Networkchuck will make a good video!
Amazing video!
I have learned more about IP Addresses from watching 30 minutes of your channel than I have from years of messing with (and troubleshooting) devices at home.
11:37 for scale, the IPv6 address space is so big that each address in the IPv4 address space could be assigned a whole another IPv4 address space (so basically the whole pre-NAT internet) to it and that whole network would still fit inside the IPv6 address space.
You just saved my linkedin assesment on networking; with no CCNA cert LOL....Dope vid man
Thank you! This is coming from someone who was struggling with this topic prior to an exam.
Kudos for you man, you're the best instructor there on the internet, you made this easy as a piece of cake
Happy to see the next episode 😊😊
This series is gold! Wassup with this outro music, banger. Never danced to a learning video! It paired well with the happiness of understanding NAT!
Your content is sooo helpful. Thank you bro!
Your an excellent teacher..I'm a beginner..green as could be..but I was learning IPs cause my wifi got hacked .but I wasn't sure how to tell if some of my Wifi IPs were not of Spectrum ..but thanks this ..hels alot ..ur entertaining and u keep my attention
I always love this guys content
A nit, the original RFC I saw was 1994. I started experimenting with NATs in late 1994 before I made them the standard for home networking when I was at Microsoft. They were meant to be temporary till IPv6 but that's a longer story.
Your passion for smart toilets are unmatched.
Thank you so much. I have no idea why nobody seems to be able to answer the simple question "Why do all routers have the same IP address?" Your answer for this was so freaking simple and made so much sense. In all my searching to that question I don't think anyone made a distinction between a public and private IP. Thank you thank you, I was so mystified. lol
great series...... cant wait for EP 4
the "Big Oprah, littler Oprah" just gets me, dude. I'm absolutely loving your content and learning a ton.
you got a really nice explaining stile its fun to watch even if you alredy know it
dude you misspelled dashlane in the start of your video lol i love all your videos you give me such motivation although the coffee keeps me up but ill leave you to it
You really explain things well
Love the video man, keep them coming. I’m new to the whole IT world currently studying for the A+ Core 2. I’m kind of like I should of started CCNA altogether 🙈. Love the content very helpful. Much love from Cork Ireland
You can be my teacher and have me tuition classes🤗
Great video man!
BRO EVERY VIDEO MAKES ME HAPPY 0:46
Man your videos are amazing!!
Awesome video.
One question I have, and hopefully it’ll be addressed on a later video, is: how does your router keep track of data coming into your private IP and then route it to the appropriate device / private IP / MAC address? If you’re logged into RUclips for your channel, your daughter is playing a game (Minecraft, Roblox, whatever), and your wife is shopping on Amazon, how does the router keep all the incoming data packets going to the appropriate place?
This is something that won't fit into subnetting but it is dealt with in his CCNA-course I believe. The OSI-model comes in to play but also random temporary port forwarding which can be used for the data to come back in which is handled by NAT. It's quite technical but very interesting! His (unfortunately incomplete) CCNA-course literally taught me more about networking than I had taught myself in the last couple of years.
Thanks to the routing table in the router I think.
In addition to IP addresses there are also port numbers. That helps with the NAT routing.
NetworkChuck has mastered the art of teaching 😅. This dude makes it fun as hell to learn!
Hello Chuck.. Iam a big fan.. But in this video you forgot to hide the default gateway while ipconfig 😉
CCNA guy watching you here 😉
Keep going.. Very nice content like usual.. And we appreciate if you can explain the Wi-Fi 6 in another video please.
Big respect from all IT to you from UK
Downloading now. Thanks 🙏
I like how you sort of went backwards with your topics, I think it makes it easier to comprehend
This is so clear man, thanks
3:53 Actually it doesn't need to be - and often isn't - unique nowadays.
That's due to having not a public IPv4 address, but rather a public IPv6 DS-Lite enabled address. DS-Lite uses one or multiple servers of the ISP to tunnel an IPv4 connection to your IPv6 address. Your public IPv4 address in that case is the address of the server that tunnels the connection to your IPv6 address. That IPv4 address is shared across multiple clients, hence it sucks if someone else gets that IP banned.
A second example are mobile networks, where my device with a SIM card is given a public IPv4 pool address the moment it connects to the cell tower and goes online. Some time after the device disconnects the public IPv4 address will go back into the pool and eventually another device will get that address assigned. Neat to know when using an LTE router or a LTE USB stick. Again, it sucks if your address got blocked because of a previous user.
4:08 To top it off: You actually can have the same cell phone number on multiple devices with limitations. Most contracts have the option to get another SIM card for the same contract for a small monthly extra fee. You can call, send SMS/MMS and use mobile data on both SIM cards, while you can receive calls or SMS/MMS only on the primary SIM card (which you can set via a code or an app). I've got the primary SIM in my phone and the secondary SIM inside a portable LTE router.
You are like the best teacher I never had. Would've taken IT course instead of HRM
Fun Fact: The NAT protocol can support over 60,000 simultaneous connections with a single WAN-side IP address for the router!
Very informative video. Thanku babe
This is absolute gold!
We will never run out of ipv6 addresses. The number is so astronomically large, that astronomy itself seems small.
You could address every single atom in the observabale universe and still have a stupid amount of IPs leftover
Yes, maybe... but i have currently 1 /64 IPv6 Adress-Space and 1 /56 IPv6 Space at my disposal...
One at my vServer thats running a single instance of a website-service and one at home. Why? I dont know. I dont an ip adress for literally any Atom in my flat.
Pretty sure the number of atoms in the observable universe (~1e82) is much higher than the number of IPv6 addresses (3.4e38).
You could, however, map every atom in a human body (~7e27) and still have a lot left.
@@Lewisking50 What i wanted to express was likely something like "Lets just not make the same mistakes, please. even if we have that much of adresses for everyone. nobody needs a billion of adresses. Really. a couple of 1000 for a family, okay. a couple of 100000 for a midsized, familyowned company. Also okay, but literally more than for any atom in their flat?"
@@ShenLong991 Sure, you're probably right, if those aren't too much already.
My reply was meant for OP though as I didn't @ you.
@@Lewisking50 Oh, i'm sorry. i thought you answered me, my bad. Moving on.
Thanks again Chuck!
thanks for the video! I'm not an IT guy but I am able to follow your videos.
You're amazing! Thank you so much!
This video was so helpful I had to comment thanks
Thanks for the help!
Hello Mr. Chuck I'm a big fan of your content, I have a question please, what are the most important languages one need to know in order to work in cloud computing and micro-services?
Hey chuck, First of all, Ty for giving us such a great content for it newbs :) Your are one of my first reference when I teach newbies on IT. Right now I’m interested in something else that you are using to create your videos… the touch screen writing thingi… I’m looking for a digital pen to write on PDFs and save them afterwards with the newly created layer… can you recommend something hardware and software for doing so… don’t have to be opensource or freeware, I want to deploy this in my company.
Maybe a topic for the future on your channel
RADIUS / 802.1X authentication with Unifi ? I know that is going a bit deeper into the rabbit hole :)
12:15 Yes I get a public IPv6 and public IPv4 address on my cell phone. Like I said one cell phone access point can divide the Class A private network into over 4 million networks allowing over 4 million phones to use the same public IPv4 address. That is one of the reasons IPv4 STILL works.
Fun fact
My college of IT in Austria has a subject, with a free CCNA course.
Thank you Chuck !
Hearing NAT described so enthusiastically as this wonderful, magical thing makes my soul hurt.
Last -_-
Edit :- 1:42 I just went in shock that you revealed you card details 😂 but after I saw the exp. date, I just started laughing hard🤣🤣
Ay the king has posted
NetworkChuck dropping the naughtiest bangers before ending the video
Hey Chuck! Thanks for these videos, you are a great teacher and this is really helping me understand the fundamentals. U rock 🪨🎸😎
Should give us a video on how to set up a 100% home server rack with NAS and wifi management with everything. In one rack how to configure and manage all that.
loving this series i really do suck at subletting 😅😎
I love this stuff!
Hey Network Chuck please make shorts , it will help us for daily CCNA motivation
I’m just glad I’m not the guy in the year 2524 learning about IPv4 AND IPv6 as limited technology. Then having to learn how IPv24 works (we skipped 7-23 bc you know)
Mannnn!!!!!! That was all INCREDIBLE.🔥🔥🔥 💯💯 HUGE RESPECT & LOVE FOR YOU FROM PAKISTAN 🇵🇰 ❤️❤️❤️❤️❤️❤️❤️
NAT is so amazing lets do it twice!!! Said no one ever...
All NAT did was kick the can down the road, like a politician... Sorry Chuck, but NAT is a band-aid, its great what the technical guys managed to figure out to keep things running but even from a security perspective any stateful firewall can provide the same security NAT provides.
hey chuck, great vid - whats the song playing during dashlane ad?
Please make more videos on cyber security🙏🙏
I just came from the future of the year 2456, in the end, we still created IPv32 a combination of everything you see on your keyboard and more alphanumeric characters that aren't created yet in this timeline. Live long and Prosper!
Weird people are everywhere 😂
I'm glad that you know the joke about spending more on coffee than IT. Love your work.
so cool thank you man
All great @Chuck, but wait a minute... from where did you get this 'song' at 0:17 😀 ??
My cell phone ISP actually divide up the local IPs and give my phone a very small network with as little as 4 local IP addresses in my phones network. So one access point can have over 4 million networks, each with 4 IPs. Class A private IP with a subnet mask 255.255.255.252. And the only devices that need to be in that network are the smartphone and the access point. The highest and lowest IP in a network are never asigned to a device.
However there is now a range of IP addresses taken from a public IP range that is specifically reserved for carrier NAT (CGNAT).
Chuck would you mind explaining how do hackers connect to thr internet anonymously? I mean if we have public/private networks then how do they evade detection. How do they hop across networks and anonymously browse the internet.