Thank you sir, the pace and simplicity with which you explain concepts is commendable, when In doubt or want to learn about a subject, I search with Sunny Classroom #####, #### stands for whatever network related concept I am looking for, simple and Brilliant
Everything at high level in just 9 minutes yet more than enough clarity and slowness to understand. Everything on point. This is awesome! Thank you Sunny.
I love how Sunny explains the brief history behind technology in his videos, since at times it is a crucial part in the learning process to understand how the technology came to be and why we need it.
Simply brilliant explanation! Your channel is a boon for anyone looking for good CS fundamentals. Keep it up and hope you can publish topics on Core OS concepts as well?
A little confused here Read a book where SNAT means Source Network Address Translation and DNAT means Destination Network Address Translation. The explanation you gave for PAT is what was given for DNAT.
Thank you very much for pointing that out. I noticed this mistake after I published it. You are very detail-oriented. I appreciate it very much. I will try my best to avoid such mistakes.
the music at the end is epic ! it gives me recall of life in year 1980s and that time TV shows have this type of music. any way the content is best and crystal clear. good work.
I never write comments, but here it goes: Networking topics will be part of my final exam in two weeks and honestly your videos have been such a life saver. I hope you know you're changing lives with your content! Thank you Sir!
Awesome, Sunny is my to go resource whenever I need to refresh concepts in networking, security and basically IT! Thanks again Sunny for the topnotch content :)
how come you are using a Multicast IP@ for mapping to the outside traffic in the section PAT : local IP@ is mapped to : 234.x.x.x:8000 and 234 is in multicast range right ?
Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet. Why the teacher is talking about static NAT. Am I wrong?
Currently learning network services and DNS. So glad to have found your channel. You provide such clear and logical explanations with helpful animations. Thank you for sharing! Subscribed!
Hi Sunny I have a application running on my server its a HRMS kind of application it is accessible internally in my local lan for example if i type192.168.1.10:80 or 8080 in my browser i can access the application. But now i want this application to be accessible over the internet via specific ports like 80, 82 , 83 something like this so that people in my orginization can access it, there are 3 application on the same server. The server is assigned a a static private IP in the network. I also have a static public IP that i had taken from the ISP for this purpose. how can I configure or achieve this. Kindly help
thanks for video. few questions: 1. can we say PAT is again IP masquerading? 2. i often see people use SNAT as source NAT and DNAT as destination NAT. i am not sure which one is correct. thanks in advance :)
This is okay but states that PAT is most common but I don't see how it is even useful. It shows 192.168.100.74:80 translated to 234:1.2.33:8001 but if the destination web server is not listening on 8001 then you are not going to get a desirable result.
Hi Sunny, thanks for the video. On the PAT explanation, why a common PORT of 80 was chosen instead of a random port number also known as ephemeral port? thank you
Thanks for the great video....but there is one Detail at PAT i missed... in my opinion your translation is wrong...because you translate the destination port 80 into destination port 8001. The destination port must not be changed. The Router translate the source Port and enter it in his NAT trable to identifiy the host if he get an answer from WAN
great, what i was looking for is, what if we have one public static ip and multiple web servers listing port 80 what we need under our main router to redirect each request?
Sir Please Discuss Link aggregation Switch, NIC Teaming , and MLAG vs. Stacking, Trunking ,Static Link Aggregation.....Managed and Manage Switch ... Thank you..
I will do soon. Please come back to check my new videos. I will do trunking this week. I put your topics on my to-do list and I will make some videos for your some topics hopefully this month.
Is it beneficial to run DNAT on private ips on one intranet? Situations for very large networks that have a lot of remote machines connecting to a central location
Again, the best explained video I've seen on this. Your videos are excellent. I needed a refresh. I do have a couple of clarifying questions about this. 1) Dynamic NAT - what happens if all the public IP addresses are used up? Are internal hosts denied access to the internet then? 2) PAT - If an internal host sends an outgoing packet on port 80, but the gateway then translates that to port 8001, how does the web server on the internet know you are trying to communicate with it on port 80? Thanks, Sunny.
Here is what I think: 1) Yes, they must be denied access until an available public IP comes out; and if not using PAT. 2) The port 80 of the internal host is NATed. The web server doesn't care about that port but the one that comes by 8001 where it will reply the request. The router-gateway receives by 8001 and translates to 80 to the internal host. The web server will never know you tried by the port 80, and doesn't matter.
Great video. Now I know a little bit about SNAT, DNAT, PAT but have a question =). Which IP usually ISP gives us when we as I user want to get internet at home? I think we get DNAT.You said it is expensive, but what can we do the is no another way =D By the way, I guess in this video 3:48 under the picture Mais Server's IP should be 192.168.100.4 . Thanks for help.
that is correct! It is a typo and a big mistake. next time I would be more careful. Many thanks for pointing it out. I promise I won't make that stupid mistake :(. about your question. I guess you are right when we use the Internet at home. DNAT is expensive, but those ISP companies are rich any way (robbing all our money blindly).
@@sunnyclassroom24 I guess ISPs don't use DNAT because that implies multiple public IPs. They must use PAT, only giving one public IP. and the router NATs everything by ports.
If I understand it uses the TCP port number for uniqueness, now suppose one host using all the available ports (2^16 ports), then how will NATs in the router will map other hosts for incoming traffic?
The truth is that your router typically uses more than just port number to track the socket/session. It uses the source IP, sort port, destination IP, destination port. This combination of 4 data points allows it to keep track of a lot more than 65536 sessions.
@@addanametocontinue The combination in raw is: 2^32 src ips * 2^16 src ports * 2^32 dst ips * 2^16 dst ports = 2^96. But normally it is only used 1 unique public IP so it is: 1 src ip * 2^16 src ports * 2^32 dst ips * 2^16 dst ports = 2^64. But also there are some reserved and private IP that are not used as dst ips; they are about 1/8 (en.wikipedia.org/wiki/Reserved_IP_addresses) of the possible 2^32 . About the dst ports, can be used them all (like for port forwarding to one's PC- server), but normally just a few are used, like 25, 80, 443, 5228. So they may not be 2^16, but let's leave them on these 4. We have 1 srcIP * 2^16 srcPorts * (7/8) 2^32 dstIPs * 4 dstPorts = (7/8)2^50 possible combinations-sessions. They are still a lot. If one user is using a public IP address on its PC, then can use all those ~2^50 combinations. For a single outside-server like Facebook (with single public IP let's say), with same port 443 for example, well then yes it is 1 srcIP * 2^16 srcPorts * 1 dstIP * 1 dstport = 2^16 possible combinations-sessions; it is 65536 sessions, that, to be active, need constant activity, because if not, they expire so srcPorts can be reused. All this implies that they are still so that many so that PAT is possible. Let's say it is not a user's PC with public IP but the router with NAT-PAT -the most common form 6:04-; and that 100 devices are connected to it and all browsing Facebok (with 1 public IP address) in same port 443: They share the 65336 combinations the router can give by assigning srcPorts to them all (very improbable all 100 at same time browsing same web but who knows, though it is about 650 srcPorts for each evenly). The router will translate the internal hosts' IPs (with their ports) to all srcPorts as they are available. If, as @Mohan Gyara stated, only 1 device is exhausting the 65536 (surely only with a virus making source DoS) srcPorts, then surely no way the other 99 devices will be able to browse Facebook... but only Facebook, not all the web; without a virus it is almost imposible for 1 device or even 100 devices to exhaust the 65536 srcPorts to one single dstIP and dstPort, and single public srcIP. If the same device or other devices visit RUclips, then it is other IP and other possible combinations of 65536 srcPorts with that different dst IP and Port to be written in the router's NAT table.
Really good video. If I understand well, what at my home I am doing in my router is only a simple port forwarding. SNAT and DNAT are used at ISP level? Or every home router is using ? and if yes,. .. can yuo explain me how?
Thank you for this interesting video. It enhances my understanding of NAT. I realized that this video was made quite some time and CGNAT is not yet widely used back then. With the advent of the use of CGNAT by most ISP, it basically deactivates the use of port forwarding in a private network. Do you have a way around this? I would love to see another video on this topic. Thank you!
@@FatimaHassan-fn1vk It is possible with some more advanced software, but we cannot see from our client-side command. Please let me know if you find it.
@@FatimaHassan-fn1vk If you're in a company using a router, you can use the show run command to see all the configuratons made to this router including NAT, of course if you have access to this router. If you're talking about your home private network (WLAN) using a wireless Access point, then you just go to AP's settings page to check the type of NAT you're ISP used for your network.
Short and sharp. I learnt alot within a short time. A question here please. If I'm using DNAT to connect, should I forget about PNAT? Or can I use them both simultaneously?
Excellent presentation. It is very difficult to find a similar presentation which explained the differences between the 4 concepts as clearly and as easily.
Everything is very clear now woooow great vidéo! Is it possible to do NAT by mapping all the adresses in a network to a public ip adress? In fact at the client side i do not know the ip adresses of his servers. i probably know he will not tell me.
Thank you sir, the pace and simplicity with which you explain concepts is commendable, when In doubt or want to learn about a subject, I search with Sunny Classroom #####, #### stands for whatever network related concept I am looking for, simple and Brilliant
you are wonderful teacher.
wow man i watched 2 other videos had few open questions, watched your 9 minute video and everything is clear now. You are talented teacher
@Sam Darwin this is a spam
Excellent. Thank you.
You are welcome!
this is great effort .. keep up the great work.
Than you for your nice comments!
You are awesome
Sunny sir please upload same on D-Link switch
Everything at high level in just 9 minutes yet more than enough clarity and slowness to understand. Everything on point. This is awesome! Thank you Sunny.
He is a great teacher.
He’s a great teacher, I’m learning so much with him!
Slow network? To understand it?
I love how Sunny explains the brief history behind technology in his videos, since at times it is a crucial part in the learning process to understand how the technology came to be and why we need it.
Simply brilliant explanation! Your channel is a boon for anyone looking for good CS fundamentals. Keep it up and hope you can publish topics on Core OS concepts as well?
EXCELLENT VIDEO!! This was the explanation that I was missing 🙌🙌🙌
A little confused here
Read a book where SNAT means Source Network Address Translation and DNAT means Destination Network Address Translation. The explanation you gave for PAT is what was given for DNAT.
What you read was correct. I am on the same page with you.
Great video! Thank you... Though I believe 7:25 should be "is 16-bit value", not "16 digit value" ?
Turn the speed to 1.25. Thank me later
Thanks
Thank you!
What is there to thank? I'm pretty sure people know how to turn their speed preference without an idiotic account saying so.
later
Thank you!
IP address conflict @ 3:49 Web Server: 192.168.100.2 and Mail Server: 192.168.100.2
Thank you very much for pointing that out. I noticed this mistake after I published it. You are very detail-oriented. I appreciate it very much. I will try my best to avoid such mistakes.
i would like to say you that termin SNAT is not static nat , SNAT is source nat and DNAT is also destination nat! please be informed
Thank you sunny, i have been in the field for over 18 years, no one made the concepts so clear for me, You're the best! I like your chenglish toooooo.
Thanks Sunny.. you explain stuffs so well. Wish I found these lectures during my engineering..😃
You are welcome and thank you for your nice comment.
Credits to you fir explaining it in such a clear and easy understanding way, thanks!
You are quite welcome, Steve.
the music at the end is epic ! it gives me recall of life in year 1980s and that time TV shows have this type of music. any way the content is best and crystal clear. good work.
Thanks a lot for your nice comment! I appreciate your encouragement.
Simplicity! I love how you slowly and patiently explain complex subjects. Thank you🙏
Thank you very much. Great explanation. Cold you please help us with QOS concept
I will upload QOS, hopefully soon.
I never write comments, but here it goes:
Networking topics will be part of my final exam in two weeks and honestly your videos have been such a life saver.
I hope you know you're changing lives with your content! Thank you Sir!
Great to hear!
Awesome! Each concept clearly explained in a structured way with clearly illustrated charts. What more can one ask for? Great job!
Great to hear!
Awesome, Sunny is my to go resource whenever I need to refresh concepts in networking, security and basically IT! Thanks again Sunny for the topnotch content :)
I loved this video. Very high quality explanation.
Thanks a lot or your nice comment.
Awesome explanation Sunny, Subscribed!
Hi Sunny Love ur teaching videoes. Thanks for sharing
you are welcome!
how come you are using a Multicast IP@ for mapping to the outside traffic in the section PAT : local IP@ is mapped to : 234.x.x.x:8000 and 234 is in multicast range right ?
Source Network Address Translation (source-nat or SNAT) allows traffic from a private network to go out to the internet. Why the teacher is talking about static NAT. Am I wrong?
Currently learning network services and DNS. So glad to have found your channel. You provide such clear and logical explanations with helpful animations. Thank you for sharing! Subscribed!
(AT 4.30)
DNAT does not deal with outbound traffic, it deals with inbound traffic. SNAT deals with outbound traffic
If my router did a PAT from port 80 to 8000, how does the other router know that I'm requesting a port 80(web) instead of 8000? Thank you.
Very good presentation! Thanks.
Hi Sunny I have a application running on my server its a HRMS kind of application it is accessible internally in my local lan for example if i type192.168.1.10:80 or 8080 in my browser i can access the application. But now i want this application to be accessible over the internet via specific ports like 80, 82 , 83 something like this so that people in my orginization can access it, there are 3 application on the same server. The server is assigned a a static private IP in the network. I also have a static public IP that i had taken from the ISP for this purpose. how can I configure or achieve this. Kindly help
thanks for video. few questions:
1. can we say PAT is again IP masquerading?
2. i often see people use SNAT as source NAT and DNAT as destination NAT. i am not sure which one is correct.
thanks in advance :)
Hi, great video... do you have any videos on symmetric NAT? Or a clear explanation?
Why you are saying device is router, why you are not said this device is a FIREWALL, if the device is firewall then same working will happen or not ?
Very nice explanation with animations sir, thanks. Therefore, you got me as subscriber. Do you also teach ethical hacking?
All types of NAT configuration: ruclips.net/video/Pp_ykBZwLUo/видео.html&ab_channel=Technology
This is okay but states that PAT is most common but I don't see how it is even useful. It shows 192.168.100.74:80 translated to 234:1.2.33:8001 but if the destination web server is not listening on 8001 then you are not going to get a desirable result.
Hi Sunny, thanks for the video. On the PAT explanation, why a common PORT of 80 was chosen instead of a random port number also known as ephemeral port? thank you
Thanks for the great video....but there is one Detail at PAT i missed... in my opinion your translation is wrong...because you translate the destination port 80 into destination port 8001. The destination port must not be changed. The Router translate the source Port and enter it in his NAT trable to identifiy the host if he get an answer from WAN
I decided to configure NAT on my ZTE MF29A router but NAT Feature is not present on the Router interface. How do I do it
Excellent video. Extremelyt Informative. Subscribed!
Very Nice Explanation. Watched Many. only now all confusions are cleared
best explanation of NAT can you tell me which editor are you used for these type of videos
Hi Sunny,can you advice how to config spectrum lan visit public server for system>
great, what i was looking for is, what if we have one public static ip and multiple web servers listing port 80 what we need under our main router to redirect each request?
I can't say enough good things about Sunny Classroom.
Awesome!!
You are so amazing tutor
Thanks a lot!
This is the best video ...... thank you...
Glad you liked it!
hi great u have shown from 24 but how to calculate from like example of subnet 10.0.0.0/16 could u explain please
Sir Please Discuss Link aggregation Switch, NIC Teaming , and MLAG
vs. Stacking, Trunking ,Static Link Aggregation.....Managed and Manage
Switch ... Thank you..
I will do soon. Please come back to check my new videos. I will do trunking this week. I put your topics on my to-do list and I will make some videos for your some topics hopefully this month.
Is it beneficial to run DNAT on private ips on one intranet? Situations for very large networks that have a lot of remote machines connecting to a central location
thank you very much for the videos, so clear, so easy to understand. Hats off 🤩
Again, the best explained video I've seen on this. Your videos are excellent. I needed a refresh. I do have a couple of clarifying questions about this. 1) Dynamic NAT - what happens if all the public IP addresses are used up? Are internal hosts denied access to the internet then? 2) PAT - If an internal host sends an outgoing packet on port 80, but the gateway then translates that to port 8001, how does the web server on the internet know you are trying to communicate with it on port 80? Thanks, Sunny.
Here is what I think: 1) Yes, they must be denied access until an available public IP comes out; and if not using PAT. 2) The port 80 of the internal host is NATed. The web server doesn't care about that port but the one that comes by 8001 where it will reply the request. The router-gateway receives by 8001 and translates to 80 to the internal host. The web server will never know you tried by the port 80, and doesn't matter.
Give this man the nobel peace prize for teaching !
Simple and easy to understand... thank you
Great video! Thanks!
Thanks you for watching!
Great video. Now I know a little bit about SNAT, DNAT, PAT but have a question =). Which IP usually ISP gives us when we as I user want to get internet at home? I think we get DNAT.You said it is expensive, but what can we do the is no another way =D By the way, I guess in this video 3:48 under the picture Mais Server's IP should be 192.168.100.4 . Thanks for help.
that is correct! It is a typo and a big mistake. next time I would be more careful. Many thanks for pointing it out. I promise I won't make that stupid mistake :(.
about your question. I guess you are right when we use the Internet at home. DNAT is expensive, but those ISP companies are rich any way (robbing all our money blindly).
No worry, It's OK. All of us doing mistakes =)
You are very detail-oriented, which I should improve. I did look at this diagram no less than 10 times , but I still missed it this obvious error :(
@@sunnyclassroom24 I guess ISPs don't use DNAT because that implies multiple public IPs. They must use PAT, only giving one public IP. and the router NATs everything by ports.
Great work my friend..
Thanks for the visit
5:54 PAT
idk why the timeline put this together with DNAT
Johnson Donna Thompson William Martin Sharon
Please create more high-quality content in a paid channel !!!!
Watched this video at x1.25 speed. it's 1000 times better.
Very useful video, easy to understand and remember. Great job! Many thanks!
You are welcome!
Sunny man you always come up when I want to learn something new about networking. Easy, clear but high quality!
very great explainations about this 🤗🤗🤗
If I understand it uses the TCP port number for uniqueness, now suppose one host using all the available ports (2^16 ports), then how will NATs in the router will map other hosts for incoming traffic?
The truth is that your router typically uses more than just port number to track the socket/session. It uses the source IP, sort port, destination IP, destination port. This combination of 4 data points allows it to keep track of a lot more than 65536 sessions.
@@addanametocontinue The combination in raw is: 2^32 src ips * 2^16 src ports * 2^32 dst ips * 2^16 dst ports = 2^96. But normally it is only used 1 unique public IP so it is: 1 src ip * 2^16 src ports * 2^32 dst ips * 2^16 dst ports = 2^64. But also there are some reserved and private IP that are not used as dst ips; they are about 1/8 (en.wikipedia.org/wiki/Reserved_IP_addresses) of the possible 2^32 . About the dst ports, can be used them all (like for port forwarding to one's PC- server), but normally just a few are used, like 25, 80, 443, 5228. So they may not be 2^16, but let's leave them on these 4. We have 1 srcIP * 2^16 srcPorts * (7/8) 2^32 dstIPs * 4 dstPorts = (7/8)2^50 possible combinations-sessions. They are still a lot.
If one user is using a public IP address on its PC, then can use all those ~2^50 combinations. For a single outside-server like Facebook (with single public IP let's say), with same port 443 for example, well then yes it is 1 srcIP * 2^16 srcPorts * 1 dstIP * 1 dstport = 2^16 possible combinations-sessions; it is 65536 sessions, that, to be active, need constant activity, because if not, they expire so srcPorts can be reused. All this implies that they are still so that many so that PAT is possible. Let's say it is not a user's PC with public IP but the router with NAT-PAT -the most common form 6:04-; and that 100 devices are connected to it and all browsing Facebok (with 1 public IP address) in same port 443: They share the 65336 combinations the router can give by assigning srcPorts to them all (very improbable all 100 at same time browsing same web but who knows, though it is about 650 srcPorts for each evenly). The router will translate the internal hosts' IPs (with their ports) to all srcPorts as they are available. If, as @Mohan Gyara stated, only 1 device is exhausting the 65536 (surely only with a virus making source DoS) srcPorts, then surely no way the other 99 devices will be able to browse Facebook... but only Facebook, not all the web; without a virus it is almost imposible for 1 device or even 100 devices to exhaust the 65536 srcPorts to one single dstIP and dstPort, and single public srcIP. If the same device or other devices visit RUclips, then it is other IP and other possible combinations of 65536 srcPorts with that different dst IP and Port to be written in the router's NAT table.
Great video. It is very clear and detailed. Much easier to understand. Thank you Sunny.
You are welcome!
thank u master...
Thank you! Very good explanation.
Excellent content as always. Thanks Sunny!
Great explanation. Thanks a lot!
Your videos are amazing, thank you
Very clear, better than my expensive cissp textbook!
Thank you for watching!
Sunny, simple and excelent explication. Thanks
You are welcome!
There is a typo in the mail server ip. It shall be 192.168.100.4
Love youre videos. Thx for sharing
Simple and very well explained. I get back to Sunny anytime I need to review the basics of any topic. Thanks Sunny!
Best on the web explanation. thanks bud
Love you sunny. such helpful vidz
Whenever my Udemy instructors are being jive turkeys, I always look up Sunny's Classroom for a clear explanation. This guy is the best!
Excellent video!
Thank you very much!
Very informative, many thanks.
Another perfect video... Thanks Sunny
So does that mean PAT is essentially a socket????
You can think that way.
Really good video. If I understand well, what at my home I am doing in my router is only a simple port forwarding.
SNAT and DNAT are used at ISP level?
Or every home router is using ? and if yes,. .. can yuo explain me how?
That moment when you search on youtube and cross your fingers a video with Sunny shows up in the results feed- BINGO! oh Thank Jesus....press PLAY! 😂
Thank you for this interesting video. It enhances my understanding of NAT. I realized that this video was made quite some time and CGNAT is not yet widely used back then. With the advent of the use of CGNAT by most ISP, it basically deactivates the use of port forwarding in a private network. Do you have a way around this? I would love to see another video on this topic. Thank you!
Do we commonly use PATs or DNATs in our LAN networks?
It depends on the size of the organization and its service.
Isnt there any way of knowing which NAT we use through the ipconfig/all command or by typing any other command in the terminal?
@@FatimaHassan-fn1vk It is possible with some more advanced software, but we cannot see from our client-side command. Please let me know if you find it.
@@FatimaHassan-fn1vk
If you're in a company using a router, you can use the show run command to see all the configuratons made to this router including NAT, of course if you have access to this router.
If you're talking about your home private network (WLAN) using a wireless Access point, then you just go to AP's settings page to check the type of NAT you're ISP used for your network.
it's quite interesting how something really helpful and seemingly innoccous has prevented transition to IPV6.
Short and sharp. I learnt alot within a short time.
A question here please.
If I'm using DNAT to connect, should I forget about PNAT? Or can I use them both simultaneously?
You are SOOOO AMAZING 🔥🔥🔥🔥
Thank you for very clear explanation. It would be nice if you could explain how these NAT types are made in real world. I mean iptables.
Excellent presentation. It is very difficult to find a similar presentation which explained the differences between the 4 concepts as clearly and as easily.
Thank you Sunny, I have been watching many RUclips videos but they do not explained this in such a logical and simple way.
Everything is very clear now woooow great vidéo! Is it possible to do NAT by mapping all the adresses in a network to a public ip adress? In fact at the client side i do not know the ip adresses of his servers. i probably know he will not tell me.
I don't know about the thumbs down