1
00:00:00,910 --> 00:00:08,200
So exit out of the Telnet session from rather three four rather one two, rather three and we can see

2
00:00:08,200 --> 00:00:10,270
some net translations taking place.

3
00:00:10,720 --> 00:00:12,640
Show IP net translation.

4
00:00:12,850 --> 00:00:18,040
We can see our two net translations in the table, which will time out after a period of time.

5
00:00:19,820 --> 00:00:20,700
Wrote a four.

6
00:00:20,720 --> 00:00:24,260
I'll also exit out of the Telnet session.

7
00:00:26,140 --> 00:00:30,310
Currently we've got those two natural translation entries.

8
00:00:31,160 --> 00:00:34,150
Let's do a Y shock capture.

9
00:00:34,160 --> 00:00:36,470
So I'm going to capture on the outside interface.

10
00:00:37,130 --> 00:00:41,570
And in this case, let's look at what's arriving at router three.

11
00:00:41,660 --> 00:00:43,520
So what's arriving on that port?

12
00:00:46,770 --> 00:00:48,990
I'm going to filter this for Telnet.

13
00:00:49,950 --> 00:00:54,840
And on writer one I'll telnet to router three.

14
00:00:56,570 --> 00:00:58,700
We can see the Telnet data.

15
00:00:59,350 --> 00:01:00,190
So.

16
00:01:02,140 --> 00:01:07,510
Some Telnet negotiation taking place and we being prompted for our password.

17
00:01:07,510 --> 00:01:10,870
So we see this in the Wireshark capture.

18
00:01:12,830 --> 00:01:16,430
What I'll do is enter a password of Cisco and log in.

19
00:01:17,640 --> 00:01:18,690
And here you can see.

20
00:01:18,690 --> 00:01:19,140
See?

21
00:01:19,140 --> 00:01:20,400
I see.

22
00:01:20,400 --> 00:01:23,640
Oh, there's the Cisco login password.

23
00:01:24,090 --> 00:01:32,020
But what's important to notice is the traffic is coming from a source of 8 to 1 one one going to 8112.

24
00:01:32,040 --> 00:01:38,880
So it looks like or appears like the traffic is coming from this host going to this host, whereas in

25
00:01:38,880 --> 00:01:41,940
actual fact, the traffic is coming from our one.

26
00:01:42,920 --> 00:01:50,240
But in the wide shot capture, we can see that all the communication is between 8112 and 8111.

27
00:01:50,390 --> 00:01:56,240
So in this example, a root of three prompt is being sent from router three to router one.

28
00:01:56,750 --> 00:01:58,400
Let's stop that capture.

29
00:01:59,690 --> 00:02:01,880
And have a look at it on this side.

30
00:02:03,470 --> 00:02:05,360
So I'll have a look at it on the switch.

31
00:02:06,160 --> 00:02:08,770
So on this part of the network here.

32
00:02:11,920 --> 00:02:17,920
I'll do a photo for Telnet once again and I'll exit out of the Telnet session.

33
00:02:18,760 --> 00:02:21,670
Notice this was still part of the same Telnet session.

34
00:02:21,700 --> 00:02:27,100
But notice now the address is from ten 11128112.

35
00:02:28,330 --> 00:02:29,410
His E.

36
00:02:30,380 --> 00:02:31,020
X.

37
00:02:31,190 --> 00:02:31,820
I.

38
00:02:31,850 --> 00:02:32,510
T.

39
00:02:33,720 --> 00:02:34,350
Exit.

40
00:02:36,490 --> 00:02:38,830
And then we have this session closed.

41
00:02:39,830 --> 00:02:47,930
So in this example, the traffic is from this IP address as the source to this IP address is the destination.

42
00:02:48,170 --> 00:02:52,050
But when it's on this interface, it's changed to 8111.

43
00:02:52,220 --> 00:02:55,130
So that's an example of Pat in real time.

44
00:02:55,430 --> 00:02:58,760
Let's do it with two devices.

45
00:03:02,430 --> 00:03:08,040
I'll do the caption now on this side, but have two talented sessions going at the same time.

46
00:03:10,770 --> 00:03:12,090
So Telnet.

47
00:03:14,270 --> 00:03:17,090
Rather one telnet to router three.

48
00:03:17,890 --> 00:03:20,770
And rather for telnet to router three.

49
00:03:22,520 --> 00:03:28,700
Notice on all the output you only see 8111 communicating with 8112.

50
00:03:29,000 --> 00:03:30,260
You don't see.

51
00:03:31,610 --> 00:03:37,250
That the communication is actually from writer one and of four and all the output.

52
00:03:37,250 --> 00:03:40,940
It looks like it's the same two devices communicating with each other.

53
00:03:43,200 --> 00:03:47,490
Whereas in actual fact, there are multiple devices communicating here.

54
00:03:49,100 --> 00:03:52,910
And not just a single source device talking to a single destination device.

55
00:03:53,240 --> 00:03:55,820
Now you can see that by looking at the port numbers.

56
00:03:55,820 --> 00:03:59,900
So for this session, the port number is 19207.

57
00:04:01,040 --> 00:04:02,780
So that's part of the same session.

58
00:04:03,290 --> 00:04:04,940
19207.

59
00:04:05,600 --> 00:04:08,030
But notice here, it's a different session.

60
00:04:08,030 --> 00:04:12,770
Number 3245732457.

61
00:04:13,800 --> 00:04:23,040
If we look at the net translations show IP net translation, we can see the actual port numbers used

62
00:04:23,040 --> 00:04:25,830
by the devices in the sessions.

63
00:04:26,960 --> 00:04:29,360
So three, two, four, five, seven.

64
00:04:29,600 --> 00:04:32,300
Scrolling down 19 to oh seven.

65
00:04:32,870 --> 00:04:38,900
So there's the first device, ten 111 and yes, the second 110 114.

66
00:04:40,470 --> 00:04:45,600
That's once again how the right is able to differentiate between the devices.

67
00:04:46,530 --> 00:04:49,520
Let's have a look at verbose output in the show.

68
00:04:49,530 --> 00:04:52,080
IP net translations verbose output.

69
00:04:52,410 --> 00:04:54,320
We can see when it was created.

70
00:04:54,330 --> 00:04:59,130
So this one was created 2 minutes and 38 seconds ago, this one, 2 minutes and 34 seconds ago.

71
00:04:59,400 --> 00:05:03,990
You can see the use and the timeout and what's left on these entries.

72
00:05:05,130 --> 00:05:14,010
What's important to remember for dynamic net translations such as this is that multiple internal IP

73
00:05:14,010 --> 00:05:17,580
addresses are being mated to a single external IP address.

74
00:05:17,760 --> 00:05:19,380
You mustn't forget.

75
00:05:21,070 --> 00:05:24,430
To include the overload keyword.

76
00:05:24,460 --> 00:05:29,380
If you forget that keyword, only one device will be able to access the internet.

77
00:05:29,830 --> 00:05:38,260
Overloading enables pat or port address translation, which allows multiple internal devices to share

78
00:05:38,260 --> 00:05:45,700
the same global IP address and the router that's doing the net or in this case, port address translation

79
00:05:45,700 --> 00:05:50,200
or Pat can differentiate between the sessions based on the port numbers.