- In this lesson, we're going to talk about private IP networks, and the need for network address translation when we go from a privately addressed network to a publicly addressed network. IP addresses have, IPv4 addresses, have two categories. The first one is private addressing. Private addressing is addresses that can be used within an organization. They work perfectly well. You can assign them to hosts. They can be routed between different networks. But when you need to go outside of your organization, across the publicly addressed Internet, you have to have a registered public IP address. Now, the people who designed IP reserved certain networks that you could use them within your enterprise, but they will not route across the Internet. Those addresses are 192.168, 172.16, and 10. Now, most of you who have a home network, if you look at what the IP addresses are that are assigned to your various devices, you will find that usually they are assigned to the 192.168 network. The reason being is that it uses a subnet mask of 24 bits, which only leaves eight bits for host addressing. Those eight bits only have 254 possible host addresses. So, they're used for smaller organizations and smaller networks. 172.16 now uses 16 bits as identifying the network portion. So you can have many more, and 10, it only uses eight bits for the network portion. So it's used primarily for very large enterprises. Now, if we have a network addressed with private addressing, as we do in our little organization here, we would have difficulty sending this traffic out to a server that is located on the Internet. The Internet will only route registered, public IP addresses. So, 192.168 does not fall into that category. So, a function was developed called network address translation. In network address translation, a private addressed host can actually send traffic across the Internet, and the manner in which it does this is that the router, and you can see here is our router that connects us to the Internet, and also to our two privately addressed networks, the router performs a function that keeps a table in which 192.168.2.1 is actually represented on the Internet with a publicly registered address, and we'll say that it's in the same network here. So, it's 200.100.58.50, and then if my host here decides also to communicate with a device out on the Internet, it would be added in the table, and assigned another registered address. So, to hosts out on the Internet, I am represented by this registered address. So when my packet goes out my network, so it leaves me, when it comes up here, the source address is my privately assigned address, 192.168.1.15, and the destination address in my packet would be the 210.100.5.5 address of the destination server. When it comes up here, the router looks at its network address translation table, and sees that I will be represented on the Internet by this address. So, it changes the packet, my little packet here. When it leaves the packet then looks like the source address of 200.100.58.51, and the destination address of 210.100.5.5. So when the packet actually reaches the server, the server will send its response back to my registered address that was assigned to me here. So it'll address its packet with the source 210.100.5.5, and the destination address of my registered address, 200.100.58.51. This packet will make its way back to my router, and my router will see 200.100.58.51, and it will say who has that address assigned to it? And it will look in its table, and it will see that that address is assigned to me. So it will change the packet back to show my local address as being the destination and then it will forward it back out to me. So I will happily get the packet from the server, and be able to display the webpage.