1
00:00:02,347 --> 00:00:08,829
[music]

2
00:00:08,830 --> 00:00:11,297
Okay, so as the Internet Assigned

3
00:00:11,298 --> 00:00:12,761
Numbers Authority got

4
00:00:12,762 --> 00:00:14,013
involved here,

5
00:00:14,014 --> 00:00:15,942
and they started organizing and

6
00:00:15,943 --> 00:00:18,277
controlling these IP networks and

7
00:00:18,278 --> 00:00:19,290
IP addresses,

8
00:00:19,291 --> 00:00:20,918
and dividing them into classes

9
00:00:20,919 --> 00:00:23,486
like A, B, and C - and then D and

10
00:00:23,487 --> 00:00:24,406
E but we're not really going to

11
00:00:24,407 --> 00:00:27,127
focus on D and E addresses -

12
00:00:27,128 --> 00:00:29,083
they said, Well, here's what

13
00:00:29,083 --> 00:00:30,059
we're going to do.

14
00:00:30,060 --> 00:00:32,315
The majority of these

15
00:00:32,316 --> 00:00:33,270
IP networks,

16
00:00:33,271 --> 00:00:35,261
like the 146 network or the

17
00:00:35,262 --> 00:00:36,555
99 network,

18
00:00:36,556 --> 00:00:37,823
we will make those as what we

19
00:00:37,824 --> 00:00:40,248
call public networks which is a

20
00:00:40,249 --> 00:00:41,284
network that somebody can

21
00:00:41,285 --> 00:00:43,189
rent or lease,

22
00:00:43,190 --> 00:00:44,326
and then that network will be

23
00:00:44,327 --> 00:00:45,693
unique just to

24
00:00:45,694 --> 00:00:47,083
their organization.

25
00:00:47,084 --> 00:00:48,348
And then all the service

26
00:00:48,349 --> 00:00:49,264
providers throughout the entire

27
00:00:49,265 --> 00:00:51,049
world will know that that network

28
00:00:51,050 --> 00:00:53,777
sits over here in this company -

29
00:00:53,778 --> 00:00:56,451
it's owned by that company

30
00:00:56,452 --> 00:00:56,980
So that's called a

31
00:00:56,980 --> 00:00:58,634
public IP address.

32
00:00:58,635 --> 00:00:59,829
It's something that's leased

33
00:00:59,830 --> 00:01:00,938
to a corporation.

34
00:01:01,295 --> 00:01:02,382
Well then the Internet Assigned

35
00:01:02,383 --> 00:01:04,733
Numbers Authority set aside a few

36
00:01:04,734 --> 00:01:07,851
networks as private or

37
00:01:07,852 --> 00:01:09,810
unregistered networks.

38
00:01:09,811 --> 00:01:11,307
These are networks that

39
00:01:11,308 --> 00:01:13,425
nobody controls.

40
00:01:13,426 --> 00:01:15,749
Networks that anybody can use,

41
00:01:15,750 --> 00:01:17,610
but you could only use them

42
00:01:17,611 --> 00:01:20,594
within your company.

43
00:01:20,594 --> 00:01:21,149
In other words,

44
00:01:21,150 --> 00:01:23,016
it's a networks that's not

45
00:01:23,017 --> 00:01:25,112
allowed to send packets into or

46
00:01:25,113 --> 00:01:27,486
receive packets from the global

47
00:01:27,487 --> 00:01:31,160
public internet because if I sent

48
00:01:31,161 --> 00:01:32,496
a packet into the internet going

49
00:01:32,497 --> 00:01:34,653
to a private destination,

50
00:01:34,654 --> 00:01:35,874
there's no way that service

51
00:01:35,874 --> 00:01:37,726
providers and routers within the

52
00:01:37,727 --> 00:01:40,133
internet would know how to get

53
00:01:40,134 --> 00:01:41,751
that packet to where it needs to

54
00:01:41,752 --> 00:01:43,838
go because that private address

55
00:01:43,839 --> 00:01:46,536
could be used by thousands or

56
00:01:46,537 --> 00:01:48,238
tens of thousands of companies

57
00:01:48,239 --> 00:01:51,493
all using the exact same address.

58
00:01:51,494 --> 00:01:52,572
So private addresses are just

59
00:01:52,572 --> 00:01:54,702
used within your company.

60
00:01:54,703 --> 00:01:56,008
For example,

61
00:01:56,008 --> 00:01:59,078
let's say that I had within my

62
00:01:59,079 --> 00:02:01,388
enterprise a section of my

63
00:02:01,388 --> 00:02:02,808
network over here that had a

64
00:02:02,809 --> 00:02:03,842
whole bunch of private file

65
00:02:03,843 --> 00:02:05,403
servers on it.

66
00:02:05,404 --> 00:02:07,893
So I want all the employees

67
00:02:07,894 --> 00:02:09,677
within my network - within my

68
00:02:09,678 --> 00:02:12,159
company - to reach this private

69
00:02:12,160 --> 00:02:13,511
broadcast domain over here with

70
00:02:13,512 --> 00:02:15,213
these private file servers.

71
00:02:15,213 --> 00:02:17,264
But I never will ever need anyone

72
00:02:17,265 --> 00:02:19,541
from the outside world to get to

73
00:02:19,542 --> 00:02:20,493
those servers.

74
00:02:20,494 --> 00:02:21,927
They're only private for my own

75
00:02:21,928 --> 00:02:23,415
internal use.

76
00:02:23,416 --> 00:02:25,173
Well the broadcast domain -

77
00:02:25,174 --> 00:02:25,981
the VLAN,

78
00:02:25,982 --> 00:02:27,594
the Ethernet segment where those

79
00:02:27,595 --> 00:02:29,295
file servers live - I could

80
00:02:29,296 --> 00:02:30,834
address that with a private

81
00:02:30,835 --> 00:02:32,346
network number,

82
00:02:32,347 --> 00:02:34,355
and as long as the routers within

83
00:02:34,356 --> 00:02:36,586
my company know how to reach it

84
00:02:36,586 --> 00:02:38,114
my own internal employees could

85
00:02:38,115 --> 00:02:40,222
get to those servers but the rest

86
00:02:40,223 --> 00:02:42,192
of the world it's invisible

87
00:02:42,193 --> 00:02:42,796
to them.

88
00:02:42,797 --> 00:02:43,973
That private network is not

89
00:02:43,974 --> 00:02:45,588
advertised out to the rest

90
00:02:45,589 --> 00:02:46,883
of the world.

91
00:02:50,115 --> 00:02:51,773
So if you're ever curious you can

92
00:02:51,774 --> 00:02:54,058
Google RFC 1918,

93
00:02:54,059 --> 00:02:55,804
that gives more gory detail about

94
00:02:55,805 --> 00:02:56,936
these private networks.

95
00:02:58,190 --> 00:02:58,927
And these are the range

96
00:02:58,928 --> 00:03:00,115
of addresses,

97
00:03:00,116 --> 00:03:01,663
and for Cisco's certification,

98
00:03:01,664 --> 00:03:02,826
this is definitely something

99
00:03:02,827 --> 00:03:03,517
you're going to want to

100
00:03:03,517 --> 00:03:04,509
have memorized.

101
00:03:04,510 --> 00:03:06,315
So each of our classes,

102
00:03:06,316 --> 00:03:07,931
Class A, B, and C,

103
00:03:07,932 --> 00:03:09,354
some of the address space was

104
00:03:09,355 --> 00:03:10,733
reserved for these

105
00:03:10,734 --> 00:03:11,475
private networks.

106
00:03:11,476 --> 00:03:12,247
You can see here the

107
00:03:12,248 --> 00:03:13,348
Class A space,

108
00:03:13,348 --> 00:03:14,312
anything beginning with the

109
00:03:14,313 --> 00:03:17,094
number 10 is a private network.

110
00:03:17,094 --> 00:03:17,820
In Class B,

111
00:03:17,821 --> 00:03:21,109
anything beginning with 172.16

112
00:03:21,109 --> 00:03:23,137
through 172.31.

113
00:03:23,138 --> 00:03:23,980
Remember, like we saw

114
00:03:23,981 --> 00:03:24,733
with the whiteboard,

115
00:03:24,734 --> 00:03:27,782
with that number 172 in Class B,

116
00:03:27,783 --> 00:03:30,714
there are 256 networks available

117
00:03:30,715 --> 00:03:32,932
that start with 172.

118
00:03:32,933 --> 00:03:36,902
There's 172.0 up to 172.255.

119
00:03:36,903 --> 00:03:37,790
And we see that a handful of them

120
00:03:37,791 --> 00:03:39,675
here in the middle .16 through

121
00:03:39,676 --> 00:03:41,807
.31 were reserved for

122
00:03:41,808 --> 00:03:42,977
private usage.

123
00:03:42,978 --> 00:03:44,290
And then the Class C space,

124
00:03:45,184 --> 00:03:49,347
192.168.anything is reserved for

125
00:03:49,348 --> 00:03:50,715
private usage.

126
00:03:54,101 --> 00:03:54,963
Now, it's kind of interesting

127
00:03:54,964 --> 00:03:56,896
here if I show you a - actually

128
00:03:56,897 --> 00:04:00,876
not this - if I show you my DOS

129
00:04:00,877 --> 00:04:02,436
prompt for a moment,

130
00:04:06,507 --> 00:04:07,963
and I look at what IP address I

131
00:04:07,964 --> 00:04:09,359
have right now,

132
00:04:11,327 --> 00:04:14,243
you'll see I've got nothing but

133
00:04:14,244 --> 00:04:15,376
private networks on here.

134
00:04:15,377 --> 00:04:18,387
192, that's private,

135
00:04:18,388 --> 00:04:21,804
and if I look at my WIFI adapter

136
00:04:21,805 --> 00:04:23,060
that's 10,

137
00:04:23,061 --> 00:04:25,137
that's private.

138
00:04:25,138 --> 00:04:26,010
So you might be wondering,

139
00:04:26,011 --> 00:04:26,684
Well, wait a second.

140
00:04:26,685 --> 00:04:29,271
How can my laptop reach the

141
00:04:29,272 --> 00:04:31,163
outside world at all if the only

142
00:04:31,164 --> 00:04:33,916
IP addresses it has are private

143
00:04:33,917 --> 00:04:35,705
IP addresses?

144
00:04:35,706 --> 00:04:36,519
Well, the reason it can reach

145
00:04:36,520 --> 00:04:38,052
the outside world is typically

146
00:04:38,053 --> 00:04:39,735
in a network that utilizes

147
00:04:39,736 --> 00:04:42,086
private addresses.

148
00:04:42,087 --> 00:04:44,670
You'll have at least one device -

149
00:04:44,671 --> 00:04:47,052
typically a router - that has a

150
00:04:47,053 --> 00:04:48,729
public IP address on it.

151
00:04:48,730 --> 00:04:50,390
It has a network on it that was

152
00:04:50,391 --> 00:04:51,386
bought and paid for that

153
00:04:51,387 --> 00:04:52,417
was leased,

154
00:04:52,418 --> 00:04:53,617
and that router is actually

155
00:04:53,618 --> 00:04:55,386
doing translation.

156
00:04:55,387 --> 00:04:56,815
This is called network address

157
00:04:56,816 --> 00:04:59,713
translation where my laptop sends

158
00:04:59,714 --> 00:05:01,324
a packet to the Internet,

159
00:05:01,325 --> 00:05:04,418
like CNN.com or Google.com

160
00:05:04,419 --> 00:05:05,829
or whatever,

161
00:05:05,830 --> 00:05:07,100
when that packet reaches my

162
00:05:07,100 --> 00:05:09,621
router here within my company the

163
00:05:09,621 --> 00:05:11,216
source address of that packet is

164
00:05:11,217 --> 00:05:13,004
my private address - in this case

165
00:05:13,005 --> 00:05:16,567
10.something, 10.7.1.61.

166
00:05:17,729 --> 00:05:18,641
Well, when it reaches the router

167
00:05:18,642 --> 00:05:19,810
the router says,

168
00:05:19,811 --> 00:05:22,046
Okay, clearly I cannot forward

169
00:05:22,047 --> 00:05:23,348
that packet into the Internet as

170
00:05:23,349 --> 00:05:25,341
it stands because it's got a

171
00:05:25,342 --> 00:05:27,507
private source address, so the

172
00:05:27,508 --> 00:05:29,469
router actually strips off that

173
00:05:29,470 --> 00:05:32,085
source address and replaces it

174
00:05:32,085 --> 00:05:33,717
with a public IP address.

175
00:05:33,718 --> 00:05:35,532
So when it leaves the router it

176
00:05:35,533 --> 00:05:36,956
looks like it came from a

177
00:05:36,957 --> 00:05:38,727
public network,

178
00:05:38,728 --> 00:05:39,527
and that's called network

179
00:05:39,528 --> 00:05:40,578
address translation.

180
00:05:40,579 --> 00:05:41,822
That is a feature that you do

181
00:05:41,823 --> 00:05:44,091
need to know for the CCNA.

182
00:05:46,006 --> 00:05:47,415
And public addresses are pretty

183
00:05:47,416 --> 00:05:48,902
much everything else.

184
00:05:48,903 --> 00:05:50,795
So in the Class A, B, and C space

185
00:05:50,796 --> 00:05:51,955
- anything that wasn't private

186
00:05:51,956 --> 00:05:54,148
that we just saw - falls into the

187
00:05:54,149 --> 00:05:55,882
public space.

188
00:05:55,882 --> 00:05:59,372
Not entirely true.

189
00:05:59,373 --> 00:06:01,981
We know that the 127 network

190
00:06:01,982 --> 00:06:03,791
that's not public or private.

191
00:06:03,792 --> 00:06:05,738
The 127 we said that was reserved

192
00:06:05,739 --> 00:06:07,224
for loopback testing.

193
00:06:07,225 --> 00:06:08,457
There's a handful of other

194
00:06:08,458 --> 00:06:09,779
networks as well that sort of

195
00:06:09,780 --> 00:06:10,804
have special meanings.

196
00:06:10,805 --> 00:06:11,354
For example,

197
00:06:11,355 --> 00:06:13,238
if I go back to my DOS prompt

198
00:06:13,239 --> 00:06:18,444
right here for a second-- look at

199
00:06:20,048 --> 00:06:22,057
my Ethernet adapter.

200
00:06:22,058 --> 00:06:23,228
My Ethernet adapter has a network

201
00:06:23,229 --> 00:06:26,363
beginning with 169.

202
00:06:26,364 --> 00:06:27,182
Now you might look at that

203
00:06:27,182 --> 00:06:27,563
and say,

204
00:06:27,564 --> 00:06:28,535
Okay, well we just learned that

205
00:06:28,536 --> 00:06:31,794
in binary the number 169 begins

206
00:06:31,795 --> 00:06:33,515
with 10.

207
00:06:33,516 --> 00:06:35,313
The 128 bit is on,

208
00:06:35,314 --> 00:06:37,542
the 64-bit is off.

209
00:06:37,543 --> 00:06:39,904
So that is a Class B network.

210
00:06:39,905 --> 00:06:41,041
Well that is true.

211
00:06:41,042 --> 00:06:43,034
It falls in the Class B space,

212
00:06:43,035 --> 00:06:44,999
but that is neither a private nor

213
00:06:45,000 --> 00:06:46,528
a public network.

214
00:06:46,529 --> 00:06:48,768
That is a special network that's

215
00:06:48,769 --> 00:06:50,580
called an automatically

216
00:06:50,581 --> 00:06:53,489
provisioned IP address.

217
00:06:53,489 --> 00:06:55,521
Basically on systems that utilize

218
00:06:55,522 --> 00:06:57,993
DHCP, the Dynamic Host

219
00:06:57,994 --> 00:06:59,347
Configuration Protocol,

220
00:06:59,348 --> 00:07:00,517
if a system like pretty much

221
00:07:00,518 --> 00:07:01,258
everything these days:

222
00:07:01,259 --> 00:07:03,152
laptops, PCs,

223
00:07:03,153 --> 00:07:05,149
tablets, smartphones,

224
00:07:05,150 --> 00:07:07,788
if something utilizes DHCP to

225
00:07:07,789 --> 00:07:11,266
dynamically discover what IP

226
00:07:11,267 --> 00:07:13,177
address it should use,

227
00:07:13,177 --> 00:07:15,389
sometimes DHCP fails.

228
00:07:15,390 --> 00:07:16,511
Sometimes, for example,

229
00:07:16,512 --> 00:07:18,675
like in this case my laptop says,

230
00:07:18,676 --> 00:07:20,123
okay, I'm connected to a cable,

231
00:07:20,124 --> 00:07:20,734
which it is,

232
00:07:20,735 --> 00:07:22,129
my laptop has an Ethernet cable

233
00:07:22,130 --> 00:07:23,079
plugged in.

234
00:07:23,080 --> 00:07:25,016
And it attempted to dynamically

235
00:07:25,017 --> 00:07:27,578
discover its IPv4 network via

236
00:07:27,579 --> 00:07:29,914
DHCP and it failed.

237
00:07:29,914 --> 00:07:31,811
And when DHCP fails,

238
00:07:31,812 --> 00:07:33,237
it automatically provisioned

239
00:07:33,238 --> 00:07:35,176
itself with this,

240
00:07:35,177 --> 00:07:39,223
169.254.something.

241
00:07:39,224 --> 00:07:40,669
So usually when you see this,

242
00:07:40,669 --> 00:07:42,254
anything beginning with 169,

243
00:07:42,255 --> 00:07:43,787
that's actually bad.

244
00:07:43,788 --> 00:07:45,108
You don't want to see that.

245
00:07:45,109 --> 00:07:48,053
That means that DHCP failed and

246
00:07:48,054 --> 00:07:49,559
you are not able to get yourself

247
00:07:49,560 --> 00:07:53,607
a real usable IP address,

248
00:07:53,608 --> 00:07:54,918
but it had to put something in

249
00:07:54,918 --> 00:07:57,204
this 32-bit number field,

250
00:07:57,204 --> 00:07:58,612
so it shows this special reserved

251
00:07:58,613 --> 00:08:01,311
number of 169.254,

252
00:08:01,312 --> 00:08:02,400
which is called an automatically

253
00:08:02,401 --> 00:08:05,366
provisioned IP address.

254
00:08:05,367 --> 00:08:06,520
Not usually a good thing.

255
00:08:06,521 --> 00:08:07,030
You don't really want to

256
00:08:07,031 --> 00:08:07,716
see that.

257
00:08:07,717 --> 00:08:12,993
[music]