Network Address Translation - NAT secrets they didn't teach you
Vložit
- čas přidán 2. 06. 2024
- Network Address Translation (NAT) is something we use every day. Many people think they know how it works, but they don't. This time Druvis looks under the hood and all becomes clear - NAT explained!
0:00 Intro
0:18 NAT origins
1:26 The missing piece
3:43 Masquerade under the hood
5:57 Endpoint Independent Mapping
6:30 Secret Masquerade
7:06 Grand Summary
8:50 Outro - Věda a technologie
Still missing ipv6 videos.
Great Video, but reduce the volume of music. Please.
Yes, broadcast sound engineer here! Please re-mix to drop the background music by 10dB or so. Other than that I just learnt some extra stuff about NAT, thank you MT!
😂😂
And 9:20 🎉
Great video! I like it that you explain not only the basic things, but also more in depth stuff. That way the video is interesting for both beginners and more advanced users. Good visuals too!
Another great video Druvis, explaining the bits that others miss.
Nice work again Mikrotik - really enjoy your products.
Hi MikroTik Guys. We need more videos like this. Thanks .
Thank you again, those series of videos are just great.
I don't know if there is anything interesting and/or complicated in bridging adapters together, but if there is, would be interesting to watch it!
Thanks for such great video!
since MT is a routing/router company ... more videos on BGP. basics, case studies, best practices, v7 limitations and BGP in-depth with routerOS!
BGP needs to get more love at mikrotik again.
also MPLS/VPLS case studies or tutorials would be great in context of ROSv7 configurations
I have a /24 of public IP it was breeze to set up on VULTR with ROS6 but 7 has been a no go I absolutely cannot get it to announce. So I would very much love to see some more examples of BGP in version seven.
@@chadtaylor1148 not examples alone ... improvements and features which are there in v6 !!!
Currently version 7 is behaving like other manufacturers. You must have your prefix in the FIB so that it can be announced. In fact, not only that, but you need to create an addres-list with it and also send it in the out (export) filter.
You guys are great, and your devices too. I'd never heard of you before, until I got my ATL LTE router. Amazing. I'd love to know more about customising the router's firewall.
Great video, certainly learnt something!
Great video, concise and clear. Great follow up would be to explain how Zerotier can help if one (or both) networks is/are behind CG NAT.
uPNP part is missing in the summary as one of the options for how to make port forwarding.
for the next video, I would show ipv6 with examples - we don't need nat but at the same time how don't open any home device into the internet, etc.
another topic - wifi k/v/r - what every letter means and demos with facetime/voip calls during transitions between APs
Not planning to do IPv6 videos at the time, but more wifi videos can be expected.
@@mikrotik btw, any news about 160mhz and wifi 6e devices? And more 2.5gb/s ports, please!
Great video. Also loved the VLAN series. If you guys could go deeper with the VLAN videos presenting specific scenarios to increase security in home LANs leveraging VLANS and multiple Wi-Fi networks or other similar scenarios that would be great!
Keep up the great work.
Noted
Good video. Will be great to see video about DS-lite and IPv6
A video going into detail for LTE, cell locking, and carrier aggregation.
In a water bottling facility in Mount Athos, I am facing issues with my mobile operator.
The cell tower that is located above Daphne is around 300m from the 4g router, and has power saving features enabled on high frequency bands, causing the router to drop connection to the cell tower.
The router then establishes connection at cell towers located in Ierisos that is located around 36 ΚΜ, or at Sarti that is around 25km away, and located on the left of the dish. I am using a RBLHGR&R11e-LTE and waiting for a LHG LTE18 kit to arrive soon.
Great video, make another one explaining load balancing techniques.
amazing content, thanks for your effort!
Glad you enjoy it!
Thanks for the great video. Would love to see a video on WiFi configuration best practices, especially Radio wave frequency best practices on Mikrotik devices. Wifi wave2 does not do great out the box without some configuration and trial and error first. 😊
Дуже дякую за такі гарні відео 😉😊
I would like to see more info about how Endpoint Independent NAT can help in a carrier grade NAT situation for ISP's that want to help open things up for customers so things aren't double NAT'ed. Setup and the benefits being highlighted would be helpful!
amazing video and very informative :D
Nice Music, this is a next level of video's :).
I remember when in past, we use a Public IP on all internal PC. Police in Poland use Dual PC (one PC with Internet, second PC internal network). Those time was awesome, so big wow effect was in every category in IT.
Thanks for the cool story from the old times. We will try to make more good videos :)
Solid intro on how NAT work, perhaps you can expand on NAT forwarding rules in RouterOS since you touched on the port knocking topic :)
For sure, more videos on NAT are coming.
Excellent video! Paldies!
Thank you sir I really enjoyed the video,I hope you made a videos for network topology examples 😊
Saved me rereads. Do not forget to remind us who are just users why it is important to read Mikrotik block diagrams.
thank you for clear explanation 🙏
Hey Mikrotik, will we get an Apple Silicion native winbox app?
Eventually ;)
Hi Team, The Video was amazing and very helpful for us. Can you make a video explaining CG NAT in MikroTik?
For sure, probably after the holidays.
@@mikrotik Thank You 🙏🏻
Thank you for this video topic :)
great video thank you so much for explain
This video is so magnificent, I hope it can be translate to various languages.
Thank you for that informative video. What about ipv6 fundamentials and subnetting?
I really enjoy the deeper videos where they deep dive into a topic, explain things, programming examples etc. Dont get me wrong I don't want the fun ones to go away but I would love a weekly series where we could expect to see a technical video every Tuesday or something like that.
Network trip was doing some great vidoe on firewall though too
a clarification on NAT action=same and the option not-by-dst also, will be nice thank you, good video
I'd like to see more videos about routing tables, routing rules, and firewall mangle marking. Thanks
The music is disturbing and confusing: some people here has to concentrare to understand what you say.
The video is very well done, interesting and informative. Thanks
Port address translation. The last two is what I don't know about ( harping & carrier ) . Druvis is back !! Being a while .
Cool video. Maybe you could add the OSI model layer's namely the transport layer.. but it could get confusing 😅
Good video.
Can you do a video on MSTP where vlans or redundant links between devices occur.
Video idea - CAKE and queue trees. There is also lack of documentation from your side on Cake, so I guess video would do it. Personally I expect you to show off how to setup up CAKE with proper parameters and set up queue tree, all for home/homelab users. I would like to see general recommendations on what kind of queues you might recommend, how to prioritize primary network and give "leftover" traffic to guest network or seedbox. Also - great video!
Another idea - how to properly set up hairpin NAT. It's one of those tricky areas to set up correctly and no "right" answer in forums too. :)
We have a video about that czcams.com/video/1I5FywY6opQ/video.htmlsi=YvZBr2ygOkkPilp0
Thank you for the video! Tell us how SNAT works for protocols other than TCP and UDP, for example ICMP, GRE, IPIP, etc. How does a router keep track of connections when several hosts on the local network behind a NAT send ICMP requests to the same host on the Internet? How does he understand which host on the local network to return the ICMP reply to?
Valid questions, there will be something short on ICMP and NAT.
Great video!!
Good Video.. Kepp it up Guys!
Hello,
Very interesting video but could you please make other videos that delve deeper into the types of nat he showed?
Thank you
Absolutely! There will be demonstrations in RouterOS.
Thank you@@mikrotik
RouterOS Firewall Mangle is fantastic. Please create new videos about different usages of Mangles and firewall rules like blocking Ads, doubling internet speed by using two ISPs, or even connecting to a website using a specific VPN interface.
I also need to know how to monitor and debug the routing rules, connections, interfaces, and packets.
Thank you for the great videos.
grate work , if you lower or remove the music during the talking it will make it easy to concentrate and follow up the topic .
Great video. Would be good to add how to set this up on RouterOs. Thanks.
Will do!
Great video. It would be be to explain a common misconception to those new to routing and that confusing source NAT with static NAT and destination NAT dynamic NAT.
Ok, we will do more RouterOS specific NAT videos!
It would be great to hear something about (diff/incr) config backup of bunch of mikrotiks. With products like rancid + git.
Thank you!
can you create an details like that on how port forwarding works i want like that with visualization
Thank you for the greate work
An idea for a video - IPv6 and how to configure it
Hello i have a issue i have a server on my house port xxxx but when i turn of the server i pop up the router UI.... how do i prevent that happening
For a next topic, please, consider talking about cross-vlan mDNS.
make another video and show how to configure those nats explained here on mikrotik routers.
There will be videos on all of them. We have already covered port-forwarding and Hairpin NAT in the past, however.
HEY! When will routers have harpin nat activated by default and a DDNS integrated client for no-ip or other providers? Thanks
Only a small percentage of customers will use Hairpin NAT, so there is no need to do the extra configuration for everyone. DDNS is integrated and available for everyone, just enable it in the IP Cloud section.
Always loved mikrotik but never had one, really looking at a rb5009 , a device that i already recomended to a friend who bought it and is extremely happy with it.
One great video ideea would be a entry 10gb home network for home labs, mikrotik(switch, router) equipment only.
While I love openwrt, i cant help but wishing the quality of mikrotik hardware for my network .
Regards
I am small hotel owner and I would love to see a video that will explain how hotspot and usermanager work on RouterOS 7
chateau 5G ax update 7.13 后,找不到wlan1 wlan2 怎么解决?
Why i cant port forward with BITE mobile network? Mikrotik LTE device shows private address, so maybe they are using NAT and blocking port 80?
Mobile operators usually use CG NAT and other techniques, so for port-forwarding to work they would have to configure it at their end.
Rihards, did you buy from BITE static public IP address?
Great content. Terrible background 'music' made it difficult to concentrate on the words though.
hello miktorik, how to nat dstnat range port to range ip on mikrotik router ?
We will cover dstnat in more detail :)
Dear Dru, please create some video about iot mqtt with SSL and safe configuration (now: mqtt credentials in config are in plain text, reading this config, an intruder can break our mqtt broker, please see that certificates and keys are no stored in config, I mean "/export teres" does not show critical information). Thanks for previous video - those helps me buy many mikrotik hardwares 😊
Like with other sensitive data on your router - the key is to use strong user passwords and not hand them out to anyone you don't trust.
Please talk about IPv6.
IPv6 security topics please
Nice
ну на вас давно подписан, по этому нашел)
More info about CGnat please
Sure, after the holidays.
Спасибо. Если добавите русские субтитры будет вообще фантастически❤. Mikrotik 👍🤟
Хотя если смотреть через Яндекс браузер с переводом нейросети на РУССКИЙ то воОбще Агонь. 😀
I have an idea for a video series: Let's create our own ISP with MikroTik, including CGNAT, PPPoE, and so on.
Depends on the region in the world. PPPoE is not used around here. I guess common ISP setups in Latvia would not be possible in your region.
@@mikrotik In Germany you usually login to your isp with pppoe
It's very sad, I'm sorry
@@mikrotik How does it work in Latvia?
How to use Mikrotik NAT or another. Trick. To avoid starlink detect internet sharing and stop throttle and tarping connection - bandwidth
When 5G sim router launching in india..?
Muito bom
make bgp video settings on v7 mikrotik
In the plans already :)
pls fix a problem ipv6 dhcp bad server duid 6660, ignore it
SUP-137795
Make a proper video about CGNAT if possible.
Will do!
The background music is way to loud!
ros The download speed is so slow
You are pronouncing the word ”allow” wrongly. The emphasis is on the last syllable.
основные вопросы:
по видео всё понятно, лучше туториалы делайте как настраивать оборудование конечным клиентам, тк ваше оборудование с среднем сигменте для конечного пользователя.
The music has ruined the benefit of this video. Please make the background music calm and volume it down as much as possible. We are here to gain knowledge from you. Music is our last concern.
We will try to do better.
What is NAT?
It‘s EVIL 🙈
Bridging Video
el nat deberia desaparecer para eso está ipv6