THE UNTOLD STORY: How the PIX Firewall and NAT Saved the Internet

  Рет қаралды 399,733

The Serial Port

The Serial Port

Күн бұрын

Пікірлер
@ThinkleTink
@ThinkleTink Жыл бұрын
Color me impressed, This channel silently teaching you basic networking skills whilst telling a story and keeping it interesting.
@oericsantosf1
@oericsantosf1 Жыл бұрын
it's true, silently teaching. Very clever .
@zeniththetoaster9712
@zeniththetoaster9712 Жыл бұрын
I took a networking class an this covered the hardest unit in the span of one video in a fairly understandable way
@AndrewAlex92
@AndrewAlex92 Жыл бұрын
This is the best way to learn imo. Don't just learn the concepts. Learn the "why" behind the problem. The engineering of it. Then learn the science - the deeper concepts.
@deadinternet66
@deadinternet66 Жыл бұрын
I remember before NAT firewalls really caught on in the mid/late 90's, people just connected their computer straight to the internet via a modem. You could scan whole blocks of public subnets for open port 139 and just straight connect to //i.p.address/c$ without a password. It was the wild west. Also there were alternatives to the PIX firewall in the form of linux distributions.
@lucasrem
@lucasrem Жыл бұрын
Guess so, able to hear on the US Robotics what it was doing, able to understand what it did. If intruders, shut it down ? the Virus scan could find infected files !
@djosearth3618
@djosearth3618 11 ай бұрын
ya the whole internet was basically a samba jungle when you got into it ;]
@callmebigpapa
@callmebigpapa 8 ай бұрын
I tell young people I work with about this and life before XP SP3 and they dont believe me ..... they say no way thats not possible :)
@yellowcrescent
@yellowcrescent 3 ай бұрын
The fun thing to do back then was to use WinPopup to send people modal popup dialogs on Windows 95/98 machines. Fun times.
@jfbeam
@jfbeam 2 ай бұрын
It didn't last long. ISP's (the good ones) started blocking those ports at the RAS, and border of the network.
@louwrentius
@louwrentius Жыл бұрын
In the early 2000s I worked for a small security firm and we bought a Cisco PIX as our network firewall, later replaced with an ASA. I never knew the history of this device. Thank you 🌷 really cool you got to talk to the people who invented NAT/PIX
@Not_interestEd-
@Not_interestEd- Жыл бұрын
One thought that I've always enjoyed thinking about when it comes to early 90's machines is what would people then think if I took a modern day Threadripper + 4090 machine and just used it to run an entire company. How many virtual machines could I theoretically run on a 64 core system.....
@lucasrem
@lucasrem Жыл бұрын
1990 was US Robotics only, BBS internet. Cisco was the revolution !
@dji386
@dji386 Жыл бұрын
Showing a Firepower firewall as a "better" and "More Advanced" device was a bold choice. All joking aside, this is an excellent and very informative video. Thank you!
@neomatrix3612
@neomatrix3612 Жыл бұрын
I've worked many years on most vendor firewalls. I always loved ASAs, solid product. Firewpower is the biggest piece of garbage I have ever worked on. It's a failed product..
@SApcGUY
@SApcGUY Жыл бұрын
@@neomatrix3612 almost as bad as a palo alto firewall
@Sneezus420
@Sneezus420 Жыл бұрын
​@@neomatrix3612My first experience with Firewalls was using Cisco ASAs. I thought they were kinda janky, and then I worked with Firepower Firewalls.... What a terrible product lmao.
@fumped
@fumped Жыл бұрын
How far they have fallen. The fact that their latest series of Secure firewall, the successor to firepower is still booting ASA code as default instead of FTD is quite telling..
@SeanPennII
@SeanPennII 7 ай бұрын
Nah man, theyre great. Ask me how i know​@@SApcGUY
@netapp
@netapp Жыл бұрын
13:20 Its a FAServer! I know this! Thanks for the shout-out. Great video!
@theserialport
@theserialport Жыл бұрын
hey we'd love to have a FAServer too!
@netapp
@netapp Жыл бұрын
I've asked our Discord for some help unearthing one. Let's see what happens.
@BobFrTube
@BobFrTube Жыл бұрын
Thanks for providing more of the back story of the NAT. I first discovered NATs in late 1994 when I was commuting to Microsoft (Boston Redmond) and used a NAT to allow all the home devices on my home network to share a single connection to the Internet. My vision was to have every home interconnected as a peer with the rest of the Internet. That idea goes back to the 1970s when I first learned about the 32-bit IP address and realized it was not enough for the connected future that was obvious then. It also means you can have stable addresses within the home separate from those outside. I then worked to make sure that all Windows machines were ready for home networking by putting IP (with DHCP) and NATs in every Windows machine. It turned out that an external box worked better, but those NATs are still there, and you can use them for the hotspot feature. Using the NAT as a firewall was an unfortunate kludge necessitated because Windows apps at the time were not prepared to face the world. My plan was to turn NATs into (encrypted) V6 routers and remove the firewall so all devices could be full participants. The goal was to enable connectivity without installers or professional network management. I wrote about this in rmf.vc/IEEEHomeNAT and have come to realize that V6 doesn't solve the problem of providing long-term table peer relationships because it is still in the access framing (nor does the DNS /rmf.vc/ForeverURLS). The idea of accessing the Internet is a misunderstanding, but that's a whole topic in its own right. As an FYI, much of my thinking about this goes back to my experience in class in the Spring of 1973 when we studied radio packet networks (ALOHANet) and in which Bob Metcalfe did Ethernet as his class project.
@levieux1137
@levieux1137 Жыл бұрын
In fact by stubbornly trying to solve the end-to-end connectivity, IPv6 made it much more complicated to have a working network at home, because one thing NAT did that was unexpected was to make equipments stackable: you can insert a firewall or wifi gateway behind your ISP's box and it magically works thanks to NAT that provides distinct and independent networks. With IPv6 it's a nightmare, you have to configure multiple layers as you configure routers for a datacenter, manually adding routes. And since most ISPs only provide a /64 (single network), you're screwed and have to play with proxy NDP and hard-coded addresses on devices. I.e. you can almost never provide autoconfigured IPv6 for your visitors. Sure there are private addresses, but browsers refuse to use them if an IPv4 is also available, by fear of lack of connectivity. All of this is a major failure and IPv6 at home remains dead by design (IETF and ISPs hand-in-hand).
@timeimp
@timeimp Жыл бұрын
*The* Bob Metcalfe was in the same class on you, working on a "class project" that was Ethernet? That's so cool to hear!
@jroysdon
@jroysdon Жыл бұрын
@@levieux1137 Sure would be nice if ISPs followed the RFCs and issued /48s to those who want them.
@TopSmoka
@TopSmoka Жыл бұрын
at the tiny cost of making the system non resilient which was the entire intended purpose. just so so tech bro could make some billions. FUCK anyone using the internet for profit!
@RobShinn
@RobShinn Жыл бұрын
@@timeimp @BobFrTube (assuming that's his real account) is a living legend himself. He is the inventor of the electronic spreadsheet.
@freckhard
@freckhard Жыл бұрын
These men & women are the non-well-known heroes of our current information age and many of them are still alive, this is so fantastic, thanks for interviewing them!
@martinvandenbroek2532
@martinvandenbroek2532 Жыл бұрын
The unintended effect of NAT and firewall devices has been that the focus of ICT security landed on the shoulders of network engineers whereas it ought have landed on the shoulders of systems and application engineers. It also slowed down the adoption of IPv6. Nevertheless a great piece of engineering of course. 😊
@falconeagle3655
@falconeagle3655 Жыл бұрын
PBX was not a great invention. So is NAT. Eventually one to one connection is wins. This is a bad concept is every way possible. Great tech which is built on a bad solution of a problem.
@kreuner11
@kreuner11 Жыл бұрын
​@@falconeagle3655 you're wrong, there is no reason my printer should have a global IP, nor an accountant be callable from anywhere in the world
@PsRohrbaugh
@PsRohrbaugh Жыл бұрын
@@kreuner11 This! Between consumer ISPs trying to charge more based on number of devices, vulnerability of poorly made IoT appliances, and simply the "opsec" from outsiders knowing the size and design of your local network - I'm strongly against global addresses for local devices in 99% of circumstances.
@David_Groves
@David_Groves Жыл бұрын
Strong disagree with this position. You can have globally routable addresses AND a stateful firewall. This gives you the best of both worlds. Your devices are by default uncontactable from the rest of the world, but if you require end to end connectivity, you can have it. Where as NAT by design makes it impossible. NAT is a great hack, but it is one we should wean our way off.
@wpyoga
@wpyoga Жыл бұрын
I mean, if it slowed down the adoption of the Second System that IPv6 is, the it's a good thing.
@singletona082
@singletona082 Жыл бұрын
it's interesting how shockingly forward thinking they were. In the ninties 'hey we're gonna run out of address space at some point we should, uh, get on finding a fix before that becomes a problem.' In other sectors you'd get: 'how many addresses do we have right now?' 'Four billion but-' 'we'll never use up all that address space. stop wasting my time.'
@vylbird8014
@vylbird8014 Жыл бұрын
"Ok, I came up with this network translation improvisation. It's ugly and breaks a lot of protocols, but it'll buy us some time to fix it properly." "Meh, fixing it properly is hard and expensive."
@singletona082
@singletona082 Жыл бұрын
@@vylbird8014 ....Which is the problem we're in right now....
@dbsirius
@dbsirius Жыл бұрын
This is why infinitely scalable standards are a better thought process
@chouseification
@chouseification Жыл бұрын
@@dbsirius impossible when each byte was precious back in the early days. Something you can say out loud these days - if you had made the same suggestion even in ~1990 you'd be laughed right out of the room. Really and truly.
@ACuteAura
@ACuteAura Жыл бұрын
"but also, we can only hand them out in bundles of 2^8, 2^16 and 2^24 - and we gave the US DOD like 7 of the last already"
@MrMegaManFan
@MrMegaManFan Жыл бұрын
As someone who still remembers when the internet was just email, Usenet News, file transfer and Gopher, thank you for documenting and sharing this crucial innovation for networking. It's humbling when you think how just a few individuals with bright ideas saved our whole system from imminent collapse.
@lucasrem
@lucasrem Жыл бұрын
@MrMegaManFan BBS was very popular, guess he forgot what we are doing in 1989. Trough the BBS service you could connect to the internet, WOW ! NASA was there too !
@adamzan7
@adamzan7 Жыл бұрын
Never thought I would see trumpet winsock ever again, that brings back memories.
@James_Knott
@James_Knott Жыл бұрын
Microsoft was slow to the Internet, which is one area OS/2 was ahead of Windows. Billy wanted people to use his Microsoft network instead.
@Peter_S_
@Peter_S_ Жыл бұрын
Excellent video. I hit pause and froze for about two minutes when you said duck pond and the image went to the Palo Alto Duck Pond. It was on the drive to there in 1981 that as a pre-teen I figured out how to use SIN and COS functions with an additional SIN to graph out a 3D perspective view of a drop making ripples in the surface of a pond. Back in those days the overwhelming majority of the people on the Internet were in the San Francisco Bay Area. In the mid 1980s a friend of a friend at NASA Ames was having an argument with someone in Australia on IRC and he got so mad that he ended up unplugging the cable that literally connected Australia to the Internet. 😂
@ayanaalemayehu2998
@ayanaalemayehu2998 Жыл бұрын
wouldnt that cable be very hard to access even then
@Peter_S_
@Peter_S_ Жыл бұрын
@@ayanaalemayehu2998 Look up early maps of the Internet and you'll see how humble the beginnings were. It was an experiment. The single link connecting Australia was just a cable plugged into a router which sat in the next cubicle. Once you were on the base, (NAS Moffett Field, now Onizuka Air Force Station) everyone was cleared and everyone had an ID badge on, including visitors (I've been badged). There was plenty of REAL security stuff there; nobody cared about security for an unclassified experiment.
@ayanaalemayehu2998
@ayanaalemayehu2998 Жыл бұрын
@@Peter_S_ gotcha that’s hilarious lol
@Peter_S_
@Peter_S_ Жыл бұрын
@@ayanaalemayehu2998 I laugh now just thinking about it. That sort of time will never come again. Going back one more step to the start of ARPANET, one of the first 10 ARPANET nodes was in a pizza parlor close to SRI. That wouldn't fly these days.
@PopeCromwell
@PopeCromwell Жыл бұрын
@@ayanaalemayehu2998 Speak to any Aussie about the quality of their connection, they'd believe that one cable is still all they have today.
@tstahlfsu
@tstahlfsu Жыл бұрын
This was great! The number of PIX and ASA devices I've worked on over the years is staggering.
@KaldekBoch
@KaldekBoch Жыл бұрын
I seem to recall many of my customers struggling with ASA when it was introduced. I have memories of fixing buggerised configs.
@Melds
@Melds Жыл бұрын
@@KaldekBoch Yeah, the ASA flipped a lot of concepts from the PIX so it was easy to carry in old knowledge that didn't work the same.
@nickwallette6201
@nickwallette6201 Жыл бұрын
It is terrifying that I _still_ run into ASAs, regularly, and particularly with site-to-site VPN applications. ASAs are *long* past their expiration date.
@datacntrdude
@datacntrdude Жыл бұрын
It's Cisco Live this week, and this would make an amazing presentation for the newer generation of network engineers. You should submit this as talk. Incredibly well done! Also, as a NetApp veteran, thanks for the hat tip mention there!
@lucasrem
@lucasrem Жыл бұрын
Trumpet win socket too, US Robotics, BBS services connecting us!
@kris240376
@kris240376 Жыл бұрын
@8:26 The mini in minicomputer only kind-of-sort-of referred to the size of the computer. Back in the day, there were pretty much three types of computers: mainframes, minicomputers, and microcomputers. Mainframes were expensive and could possibly fill a room. Minicomputers were smaller, cheaper, and had less computing power than a mainframe. Microcomputers were smaller, cheaper, and had less computing power than a minicomputer. We don't really call machines minicomputers or microcomputers anymore since that line has blurred. At some point, the industry stopped calling them minicomputers and started calling them servers. The industry also stopped using the term microcomputer and further subdivided that class of computer further: workstation is expensive and powerful, PC is not as expensive and less powerful, etc.,
@NautilusMortanian
@NautilusMortanian Жыл бұрын
As cool as the technology itself is, I really do wish NAT didn't happen. It broke connectivity for at least years, and IPv6 was around for the entire time. Broken SIP, broken STUN, broken FTP, and even today Uno on Steam *still* doesn't work properly over NAT. To this day ISPs keep putting more bandaids on to keep IPv4 around, and have even monetized addresses resulting in virtual hosting being commonplace (sharing domains on one public IP). NAT would've happened, in some capacity, probably, but introducing it set IPv6 back for decades.
@edrose5045
@edrose5045 Жыл бұрын
Add multicast to that list. Imagine how much less bandwidth live TV streaming would use if multicast worked! Unfortunately, due to NAT, those streams have to be duplicated to every client
@kaleidoscope_records_
@kaleidoscope_records_ Жыл бұрын
I'm sure we will NOT be celebrating the creator of cg-NAT, which criples the internet into something beyond recognition. Its a real shame that ISPs are allowed to sell us this Horse Sh*t while falsely calling it "the internet".
@karserasl
@karserasl Жыл бұрын
It was a necessary evil. But really, we should have moved by now. IPv6 to every device globally and manage the access through firewall. We have the technology people.
@michaelrobinson2650
@michaelrobinson2650 Жыл бұрын
​@@edrose5045I don't think NAT is the only thing preventing multicasting live video. You can't pause a multicast steam. Multcasting is UPD so very late or missing packets will cause a loss of picture because there is no retransmission. The key to reducing bandwidth of video on demand is building a CDN that gets as close as possible to the customer. This works for live video too, so there isn't much reason to build a separate multicast system.
@athompso99
@athompso99 Жыл бұрын
You absolutely can pause a multicast stream - most set top boxes simply buffer the stream locally as long as they can.
@halo122398
@halo122398 Жыл бұрын
Please do more network history videos! All retro tech videos are usually systems and rarely networking and I'm endlessly curious how everything came to be as a Network engineer myself
@ketatgenhorst
@ketatgenhorst Жыл бұрын
I worked from about 2001 to 2016 using various Pix devices, including 501, 506, 515E and the Cisco ASA line. I never knew this history though, what a fun video!
@johncraig2623
@johncraig2623 Жыл бұрын
Got a PIX when first got a DSL line way back when. I never knew how revolutionary that device was. Very fun to know more about its history.
@RachaelSA
@RachaelSA Жыл бұрын
I started doing NAT on Linux in late 1995, I had no idea NAT was only a year old by then.
@msys3367
@msys3367 Жыл бұрын
Putting an home or office behind NAT isn’t much of a issue, but CG-NAT is a crime against the concept of Internet/broadband.
@nisserot
@nisserot Жыл бұрын
I was behind CG-NAT for a while. It was utterly disgusting. Especially since I host my own web and mail server at home. Luckily I managed to convince my ISP to assign me a public IP address. Sadly the majority of people are not network literate enough to understand why CG-NAT is a problem, nor do they care. As long as they can get on KZbin, Facebook, Instagram and Netflix, they don't give a flying f--k about the underlying network infrastructure.
@kaleidoscope_records_
@kaleidoscope_records_ Жыл бұрын
CG-NAT is an absolute dumpster fire. It should be illegal for ISP's to sell CG-NAT service while calling it "the internet"
@RoddyDev
@RoddyDev Жыл бұрын
@@kaleidoscope_records_ worse than that is deploying CGNAT without IPv6...
@thecaptain5344
@thecaptain5344 Жыл бұрын
I actually think CG-NAT is a good thing, in a roundabout way. The more people use a worse NAT technology, the more push there will be for IPv6, which IS superior.
@kaleidoscope_records_
@kaleidoscope_records_ Жыл бұрын
@@thecaptain5344 except for 100% increase in IP header overhead (from 20 to 40 bytes), and a 50% increase in total packet length. . hmm.. what about that other part where it cant talk to ipv4, and. you cant score ip address space for abuse and spam because of near unlimited address space, and humans have a hard time remembering ipv6 address... there are more but these are among the many reasons to not ipv6
@DigitalDiabloUK
@DigitalDiabloUK Жыл бұрын
I never realised how relatively recently NAT was invented. What a great video 👍
@WilliamHaisch
@WilliamHaisch Жыл бұрын
Thank you for documenting history like these advances in networking. Jason Scott has said that most of the people he interviewed for the BBS documentary have now passed away. If these stories are not preserved, they fade and the past becomes inaccessible to the future; an unfortunate casualty of time. Thanks again! 😊
@MegaManNeo
@MegaManNeo Жыл бұрын
I find these early "Internet" stories more interesting than what we have today, honestly. Very fascinating story to listen to.
@jeremywj
@jeremywj Жыл бұрын
Everything about the early days of the internet, to me, is fascinating. To how it came to be, what people thought about it, how people used it, etc. For example, just connecting to the internet was something special in the 90s. I love having my "always-on" fiber internet today, but it does lack that special feeling of connecting to the internet I got in the 90's.
@georgegrubbs2966
@georgegrubbs2966 Жыл бұрын
I lived and worked through this era and worked directly with TCP/IP. This is a great story of what was going on to solve this impending crisis. The best channel.
@jonweinraub
@jonweinraub Жыл бұрын
As someone that grew up with dialup pre web found this history so interesting. I knew about PIX and NAT but had no idea where it came drin, especially prior to Cisco. Thank you for this very informative video.
@JimDean002
@JimDean002 Жыл бұрын
I agree. I'm old enough that I remember CompuServe and CB chat being a thing. I've got enough computer background to know a lot of what they're talking about but I didn't know the history behind it or the people involved. On something like this it's so fascinating to see the inside stories of the people working 20 hour days because they had something that believed in and wanted to get it out there for the world.
@nicholas_scott
@nicholas_scott Жыл бұрын
Great history! I went to university in 1990 and they had internet. Apart from telnet, ftp, usenet, we used it for online gaming, like MUDs, and chats, like IRC and Relay, and X-Win for remote windows. For search engines, we had "Archie" and "Veronica". Not exactly the stoneage. And we had "Gopher" which came out before the "Word Wide Web". It was similar, except every page had strict formatting. Once the WWW came out, it was better for sure. Really the main difference back then was it was mostly schools and gov on the internet. It wasnt until AOL decided to add a portal to the internet around 95 that it really exploded, and then suddenly everyone wanted in.
@projectartichoke
@projectartichoke Жыл бұрын
What a great video! A truly fascinating history behind something we all use every day but mostly take for granted.
@BloodyIron
@BloodyIron Жыл бұрын
KZbin has been recommending this video to me for I think a few WEEKS now. The length of the video kept making me be like... "ehhh later". But now that I've watched it. SO GLAD I DID. And honestly so glad that KZbin Algo beat me over the head with this video so many times. It's kind of unreal how actually good the KZbin Algo is, at least in my opinion. Thanks for this video! Super neat! :D
@ZeCatable
@ZeCatable Жыл бұрын
Great video format with this last video, in particular focusing on the evolution of the idea and its propagation and generalization to now ubiquity! Please keep them coming!
@MrSunDevil23
@MrSunDevil23 Жыл бұрын
I used a Cisco PIX 515 to get my CISSP. I still have it (not in use but on a shelf) and is one of my most prized possessions. Good video!!
@ambushell5778
@ambushell5778 Жыл бұрын
excellent video. very interesting to learn about early internet history like this, especially with the interviews. this channel is going to blow up!
@Co_dD
@Co_dD Жыл бұрын
What a wonderful video with impresive interviews. Good work. I hope that Paul Francis get an award for being a clever pariah.
@Stealth86651
@Stealth86651 Жыл бұрын
Love your videos, thank you so much for the effort/content, it's really appreciated.
@Rhine0Cowboy
@Rhine0Cowboy Жыл бұрын
I'd note that in the late 90's there were software products for Windows and Linux that could do NAT services for you. Personally I used Winroute on windows until it didn't combine properly anymore with the fileserver role on the same host. Linux had IPchains to do NAT on kernel 2.2, and eventually got Netfilter near the end of the 90's. Of course Cisco sold a lot of pix appliances, but NAT as a concept was already pretty popular and implemented in many places that didn't really need any cisco equipment (yet).
@Guitargasm
@Guitargasm Жыл бұрын
An awesome and uplifting story. Thank you! It's great to know this amazing story. Now wishing I'd kept my PIX 501 from years ago.
@mikosoft
@mikosoft Жыл бұрын
I started with networking while in university in the 2000s and got my first job in 2007. PIX firewalls were already considered obsolete at that time and ASAs were where it was at. I never knew how pioneering the device actually was, it seemed clunky to use to me (as it used a different command line than IOS) and I didn't like it. So you just made me appreciate the device I once disliked.
@brandonhunter3036
@brandonhunter3036 Жыл бұрын
What an awesome mini-documentary! Thanks so much for putting it together and looking forward to more!
@mikebeste9408
@mikebeste9408 Жыл бұрын
Fun story. I am on the verge of sunsetting a bunch of 5585x pairs ...moving on to NG2FWs. I had first touched a PIX in 1998 but never bothered to understand the whole story. Remember in the old days you would use a PIX and a 3005 VPN Concentrator (or bigger) because until the ASA came out you needed both of them. Very touching as I have basically been working on every generation since (with a little Fortinet and PA in there).
@andmicbro1
@andmicbro1 Жыл бұрын
Thanks for highlighting the people who made the internet work! I think many technology entrepreneurs get overlooked by a few popular figures who, while their products have greatly shaped the face of technology, ignore the fact there were so many more who go thankless except among the technology nerds. For every one Steve Jobs and Bill Gates, there's a dozen more computer greats who deserve more credit. Ken Thompson, Dennis Ritchie, Tim Berners-Lee, Linus Torvalds, Richard Stallman, and many many others are names the average person on the street wouldn't be able to name or say what their contribution was. So I love reading and seeing videos about the unsung heroes, the people whose inventions make the modern world work, and with out them you wouldn't be able to even use the creations of Steve Jobs and Bill Gates.
@davidhingst7063
@davidhingst7063 Жыл бұрын
Great video! Blast from the past. My first PIX was the first model Cisco released. NAT and the firewall were very important as some of my systems were hacked. The danger of having everything with a publicly routable IP address! Good times!
@oldmanmonza7780
@oldmanmonza7780 Жыл бұрын
I am so happy that I have found this channel. Having started back in the early 80's BBS days with my Atari, knowing that this history is being saved so those who come after know what we did to get here. Subscribed!
@alexanders88
@alexanders88 Жыл бұрын
This is such an interesting video. Great background about a network technologies(s) we (now) take for granted! Thank you producing such a great video!
@themetadaemon
@themetadaemon Жыл бұрын
The first firewall I recommended and setup was a 515e with warm standby. Rock solid. Kept it far too long (10 years). I compare any firewall I setup to those old PIXs, and many modern ones still fall short.
@nickwallette6201
@nickwallette6201 Жыл бұрын
That was the first commercial firewall I worked on, too. IIRC, we had a 515 and a 50....3? Something like that. I remember discovering that it was basically just a commodity PC, and went hunting in our parts stash to try and find a spare Intel Gb NIC rather than paying for the official Cisco part. I found one and it did work. Kinda... The PIX wasn't happy about it, and something didn't work quite right (VLANs or something?) but otherwise, it moved packets.
@cameronsteel6147
@cameronsteel6147 Жыл бұрын
It's almost annoying how well NAT works, because if it was any worse we wouldn't be more than 20 years into the existence of IPv6 and only at ~40% adoption. It's a very clever hack that was necessary at the time, and it has some uses that are more justifiable than others, but it was a mistake to ease up on IPv6 rollout when NAT is just a bandaid solution.
@thomasbonse
@thomasbonse Жыл бұрын
Nothing is as permanent as a temporary solution.
@benargee
@benargee Жыл бұрын
To be honest, unless you have public servers, you don't need a public IP for each device in your home. Point to point is more critical for commercial interests and in data centers that's typically how it works where every device has a public IP. IPv4 is simple and it's allocation should be utilized for that. IPv6 should be less transparent and handle the growing scale of the internet. The two should work together.
@cameronsteel6147
@cameronsteel6147 Жыл бұрын
@@benargee my point is that IPv4 with NAT isn’t as simple as IPv6. In Australia, many ISPs have started rolling out CG-NAT due to v4 address exhaustion and it’s caused no end of issues with multiplayer gaming, working from home, and any other situation where UPNP/PCP is expected to work.
@0x1EGEN
@0x1EGEN Жыл бұрын
​@@benargee IPv4 is a mess compared to IPv6. So many hacks built on top of it. With IPv6 you don't need subnet masks, DHCP, NAT, DDNS, etc..
@ukyoize
@ukyoize Жыл бұрын
​@@benargee Everyone should have a public server. NAT is separation into nobels and serfs.
@Bluelagoonstudios
@Bluelagoonstudios Жыл бұрын
In the 80s I made a big miscalculation, thinking internet wouldn't be so big, even till today I have problems understanding some features in networking as a whole. But these days there is AI that helps me to get huge info about the subject. I have some hardware NATs running here, and now I can fine tune them with this acknowledge.
@david_sanchez
@david_sanchez Жыл бұрын
I’ve been using “the internet” since the 80s. In the late 80s I was primarily only concerned with connecting to BBS sources. I was only a kid so I didn’t have any “professional” interests in the internet at the time but I was extremely interested in learning about it. I remember reading about IP address exhaustion and started to hear things about NAT. I lived in Redwood City at the time so it didn’t take long for information to make its way to me. No, we couldn’t do Google searches back then. We had to actually talk to people. Like anyone who had any level of foresight at that time, I envisioned how the concept of personal computing was going to change things. So I dropped out of high school and started my path to my “IT” career (a term that didn’t exist back then). After working in various computer related fields (mostly doing dial up and DSL tech support)I eventually landed a job as an engineer at the first cable broadband internet service provider in the US, “@Home”, in Redwood City. Eventually @Home and Excite.com (the #2 search engine at the time, behind Yahoo) merged and gave me access to their datacenters. It was then that I had seen the true impact of how NAT truly helped the internet become what it was. Buildings upon buildings full of servers and network appliances, all running on IP networks. I can’t imagine the management nightmare that would be, especially when talking about Layer 3 and 4 security, if NAT didn’t exist. Not to mention all of the workstations for all of the users employed at the company. It was very interesting to see that evolution happen. I learned so much while being a part of that era. I sometimes miss it (I don’t do that type of work anymore) but I know that there’s bound to be something innovative come down the pipeline again and I hope to be around to see it.
@Red-Viper-Red
@Red-Viper-Red Жыл бұрын
Hell yeah I ran a wildcat bbs in late 80s I was 9 hahaha. Was awesome till my sister used the phone and kicked me off the modem
@andmicbro1
@andmicbro1 Жыл бұрын
The most interesting thing to me as a new sysadmin, is the push toward cloud and virtualization. More and more companies and services are pushing to the cloud, to the point on premises is becoming a less popular option. I mean I think it's not going anywhere, but in the next couple of decades I wouldn't be surprised if most services are entirely cloud based. Giant server farms will replace the server in the back room of every mom and pop shop everywhere. And virtualization is also fascinating. I haven't seen as much of this yet, but virtualized firewalls, NICs, and everything else is wild to me. Coupled with cloud technology someday we might see a plain box just managing the local connection to some server somewhere that has everything stored off site. Your firewalls and switches, and servers, and backups, and everything completely virtualized. Obviously, I think some on-premises will always exist, some people want to control their data, or have on site needs to make it necessary. But man, we could see a lot shift toward everything existing as a VM on some server farm on the other side of the country.
@diewinnipegdie
@diewinnipegdie Жыл бұрын
Great channel. As usual, the best way to wrap your head around a concept as bizarre as NAT, is to learn the history of how/why it came to exist in the first placd.
@billwall267
@billwall267 Жыл бұрын
great documentary with primary source interviews. thanks "the serial port" and thanks youtube algo for recommending me this.
@nicknorthcutt7680
@nicknorthcutt7680 Жыл бұрын
My dad worked as a Project Manager at Cisco Systems for 15 years, I remember when he retired because all of their jobs were being sent overseas. This was around 2005 I believe. I miss the days when I'd get to go to work with him as a kid. Those were good times...
@echambers1112
@echambers1112 3 ай бұрын
Love the story telling and the interviews with the people who built the foundation of our modern infrastructure.Very interesting to see the difference between the academic/policy thinker and the problem solver/commercial thinker. It always takes both.
@snapsetup
@snapsetup Жыл бұрын
As an IT consultant who started in the late 90's, I deployed many of these and supported and configured many more.
@LogicalNiko
@LogicalNiko Жыл бұрын
One of the healthcare technology companies I worked for actually had machines with the NTI logos on the front. Surprisingly they were only fully retired in 2017. (Yep they were only like 15 years past EOL…and yep there were still NT 4.0 boxes too) Back in the day the fun thing would be that you would walk into companies that just made up ip addresses (usually in the low end class A’s or using repeat numbers like 111). They would come in and hook up a network connection and randomly wipe people off the internet (in many cases government agencies who had low class A octet numbers). There wasn’t really any protection against customers asking their network provider from routing any random ip space to them….they were supposed to do some checks but few bothered doing it all the time.
@davids8345
@davids8345 Жыл бұрын
Awesome story, I remember installing a HA pair of PIX's at my Uni's CompSci department (where I was sysadmin), that must have been 1998 or 1999... That was really my first foray into enterprise networking - so some fond memories there... Thanks for this video :)
@tonydotnottingham
@tonydotnottingham Жыл бұрын
Thanks for putting together such a well structured video, especially with the interviews!
@JeremySiedzik
@JeremySiedzik Жыл бұрын
Man, thank you! I installed about 300 of these when building IPSEC tunnels for the ANX in the early 2000's. Great memories!
@win9k
@win9k Жыл бұрын
what an awesome video! instant subscribe. i'm on the internet since 1995 and this hits all my sweet spots.... lol ,well played! :)
@dankierson
@dankierson Жыл бұрын
Great vid. Amazing how these early pioneers made such a difference to the web's survival. We should all be glad they cared. Even if only because it was for purely business reasons 😊
@HansCombee
@HansCombee Жыл бұрын
Great story! I started with a Pix 520 in active/standby configuration around the 2000's. Great box, just before they were replaced I remember repairing one with a standard PC power supply.
@Milkmans_Son
@Milkmans_Son Жыл бұрын
Did failover on a pix actually work back then?
@HansCombee
@HansCombee Жыл бұрын
@Milk Manson yes it did but it required a special cable between both units. If I remember correctly with a 15 pin D connector on both ends.
@mewintle
@mewintle 11 ай бұрын
It’s amazing to learn the behind the scenes of all the amazing things I lived through that I previously had no context for. Thank you.
@martinrobert7651
@martinrobert7651 Жыл бұрын
Sooo cool to see where comes Cisco ASA/FPR comes from ! I work with this kind of devices every day ! (And not Only Cisco). I truly appreciate the video !
@BeardedGeezer
@BeardedGeezer Жыл бұрын
I worked for the Colorado company eSoft, which released a NAT firewall in 1995 called the IPAD, short for Internet Protocol Adapter. In addition to NAT and DHCP, it also had POP3, SMTP, HTTP, and FTP servers. Like the PIX, it had a proprietary OS written in C and used off-the-shelf X86 hardware. A few small ISPs are using IPADs today.
@cdwilliams1
@cdwilliams1 Жыл бұрын
Was this the same esoft that sold tbbs's back in the day? I ran one of those!
@kaleidoscope_records_
@kaleidoscope_records_ Жыл бұрын
TBBS was the Sh*t!
@lucasrem
@lucasrem Жыл бұрын
@@kaleidoscope_records_ BBS was a thing back in 1989, why he forgot that, that was how we started !
@jroysdon
@jroysdon Жыл бұрын
I installed dozens of Cisco PIX and many dozens (in the hundreds?) of Cisco ASAs. Huge part of my IT history. Way back in the day (2000?) there was even a CCNP Firewall cert that was basically just the CCNP plus one more Firewall cert. I didn't even study for the test, I just went and sat for it and passed with flying colors.
@Ben79k
@Ben79k Жыл бұрын
This was a fantastic documentary, informational and entertaining at the same time!
@keyplayermark
@keyplayermark Жыл бұрын
Cool, I worked on ARPA after being in the Army as a contractor. Went to work after with the University of California in the early 90's. Worked with the Cisco AGS routers on up to current. Back when they had a phone book for people and their emails. Loved the time I had working with the systems and remember the NAT solution. Met some of these very influential people during my journey with CENIC and the University system. Ahh the days of Novell, Thicknet, IBM networks, stupid drivers for everything.. etc. LOL oh those were the days!
@James_Knott
@James_Knott Жыл бұрын
Back when I was a computer tech, we had Thicknet connecting some VAX 11/780 computers. I also hand wired some Ethernet controllers on prototyping boards for Data General Eclipse computers. Several years later, I was at IBM Canada, where we had IPv4 & SNA on token ring. I also got my Novell CNA along the way and more recently Cisco CCNA.
@lucasrem
@lucasrem Жыл бұрын
@@James_Knott That is Office systems, not computing. You never needed to code for it, basicly just a Type writer
@James_Knott
@James_Knott Жыл бұрын
@@lucasrem Office systems? What are you talking about? The VAX and Eclipse computers were full computers. The VAX had a 32 bit CPU and was a favourite in schools and labs. The Eclipse was a 16 bit computer and was also popular in labs & industry. At that time I was a tech in a telecommunications company and both those systems, among others, were used for message switching. We had several customers we provided switching for and some of them, Air Canada comes to mind, were all over the world. This was in the days before the Internet became popular.
@Locutus
@Locutus Жыл бұрын
Wow! Such a great and informative video! You obviously put a lot of thought and effort into making this video.
@misterSproduction
@misterSproduction Жыл бұрын
great video, true pride at 20:27, made me shiver a bit. on the shown graph I'd love an addition start end of release
@robertkerr4199
@robertkerr4199 Жыл бұрын
This was way more interesting than I expected, and I expected it to be interesting. Great work.
@arch1107
@arch1107 Жыл бұрын
incredible to know how things were done in the begining, things like this explain why cisco is so important in so many fields, now all of us can enjoy the fruits of their efforts
@Dehumanizer77
@Dehumanizer77 Жыл бұрын
Wow this brought me a lot of nostalgia from the 90s, thank you! :-) It was fun back then...
@sampohautamaki874
@sampohautamaki874 Жыл бұрын
Thanks for an interesting story. This channel has quickly become one of my favorites on KZbin!
@ianneill9188
@ianneill9188 Жыл бұрын
Superbly informative video. My whole networking career has known NAT. I am sitting here almost stunned that there was a time before NAT. But of course there was such a time and, thankfully, there were also Engineers with the vision and ability to invent NAT!
@chouseification
@chouseification Жыл бұрын
oh it was a wild time - you had to allocate a class C - i.e. a /24 network to even an ISDN customer. Once the Watchguard firewall came along, a ton of businesses shifted over - I ran the rwhoisd for a pretty decent sized regional ISP, and we had to demonstrate that we were moving customers from /24 networks to /28 to /30 depending on their actual needs before we could get the new /17 we requested from ARIN. Also, despite what the video says, CIDR is normally pronounced like Cedar the tree... not like cider the drink. At least to those of us who were actually using the term when it was new and much more meaningful
@Nacalal
@Nacalal Жыл бұрын
15:32 I feel like I'd be the kind of person to tell the new intern that the turbo button is used to make the internet go faster. For those unaware, "Turbo" buttons on old systems actually slowed the processor down so older applications built for slower processors could run properly.
@dineauxjones
@dineauxjones Жыл бұрын
Earlier in my IT career I've managed PIX and ASA devices. I used a smaller ASA in my home network for a bit. Never knew it was an acquisition by Cisco and it was the first NAT device. It's pretty neat how NTI followed NetApp's business model in making a purpose built appliance.
@slinky1284
@slinky1284 Жыл бұрын
Thank you for all your hardwork and time spent on this.
@AntneeUK
@AntneeUK Жыл бұрын
Thank you, KZbin Algorithm. I've never come across this channel before, but what an excellent first video to watch
@greystripe3737
@greystripe3737 Жыл бұрын
Your videos are top tier. You deserve a bigger audience.
@dudemetoo2053
@dudemetoo2053 3 ай бұрын
Wow.. I was working for Cisco back in the late 90’s. I was a young guy, specialized in WAN to WAN to LAN connections. It was all new to me and I loved it. Never knew how NAT was started.
@justinparrtech
@justinparrtech Жыл бұрын
Great video! I installed dozens of PIX firewalls in the late 90's and early 2000's. The 515E was an "enhanced" version of the 515, and indeed the 515E was the last model. However, both the PIX and the 3000-series VPN concentrator (another Cisco acquisition whose name escapes me) were more or less combined to become the ASA (Adaptive Security Appliance), which was the successor to both products. The ASA 5505 more or less replaced the 515E, while the 5520 more or less replaced the larger PIX 520. With PIX at the heart of the ASA, it lived on for well in to the next decade. At least, that's my recollection :-)
@itstheterranaut
@itstheterranaut Жыл бұрын
'Compatible Systems' was the name you were after, I think.
@djdawso
@djdawso Жыл бұрын
@@itstheterranaut It was actually "Altiga". I still have copies of the vendor specific SNMP MIB files for it.
@itstheterranaut
@itstheterranaut Жыл бұрын
@@djdawso Ah, thanks!
@OfficialNewrecycle
@OfficialNewrecycle Жыл бұрын
great job on the video, the beep at 8:44 scared me so bad. i was looking for what made the noise around my house for long time 😅
@adrianisworking
@adrianisworking Жыл бұрын
This video in a piece of a art. Keep doing them. Learning things while studying history and being kept entarteined.
@JohnScherer
@JohnScherer Жыл бұрын
Thanks for doing this video! I got to work a bit with John Mayes while I was at Spectrum Holobyte, where he installed a PIX sometime in eairly to mid 1993. Good times to be in IT.
@rubiksai
@rubiksai Жыл бұрын
Gupta
@JohnScherer
@JohnScherer Жыл бұрын
@@rubiksai say what? Do I know you? I’d like to forget that chapter of my life ;-)
@davesradiorepairs6344
@davesradiorepairs6344 Жыл бұрын
I started in the network industry in the late 80s onwards, and got to see all of these transformative changes. Nonetheless, there are details here I didn't know about... Thanks...
@jonbikaku6133
@jonbikaku6133 Жыл бұрын
What a beautiful and enlightening documentary. The information, the interviews, the production and knowledge. Love it!!
@JamesBos
@JamesBos Жыл бұрын
I really enjoyed this! I have no idea how you ended up in my recommends (well, I do, I’m a nerd) but this was really well done! Would love to see more of these long form doco’s on the history of the internet.
@1djbecker
@1djbecker Жыл бұрын
Thanks for making this video. I was working on Linux networking stack from late 1992 and didn't know some of this history.
@SamKatakouzinos
@SamKatakouzinos Жыл бұрын
I'm into computers and networking and this was a very well enjoyed story. Thank you so much.
@dnddl9976
@dnddl9976 Жыл бұрын
Wonderful presentation, amazing interview This is the kind of video that i gladly want to watch on KZbin Also, I really love the fact that you really interviewed the legendary person himself One unfortunate thing is that my pitiful English skill cannot deliver how grateful I am. Please keep up the good work :)
@jessar82
@jessar82 Жыл бұрын
Thank you for shading lights on those who pushed humanity centuries ahead to the feature!
@bassman87
@bassman87 Жыл бұрын
arguably NAT and the PIX slowed the adoption of ipv6 as implementing NAT was way more cost effective than re-IPing every device.
@NonyaDamnbusiness
@NonyaDamnbusiness Жыл бұрын
In 1995 I invaded Bosnia as part of RFCT 1AD to stop the war there, marking and clearing active minefields as we went in. In 1996 while still on deployment we began running BNC cables, t-connectors, and terminators and wiring up the first ever "deployed" WAN network the DOD had ever done. I was running my normal [REDACTED] missions during the day and working on the network at night. Since I had experience with networks as a teen growing up in a small rural town in [REDACTED], I was "volunteered" to assist our commo guys with it. I thought it was neat and threw everything I had into it, usually only getting about 4 hours of sleep a night for an entire year. Without fail there was always one soldier that would unplug a terminator and crash the entire network causing us to have to walk every single run and look at every single t-connector. And what was handling all the traffic traffic for that collection of separate network messes scattered throughout the entire country? A single PIX with a pre-configured offline "spare" as an emergency backup. The whole thing was beautifully ugly but in typical Army fashion it actually worked and it worked well. We could start sending and receiving more documents over the network and rely less on a daily courier convoy that did nothing but shuttle paperwork between the various camps and FOBs. Altavista was the most-visited website back then, we were always using that search engine. That convoy would roll out HQs gate at 6am at full throttle and visit every single U.S. installation in the entire country, never letting up until they rolled back in the HQs gate around 6pm that night. Very dangerous work. I know. I drove a stripped-down humvee that was part of it for many months. The burnout was real. Later I would deploy to Kosovo, Iraq, and Afghanistan and pretty much do the same thing but with the latest networking tech while still doing my regular day job of hunting bad guys. I'm one of the few still left alive on the planet that deployed to 4 different wars under 3 different Presidents, stringing up networks along the way.
@PowderMill
@PowderMill 4 ай бұрын
THANK YOU !! Fantastic insight for the younger generations… Where would we be today if NAT / DHCP / PIX / ETC had not been conceived of and implemented back in those “early days”? Hardly anyone involved with internet and telecommunications today, regardless of their age, seems to recall the early days of this field. While the power and phenomenal capabilities of the internet was there, it most certainly was not “user friendly”. Without the contributions of a few forward thinking and brilliant men, it would still be relegated to the educational & military realm.
@travelingmaniac
@travelingmaniac Жыл бұрын
Brilliant ! Extremely well done and informative!
@countbowl
@countbowl Жыл бұрын
Fantastic video, great story telling and teaching
@XenoTravis
@XenoTravis Жыл бұрын
Man I am jealous of that time. It seemed like more opportunities to do something huge. Now it is hard to find an idea that isn't already done or it is incredibly complicated.
@Gitbizy
@Gitbizy Жыл бұрын
I worked on several clients networks in the 98-99 timeframe and used Cisco 2xxx routers with dual Ethernet lan/wan to give their whole networks internet access using Nat. It was a PIA to set that up in IOS via command line back in those days. People today don’t know how much we all suffered back in those days when they plug in their $29 netgear router and it does the same thing plus has Wi-Fi. Much less expensive than the $2000 or so that we spent in the late 90s for the same capability
@Peter_S_
@Peter_S_ Жыл бұрын
Exactly. I remember when 'high speed' communications meant a 56K DDS line and at each end you had a Channel Service Unit followed by a Data Service Unit which often were in the same box and used a giant v.35 winchester connector cable to connect to a router. These days people complain if they can't get DS3 speeds on their home connection.
@inquirewue2
@inquirewue2 Жыл бұрын
Holy shit. This was an AMAZING video! Keep it up!
@Book_Bird
@Book_Bird 4 ай бұрын
Really fantastic mini-doc. Learned a lot. Thank you! (And subscribed!)
@merevial
@merevial Жыл бұрын
This was insanely interesting and in-depth about a device/topic we take for granted today.
@ILostMyOreos
@ILostMyOreos Жыл бұрын
This is so cool, I love the history of early computing. We really had to work hard and get creative and make really good designs.
NO WIRES: How the Apple Airport Changed Everything
29:36
The Serial Port
Рет қаралды 281 М.
EXPANDING THE ETHER: The invention of the network bridge
21:09
The Serial Port
Рет қаралды 89 М.
Каха и дочка
00:28
К-Media
Рет қаралды 3,4 МЛН
Mom Hack for Cooking Solo with a Little One! 🍳👶
00:15
5-Minute Crafts HOUSE
Рет қаралды 23 МЛН
Мясо вегана? 🧐 @Whatthefshow
01:01
История одного вокалиста
Рет қаралды 7 МЛН
1.5Mbps of pure '90s: Setting up a T-1 today - ISP Series Episode 3
19:53
How This Building Powers the Internet
13:41
Stewart Hicks
Рет қаралды 1 МЛН
Rescuing the TOTAL CONTROL from an abandoned dialup ISP
16:07
The Serial Port
Рет қаралды 122 М.
The Rise and Fall of the Cray Supercomputer
32:29
Asianometry
Рет қаралды 640 М.
How To Start An ISP (like it's 1993)
16:54
The Serial Port
Рет қаралды 197 М.
Early 2000s Networking with Cisco PIX
34:39
clabretro
Рет қаралды 52 М.
Terminal Servers
27:20
clabretro
Рет қаралды 74 М.
DIAL-UP goes DIGITAL: Setting up PRI for the TOTAL CONTROL - ISP Ep 7
24:29
The PC You've Never Heard Of
15:24
The Serial Port
Рет қаралды 151 М.
How We Made the Internet
22:12
NationSquid
Рет қаралды 927 М.
Каха и дочка
00:28
К-Media
Рет қаралды 3,4 МЛН