What is Port forwarding ? and What Does it do?
Port forwarding is a technique that is used to give external devices access to computers services on private networks.
It does this by mapping an external port on the router to an internal IP address and port.
Most online gaming Applications will require you to configure port forwarding on your home router.
To understand port forwarding you need to understand what a TCP/IP port is and how ports and IP addresses are used together.
You will also need to appreciate the difference between internal and external IP addresses and internal and external ports.
TCP/IP Ports
A TCP/UDP port identifies an application or service on a machine in a TCP/IP network.
On a TCP/IP network every device must have a unique IP address.
The IP address identifies the device.
However a device can run multiple applications/services.
The port identifies the application/service running on the machine.
The use of ports allow a computer/device to run multiple services/applications.
Standard Port numbers are allocated to server services (0-1023) by the Internet Assigned Numbers Authority (IANA) and are reserved. An an example web servers normally use port 80 and SMTP servers use port 25.
The combination of IP address plus port is known as a socket. See Network Ports Explained
As an example. Imagine sitting on your PC at home, and you have two browser windows open. One looking at the Google website and the other at the Yahoo website.
the connection to Google would be:
Your PC – IP1+port 2020 ——– Google IP2 +port 80 (standard port)
the connection to Yahoo would be:
our PC – IP1+port 2040 ——–Yahoo IP3 +port 80 (standard port)
Notes: IP1 is the IP address of your PC. Client port numbers are dynamically assigned and can be reused once the session is closed.
Returning to Port forwarding..
On home or small office networks the router uses NAT (Network Address Translation) which allows internal devices to share a single external IP4 Address.
The IP addresses on the Internal network are private addresses and are not routable on the Internet.
External computers or devices only see the public IP address that is assigned to the NAT router Interface.
The NAT router maps an Internal IP address + Internal Port to the external IP address + external port.
External devices send packets to the external IP address and external port.
The NAT router maps those packets and re-transmits those packets on the Internal network to the Internal IP address and internal port.
The ports used by NAT are normally randomly assigned which is OK when the session is initiated from the Internal network.
However if you want, for example, to host a website on your internal network and that website needs to be accessible to external clients then you will need to use a standard port (port 80 for http) as the external client expects this.
To do this you statically map the external IP address + port 80 to the Internal IP address of the web server + port 80. — This is port forwarding.
For home users the most common reason to use port forwarding is gaming.
Enabling Port forwarding and Checking Open Ports
Before you set up port forwarding you ideally will need to configure a static IP address for the Internal device.
This step is important as the forwarding will be set to send packets to a specific internal IP address.
Depending on your Application you may need a list of ports that need to be available from the the external network (i.e. Internet) and forwarded to the internal network.
To configure port forwarding on your router you will need Admin privileges.
This site has a comprehensive guide covering 100s of routers, and also port lists for many of the games/applications.
Regardless of exactly how you configure it, as it varies by device, what you are essentially doing is creating a mapping table that maps an external address and port to an internal address and port.
This video shows how to configure port forwarding on a BT Home Hub.
This video shows you how to set it up on a Linksys router. It also shows you how to set a static IP address for your machine.
Once you have forwarded the ports you may want to check that they are really open using an open port checker.
Connecting to a Forwarded Port
To connect to the forwarded port from the Internet you will need to know the external IP address of the Router and the Port number that has been allocated.
However using an IP address instead of a domain name is not very convenient, in addition the external IP address can change as most ISPs assign these addresses using DHCP.
Therefore when using port forwarding you might also what to consider using Dynamic DNS.
Port Forwarding Example
Below is a screen shot of my home router configuration which shows the ports I’ve forwarded.
Notice my router doesn’t have a field for the external IP address as it isn’t really necessary.
However some do and it is usually then configured to 0.0.0.0 .
Checking Open Ports
You can see from the screenshot above that I’ve opened ports 1800 and 1884 and 8884.
I used the online open port check to check those ports and also one that shouldn’t be open and you can see the results below.
Note: I’ve hidden my external IP address for security reasons.
Port Triggering
This is a type of dynamic port forwarding were ports are opened by an application, and don’t require prior setup.
The application connects to the designated trigger port on the router which tells the router to open a specific port for inbound traffic.
After the application has finished it closes the ports it opened.
Because the ports aren’t left open it is considered more secure than port forwarding.
UPnP ( Universal Plug and Play)
You may have noticed that your games work OK on the Internet even though you have not configured port forwarding.
This is most probably because the router has UPnP enabled.
Using the UPnP protocol an application can open ports on the router.
The screen shot below is taken from my router and shows a standard port forwarding rule and one setup automatically using UPnP.
Using UPnP is considered insecure and to be avoided if possible.
However most routers come with UPnP enabled by default.
Summary
Port forwarding Maps external IP addresses and ports to Internal IP addresses and ports allowing access to internal services from the Internet.
It is configured on home routers and it is necessary because home routers use NAT which isolates the home network from the Internet.
Common Questions and Answers
Q- Is the External IP address mapped to the Internal IP Address?
A- No the external port is mapped, and not the external IP address. the external IP address might change see Dynamic DNS
Q- Should I use a static Internal IP address or can I use addresses assigned by DHCP?
A- You should always use a static one.
Q- Do I need to forward both the TCP and UDP ports?
A- It depends on the application. You need to check which ports the application uses.
Q- How do I know if my device has a static address or a dynamic one?
A- You have to go to the device and examine the settings or look at your DHCP server.
Q- How do I know what port I need to forward?
A- You need to know what port the service you want to use is using.However most home routers will have a list of common games and applications and you just need to select it and it will automatically select the ports.
Q- How do I know if I have configured it correctly
A- You can use an online port forwarding checker to check that the ports are open.
Q- What is strict NAT?
A- Microsoft define three levels of NAT- Strict,Moderate and Open. Devices that perform strict or moderate can affect Gamers on Xbox. See this article for help
Q- Does port forwarding affect my home network security?
A- Yes because you are exposing the home network to the Internet meaning that external devices can access internal devices.
Q- I’m using port forwarding should I also use DDNS (dynamic DNS).
A- Almost certainly yes unless if you are using it on a permanent basis.
Related Tutorials:
- Understanding and Using DDNS (dynamic DNS)
- The TCP/IP Protocol Suite Explained
- How to setup a home network
- How to setup a home router
References:
- Wiki- port forwarding
- Internal and External IP Addresses
- Definition of TCP/IP ports
- Portforwarding.com
Please Let me Know if you found it Useful
[Total: 77 Average: 4.5]
