Understanding Port Forwarding- Beginners Guide

Port forwarding Maps external IP addresses and ports to Internal IP addresses and ports allowing access to internal services from the Internet. Skiptocontent WhatisPortforwarding?andWhatDoesitdo? Portforwardingisatechniquethatisusedtoallowexternaldevicesaccesstocomputersservicesonprivatenetworks. ItdoesthisbymappinganexternalporttoaninternalIPaddressandport. MostonlinegamingApplicationswillrequireyoutoconfigureportforwardingonyourhomerouter. TounderstandportforwardingyouneedtounderstandwhataTCP/IPportisandhowportsandIPaddressesareusedtogether. YouwillalsoneedtoappreciatethedifferencebetweeninternalandexternalIPaddressesandinternalandexternalports. TCP/IPPorts ATCP/UDPportidentifiesanapplicationorserviceonamachineinaTCP/IPnetwork. OnaTCP/IPnetworkeverydevicemusthaveanIPaddress. TheIPaddressidentifiesthedevice. Howeveradevicecanrunmultipleapplications/services. Theportidentifiestheapplication/servicerunningonthemachine. Theuseofportsallowcomputers/devicestorunmultipleservices/applications. StandardPortnumbersareallocatedtoserverservices(0-1023)bytheInternetAssignedNumbersAuthority(IANA).e.gWebserversnormallyuseport80andSMTPserversuseport25. ThecombinationofIPaddressplusportisknownasasocket.SeeUnderstandingTCP/IPPortsandSockets Asanexample.ImaginesittingonyourPCathome,andyouhavetwobrowserwindowsopen.OnelookingattheGooglewebsiteandtheotherattheYahoowebsite. theconnectiontoGooglewouldbe: YourPC–IP1+port2020——–GoogleIP2+port80(standardport) theconnectiontoYahoowouldbe: ourPC–IP1+port2040——–YahooIP3+port80(standardport) Notes:IP1istheIPaddressofyourPC.Clientportnumbersaredynamicallyassignedandcanbereusedoncethesessionisclosed. ReturningtoPortforwarding.. Onhomeorsmallofficenetworksthe routerusesNAT(NetworkAddressTranslation)whichallowsinternaldevicestoshareasingleexternalIP4Address. TheIPaddressesontheInternalnetworkareprivateaddressesandarenotroutableontheInternet. ExternalcomputersordevicesonlyseethepublicIPaddressthatisassignedtotheNATrouterInterface. TheNATroutermapsanInternalIPaddress+InternalPorttotheexternalIPaddress+externalport. ExternaldevicessendpacketstotheexternalIPaddressandport. TheNATroutermapsthosepacketsandre-transmitsthosepacketsontheInternalnetworktotheInternalIPaddressandinternalport. TheportsusedbyNATarenormallyrandomlyassignedwhichisOKwhenthesessionisinitiatedfromtheInternalnetwork. Howeverifyouwant,forexample,tohostawebsiteonyourinternalnetworkandthatwebsiteneedstobeaccessibletoexternalclientsthenyouwillneedtouseastandardport(port80forhttp)astheexternalclientexpectsthis. TodothisyoustaticallymaptheexternalIPaddress+port80totheInternalIPaddressofthewebserver+port80.–Thisisportforwarding. Forhomeusersthemostcommonreasontouseportforwardingisgaming. Video–WhatisPortForwarding VideoInternalandexternalIPaddresses EnablingPortforwardingandCheckingOpenPorts BeforeyousetupportforwardingyouwillneedtoconfigureastaticIPaddressfortheInternaldevice. ThisstepisimportantastheforwardingwillbesettosendpacketstoaspecificinternalIPaddress. DependingonyourApplicationyoumayneedalistofportsthatneedtobeavailablefromthetheexternalnetwork(i.e.Internet)andforwardedtotheinternalnetwork. ToconfigureportforwardingonyourrouteryouwillneedAdminprivileges. Thissitehasacomprehensiveguidecovering100sofrouters,andalsoportlistsformanyofthegames/applications. Regardlessofexactlyhowyouconfigureit,asitvariesbydevice,whatyouareessentiallydoingiscreatingamappingtablethatmapsanexternaladdressandporttoaninternaladdressandport. ThisvideoshowshowtoconfigureportforwardingonaBTHomeHub. ThisvideoshowsyouhowtosetituponaLinksysrouter.ItalsoshowsyouhowtosetastaticIPaddressforyourmachine. Onceyouhaveforwardedtheportsyoumaywanttocheckthattheyarereallyopenusinganopenportchecker. ConnectingtoaForwardedPort ToconnecttotheforwardedportfromtheInternetyouwillneedtoknowtheexternalIPaddressoftheRouterandthePortnumberthathasbeenforwarded. HoweverusinganIPaddressinsteadofadomainnameisnotveryconvenient,inadditiontheexternalIPaddresscanchangeasmostISPsassigntheseaddressesusingDHCP. ThereforewhenusingportforwardingyoumightalsowhattoconsiderusingDynamicDNS. PortForwardingExample BelowisascreenshotofmyhomerouterconfigurationwhichshowstheportsI’veforwarded. Noticemyrouterdoesn’thaveafieldfortheexternalIPaddressasitisn’treallynecessary. Howeversomedoanditisusuallythenconfiguredto0.0.0.0. CheckingOpenPorts YoucanseefromthescreenshotabovethatI’veopenedports1800and1884and8884. Iusedtheonlineopenportchecktocheckthoseportsandalsoonethatshouldn’tbeopenandyoucanseetheresultsbelow. Note:I’vehiddenmyexternalIPaddressforsecurityreasons. PortTriggering Thisisatypeofdynamicportforwardingwereportsareopenedbyanapplication,anddon’trequirepriorsetup. Theapplicationconnectstothedesignatedtriggerportontherouterwhichtellstheroutertoopenanspecificportforinboundtraffic. Aftertheapplicationhasfinisheditclosestheportsitopened. Becausetheportsaren’tleftopenitisconsideredmoresecurethanportforwarding. UPnP(UniversalPlugandPlay) YoumayhavenoticedthatyourgamesworkOKontheInterneteventhoughyouhavenotconfiguredportforwarding. ThisismostprobablybecausetherouterasUPnPenabled. UsingtheUPnPprotocolanapplicationcanopenportsontherouter. ThescreenshotbelowistakenfrommyrouterandshowsastandardportforwardingruleandonesetupautomaticallyusingUPnP. UsingUPnPisconsideredinsecureandtobeavoidedifpossible.HowevermostrouterscomewithUPnPenabledbydefault. Summary PortforwardingMapsexternalIPaddressesandportstoInternalIPaddressesandportsallowingaccesstointernalservicesfromtheInternet. ItisconfiguredonhomeroutersanditisnecessarybecausehomeroutersuseNATwhichisolatesthehomenetworkfromtheInternet. CommonQuestionsandAnswers Q-IstheExternalIPaddressmappedtotheInternalIPAddress? A-Notheexternalportismapped,andnottheexternalIPaddress.theexternalIPaddressmightchangeseeDynamicDNS Q-ShouldIuseastaticInternalIPaddressorcanIuseaddressesassignedbyDHCP? A-Youshouldalwaysuseastaticone. Q-DoIneedtoforwardboththeTCPandUDPports? A-Itdependsontheapplication.Youneedtocheckwhichportstheapplicationuses. Q-HowdoIknowifmydevicehasastaticaddressoradynamicone? A-Youhavetogotothedeviceandexaminethesettings. Q-HowdoIknowwhatportIneedtoforward? A-Youneedtoknowwhatporttheserviceyouwanttouseisusing.Howevermosthomerouterswillhavealistofcommongamesandapplicationsandyoujustneedtoselectitanditwillautomaticallyselecttheports. Q-HowdoIknowifIhaveconfigureditcorrectly A-Youcanuseanonlineportforwardingcheckertocheckthattheportsareopen. Q-WhatisstrictNAT? A-MicrosoftdefinethreelevelsofNAT-Strict,ModerateandOpen.DevicesthatperformstrictormoderatecanaffectGamersonXbox.Seethisarticleforhelp Q-Doesportforwardingaffectmyhomenetworksecurity? A-YesbecauseyouareexposingthehomenetworktotheInternet RelatedTutorials: TheTCP/IPProtocolSuiteExplained Howtosetupahomenetwork Howtosetupahomerouter References: Wiki-portforwarding InternalandExternalIPAddresses DefinitionofTCP/IPports Portforwarding.com PleaseLetmeKnowifyoufounditUseful [Total:67Average:4.4] Commentsnavigation Oldercomments HiSteve, AfewquestionsrelatedtoIhsanNurulIman’soriginalquestion: 1.Iftheotherpersonwhowantstoplaythesamegameisconnectedtothesamerouterashim,thenwouldtheybothsharethesameexternalIPaddress? 2.Couldyouexplainhowthemappinginyourreply(191.168.1.5:5000066.66.66.66:10000)wouldalsowork?Ifihostedaprivategameserveronmycomputerwiththementionedportforwarding,wouldpeoplewhoaretryingtoconnecttomyserverhavetotypeintheIPaddressalongwiththeportnumber? Thanksinadvance!HopemyquestionmakessenseasI’mnewtothis. Reply Question1-AllcomputersontheinternalnetworksharethesameexternalIPaddress. Question2–yestheyalwaysneedanIPandport.TheIPwouldbetheexternalIpandtheportwhateveryouhavemapped.Ifwetaketwowebseverslocatedonournetworkbothuseport80internally. OntherouterIwouldmapport80to192.168.1.21:80andport8080to192.168.1.21:80 andexternalclientwouldconnecttoexternal_ip:80toconnecttothewebserveron192.168.1.21andexternal_ip:8080tothewebserveron192.168.1.22 Doesthatmakesense? Reply HiSteve, firstthanksforyourfantasticexplanation.ButIgotsomedoubtsafterlearningportforwarding.I’vegonetoseveralreferencesanddidn’tfindanyexplanationI’mreallylooking.Ihopeyou’rewillingtotacklemydoubts: 1.Where’sourpublicIPaddress?Isitonourhome,orourISP’soffice? 2.Let’ssaymypublicIPis66.66.66.66andmydevicehasaprivateIPof191.168.1.5.Iwanttoforward50000portforplayingXgame.Soifthegamerequestsfor66.66.66.66:50000,it’llgotomyprivateIPright?Nowwhatwouldhappenwhenanotherpersonwho’salsousingthesamepublicIPasme,alsowanttoplaythesamegame,hewanttoforward50000port?Howtherouterhandlethat?BecauseI’vesetthe66.66.66.66:50000togotomylocal,nothis/her. Thanksinadvance! Reply ThepublicIpisonyourrouter.Yourouterhas2IPaddressesseehere https://stevessmarthomeguide.com/internal-external-ip-addresses/ YourpublicIPaddressmaychangebutnooneelsehasitatthesametimeasyou. Aslongasyouhavetheipaddress66.66.66.66nooneelsecanbeassignedit. 2.Let’ssaymypublicIPis66.66.66.66andmydevicehasaprivateIPof191.168.1.5.Iwanttoforward50000portforplayingXgame.Soifthegamerequestsfor66.66.66.66:50000,it’llgotomyprivateIPright?–Correctbuttheportsdon’thavetobethesamee.gyoucoulduseport10000ontheexternalIPaddress.Itiaamapping191.168.1.5:50000<=>66.66.66.66:50000 191.168.1.5:50000<=>66.66.66.66:10000wouldalsowork. Hopethathelps Rgds Steve Reply Commentsnavigation Oldercomments LeaveaReplyCancelreplyYouremailaddresswillnotbepublished.Requiredfieldsaremarked*CommentName* Email* Website Currentye@r* Leavethisfieldempty Polls WhatAreasofNetworkingdoYouhavetheMostProblemswith? NetworkAddressing NetworkingComponents networkArchitecture Wi-FiandWi-fiSetup RouterSetup Other ViewResults  Loading... NewsletterName*Email* Searchfor: Search Hi-I'mSteveandwelcometomywebsitewhereyoucanlearnhowtobuildsystemsusingNode-Red. Ifyouliketosupportthissitethenyoushouldconsidermakingacontribution. GoogleAds Sitemap|About&Contact|Disclosure Copyright©2017-2022Steve'sSmartHomeGuideBySteveCope Weusecookiesonourwebsitetogiveyouthemostrelevantexperiencebyrememberingyourpreferencesandrepeatvisits.Byclicking“AcceptAll”,youconsenttotheuseofALLthecookies.However,youmayvisit"CookieSettings"toprovideacontrolledconsent.CookieSettingsAcceptAllManageconsent Close PrivacyOverview Thiswebsiteusescookiestoimproveyourexperiencewhileyounavigatethroughthewebsite.Outofthese,thecookiesthatarecategorizedasnecessaryarestoredonyourbrowserastheyareessentialfortheworkingofbasicfunctionalitiesofthewebsite.Wealsousethird-partycookiesthathelpusanalyzeandunderstandhowyouusethiswebsite.Thesecookieswillbestoredinyourbrowseronlywithyourconsent.Youalsohavetheoptiontoopt-outofthesecookies.Butoptingoutofsomeofthesecookiesmayaffectyourbrowsingexperience. Necessary Necessary AlwaysEnabled Necessarycookiesareabsolutelyessentialforthewebsitetofunctionproperly.Thesecookiesensurebasicfunctionalitiesandsecurityfeaturesofthewebsite,anonymously. CookieDurationDescriptioncookielawinfo-checkbox-analytics11monthsThiscookieissetbyGDPRCookieConsentplugin.Thecookieisusedtostoretheuserconsentforthecookiesinthecategory"Analytics".cookielawinfo-checkbox-functional11monthsThecookieissetbyGDPRcookieconsenttorecordtheuserconsentforthecookiesinthecategory"Functional".cookielawinfo-checkbox-necessary11monthsThiscookieissetbyGDPRCookieConsentplugin.Thecookiesisusedtostoretheuserconsentforthecookiesinthecategory"Necessary".cookielawinfo-checkbox-others11monthsThiscookieissetbyGDPRCookieConsentplugin.Thecookieisusedtostoretheuserconsentforthecookiesinthecategory"Other.cookielawinfo-checkbox-performance11monthsThiscookieissetbyGDPRCookieConsentplugin.Thecookieisusedtostoretheuserconsentforthecookiesinthecategory"Performance".viewed_cookie_policy11monthsThecookieissetbytheGDPRCookieConsentpluginandisusedtostorewhetherornotuserhasconsentedtotheuseofcookies.Itdoesnotstoreanypersonaldata. Functional Functional Functionalcookieshelptoperformcertainfunctionalitieslikesharingthecontentofthewebsiteonsocialmediaplatforms,collectfeedbacks,andotherthird-partyfeatures. Performance Performance Performancecookiesareusedtounderstandandanalyzethekeyperformanceindexesofthewebsitewhichhelpsindeliveringabetteruserexperienceforthevisitors. Analytics Analytics Analyticalcookiesareusedtounderstandhowvisitorsinteractwiththewebsite.Thesecookieshelpprovideinformationonmetricsthenumberofvisitors,bouncerate,trafficsource,etc. Advertisement Advertisement Advertisementcookiesareusedtoprovidevisitorswithrelevantadsandmarketingcampaigns.Thesecookiestrackvisitorsacrosswebsitesandcollectinformationtoprovidecustomizedads. Others Others Otheruncategorizedcookiesarethosethatarebeinganalyzedandhavenotbeenclassifiedintoacategoryasyet. SAVE&ACCEPT