PORT FORWARDING

Learning Objectives
At the end of the session, the students should be able to:
1. Define Port Forwarding.
2. Know the importance of port forwarding, and
3. Perform the steps/wizard of port forwarding.

Activating Prior Knowledge

1. What are the reasons why some people engage in attacking a current network of
establishment?
2. Being a network administrator someday, what are the mitigations you are going to
prevent attacks?
3. Why is it important to study the classifications of DDoS attacks?

Presentation of Contents

What is Port Forwarding?

Port forwarding, or tunneling, is the behind-the-scenes process of intercepting data traffic headed
for a computer’s IP/port combination and redirecting it to a different IP and/or port. A program
that’s running on the destination computer (host) usually causes the redirection, but sometimes it
can also be an intermediate hardware component, such as a router, proxy server or firewall.

Of course, even though anyone sending data to a server isn’t aware of what’s going on, the
request will still get to its ultimate destination.

Playing with packets.

It all starts with the packets that get created when you send a data request over the Internet.

Normally, a network router will examine the header of an IP packet and send it to a linked and
appropriate interface, which in turn sends the data to the destination information that’s in the
header.
But in port forwarding, the intercepting application (or device) reads the packet header, notes the
destination, and then rewrites the header information and sends it to another computer—one
that’s different from the one intended. That secondary host destination may be a different IP
address using the same port, a different port on the same IP address, or a completely different
combination of the two.

Why port forwarding?

Port forwarding is an excellent way to preserve public IP addresses. It can protect servers and
clients from unwanted access, “hide” the services and servers available on a network and limit
access to and from a network. Port forwarding is transparent to the end-user and adds an extra
layer of security to networks.

In short, port forwarding is used to keep unwanted traffic off networks. It allows network
administrators to use one IP address for all external communications on the Internet while
dedicating multiple servers with different IPs and ports to the task internally. Port forwarding is
useful for home network users who may wish to run a Web server or gaming server on one
network.

The network administrator can set up a single public IP address on the router to translate requests
to the proper server on the internal network. By using only one IP address to accomplish multiple
tasks—and dropping all traffic that is unrelated to the services provided at the firewall—the
administrator can hide from the outside world what services are running on the network.

A look at port forwarding.

In the simplified example below, IP Address 10.0.0.1 sends a request to 10.0.0.3 on Port 80. An
intermediate host—10.0.0.2—intercepts the packets, rewrites the packet headers and sends them
on to IP Address 10.0.0.4 on Port 8080:

10.0.0.1 –> 10.0.0.2 –> 10.0.0.4

Makes a request to Actually sends to
10.0.0.3:80 10.0.0.4:8080
The host, 10.0.0.4, responds to the request, sending it to 10.0.0.2. Then 10.0.0.2 rewrites the
packet—indicating that the response is from 10.0.0.3—and sends it to 10.0.0.1:

10.0.0.4 –> 10.0.0.2 –> 10.0.0.1

 Sends its response to Forwards the response to
10.0.0.2:8080 10.0.0.1:80
As far as 10.0.0.1 is concerned, it has sent a request to 10.0.0.3 on Port 80 and has received a
response back from 10.0.0.3 on Port 80. This is not what has happened—the traffic has never
actually touched 10.0.0.3. However, because of the way the packets have been rewritten, 10.0.0.1
sees that it has gotten a response from 10.0.0.3.

The perceived destination is always from the perspective of the requesting computer. As it shows
in the diagram, even though 10.0.0.4 has become the real-time destination for traffic from
10.0.0.1, the destination for all traffic (as far as the requesting host knows) is 10.0.0.3.

Port forwarding and proxies.

It probably won’t surprise you to learn that Web proxies use a port-forwarding service. Similar to
the above home-network example, Web proxy servers use port forwarding to prevent direct
contact between clients and the wide-open world of the Internet. When a proxy or VPN receives
your online activity (an email sent or a request to see a website), it inspects and rewrites data
packets of your transmission before it moves them to and from their Internet destinations.

Understanding Port Forwarding – Beginners Guide

What is Port forwarding ? and What Does it do?

Port forwarding is a technique that is used to allow external devices access to computers
services on private networks.

It does this by mapping an external port to an internal IP address and port.

Most online gaming Applications will require you to configure port forwarding on your home
router.

To understand port forwarding you need to understand what a TCP/IP port is and how ports and
IP addresses are used together.
You will also need to appreciate the difference between internal and external IP addresses and
internal and external ports.

TCP/IP Ports

A TCP/UDP port identifies an application or service on a machine in a TCP/IP network.

On a TCP/IP network every device must have an IP address.

The IP address identifies the device.

However, a device can run multiple applications/services.

The port identifies the application/service running on the machine.

The use of ports allows computers/devices to run multiple services/applications.

Standard Port numbers are allocated to server services (0-1023) by the Internet Assigned
Numbers Authority (IANA). e.g Web servers normally use port 80 and SMTP servers use
port 25.

The combination of IP address plus port is known as a socket.

As an example. Imagine sitting on your PC at home, and you have two browser windows open.
One looking at the Google website and the other at the Yahoo website.

the connection to Google would be:

Your PC – IP1+port 2020 ——– Google IP2 +port 80 (standard port)

the connection to Yahoo would be:

our PC – IP1+port 2040 ——–Yahoo IP3 +port 80 (standard port)

Notes: IP1 is the IP address of your PC. Client port numbers are dynamically assigned and can
be reused once the session is closed.

Returning to Port forwarding..

On home or small office networks the router uses NAT (Network Address Translation) which
allows internal devices to share a single external IP4 Address.

The IP addresses on the Internal network are private addresses and are not routable on the
Internet.

External computers or devices only see the public IP address that is assigned to the NAT
router Interface.

The NAT router maps an Internal IP address + Internal Port to the external IP address +
external port.
External devices send packets to the external IP address and port.

The NAT router maps those packets and re-transmits those packets on the Internal network to
the Internal IP address and internal port.

The ports used by NAT are normally randomly assigned which is OK when the session
is initiated from the Internal network.

However if you want, for example, to host a website on your internal network and that website
needs to be accessible to external clients then you will need to use a standard port ( port 80 for
http) as the external client expects this.

To do this you statically map the external IP address + port 80 to the Internal IP address of
the web server + port 80.– This is port forwarding.

For home users the most common reason to use port forwarding is gaming.

 Video – What is Port Forwarding

 Video Internal and external IP addresses

Enabling Port forwarding and Checking Open Ports

Before you setup port forwarding you will need to configure a static IP address for the
Internal device.

This step is important as the forwarding will be set to send packets to a specific internal IP
address.

Depending on your Application you may need a list of ports that need to be available from the
the external network (i.e. Internet) and forwarded to the internal network.

To configure port forwarding on your router you will need Admin privileges.

This site has a comprehensive guide covering 100s of routers, and also port lists for many of the
games/applications.

Regardless of exactly how you configure it, as it varies by device, what you are essentially doing
is creating a mapping table that maps an external address and port to an internal address and
port.

This video shows how to configure port forwarding on a BT Home Hub.

This video shows you how to set it up on a Linksys router. It also shows you how to set a static
IP address for your machine.

Once you have forwarded the ports you may want to check that they are really open using
an open port checker.

Connecting to a Forwarded Port

To connect to the forwarded port from the Internet you will need to know the external IP
address of the Router and the Port number that has been forwarded.

However using an IP address instead of a domain name is not very convenient, in addition
the external IP address can change as most ISPs assign these addresses using DHCP.

Therefore when using port forwarding you might also what to consider using Dynamic DNS.

Port Forwarding Example

Below is a screen shot of my home router configuration which shows the ports I’ve forwarded.

Notice my router doesn’t have a field for the external IP address as it isn’t really necessary.

However some do and it is usually then configured to 0.0.0.0 .

Checking Open Ports

You can see from the screenshot above that I’ve opened ports 1800 and 1884 and 8884.

I used the online open port check to check those ports and also one that shouldn’t be open and
you can see the results below.

Note: I’ve hidden my external IP address for security reasons.

Summary

Port forwarding Maps external IP addresses and ports to Internal IP addresses and ports allowing
access to internal services from the Internet.

It is configured on home routers and it is necessary because home routers use NAT which
isolates the home network from the Internet.

Common Questions and Answers

Q- Is the External IP address mapped to the Internal IP Address?

A- No the external port is mapped, and not the external IP address. the external IP address
might change see Dynamic DNS

Q- Should I use a static Internal IP address or can I use addresses assigned by DHCP?

A- You should always use a static one.

Q- Do I need to forward both the TCP and UDP ports?

A- It depends on the application. You need to check which ports the application uses.

Q- How do I know if my device has a static address or a dynamic one?

A- You have to go to the device and examine the settings.

Q- How do I know what port I need to forward?

A- You need to know what port the service you want to use is using.However most home routers
will have a list of common games and applications and you just need to select it and it will
automatically select the ports.

Q- How do I know if I have configured it correctly

A- You can use an online port forwarding checker to check that the ports are open.

Q- What is strict NAT?

A- Microsoft define three levels of NAT- Strict,Moderate and Open. Devices that perform strict
or moderate can affect Gamers on Xbox. See this article for help

Q- Does port forwarding affect my home network security?

A- Yes because you are exposing the home network to the Internet