Professional Documents
Culture Documents
Unit 3 Topic 6 Port Forwarding 3
Unit 3 Topic 6 Port Forwarding 3
Learning Objectives
At the end of the session, the students should be able to:
1. Define Port Forwarding.
2. Know the importance of port forwarding, and
3. Perform the steps/wizard of port forwarding.
Presentation of Contents
Port forwarding, or tunneling, is the behind-the-scenes process of intercepting data traffic headed
for a computer’s IP/port combination and redirecting it to a different IP and/or port. A program
that’s running on the destination computer (host) usually causes the redirection, but sometimes it
can also be an intermediate hardware component, such as a router, proxy server or firewall.
Of course, even though anyone sending data to a server isn’t aware of what’s going on, the
request will still get to its ultimate destination.
Normally, a network router will examine the header of an IP packet and send it to a linked and
appropriate interface, which in turn sends the data to the destination information that’s in the
header.
But in port forwarding, the intercepting application (or device) reads the packet header, notes the
destination, and then rewrites the header information and sends it to another computer—one
that’s different from the one intended. That secondary host destination may be a different IP
address using the same port, a different port on the same IP address, or a completely different
combination of the two.
In short, port forwarding is used to keep unwanted traffic off networks. It allows network
administrators to use one IP address for all external communications on the Internet while
dedicating multiple servers with different IPs and ports to the task internally. Port forwarding is
useful for home network users who may wish to run a Web server or gaming server on one
network.
The network administrator can set up a single public IP address on the router to translate requests
to the proper server on the internal network. By using only one IP address to accomplish multiple
tasks—and dropping all traffic that is unrelated to the services provided at the firewall—the
administrator can hide from the outside world what services are running on the network.
The perceived destination is always from the perspective of the requesting computer. As it shows
in the diagram, even though 10.0.0.4 has become the real-time destination for traffic from
10.0.0.1, the destination for all traffic (as far as the requesting host knows) is 10.0.0.3.
Port forwarding is a technique that is used to allow external devices access to computers
services on private networks.
Most online gaming Applications will require you to configure port forwarding on your home
router.
To understand port forwarding you need to understand what a TCP/IP port is and how ports and
IP addresses are used together.
You will also need to appreciate the difference between internal and external IP addresses and
internal and external ports.
TCP/IP Ports
Standard Port numbers are allocated to server services (0-1023) by the Internet Assigned
Numbers Authority (IANA). e.g Web servers normally use port 80 and SMTP servers use
port 25.
As an example. Imagine sitting on your PC at home, and you have two browser windows open.
One looking at the Google website and the other at the Yahoo website.
Notes: IP1 is the IP address of your PC. Client port numbers are dynamically assigned and can
be reused once the session is closed.
On home or small office networks the router uses NAT (Network Address Translation) which
allows internal devices to share a single external IP4 Address.
The IP addresses on the Internal network are private addresses and are not routable on the
Internet.
External computers or devices only see the public IP address that is assigned to the NAT
router Interface.
The NAT router maps an Internal IP address + Internal Port to the external IP address +
external port.
External devices send packets to the external IP address and port.
The NAT router maps those packets and re-transmits those packets on the Internal network to
the Internal IP address and internal port.
The ports used by NAT are normally randomly assigned which is OK when the session
is initiated from the Internal network.
However if you want, for example, to host a website on your internal network and that website
needs to be accessible to external clients then you will need to use a standard port ( port 80 for
http) as the external client expects this.
To do this you statically map the external IP address + port 80 to the Internal IP address of
the web server + port 80.– This is port forwarding.
For home users the most common reason to use port forwarding is gaming.
Before you setup port forwarding you will need to configure a static IP address for the
Internal device.
This step is important as the forwarding will be set to send packets to a specific internal IP
address.
Depending on your Application you may need a list of ports that need to be available from the
the external network (i.e. Internet) and forwarded to the internal network.
To configure port forwarding on your router you will need Admin privileges.
This site has a comprehensive guide covering 100s of routers, and also port lists for many of the
games/applications.
Regardless of exactly how you configure it, as it varies by device, what you are essentially doing
is creating a mapping table that maps an external address and port to an internal address and
port.
Once you have forwarded the ports you may want to check that they are really open using
an open port checker.
To connect to the forwarded port from the Internet you will need to know the external IP
address of the Router and the Port number that has been forwarded.
However using an IP address instead of a domain name is not very convenient, in addition
the external IP address can change as most ISPs assign these addresses using DHCP.
Therefore when using port forwarding you might also what to consider using Dynamic DNS.
Below is a screen shot of my home router configuration which shows the ports I’ve forwarded.
Notice my router doesn’t have a field for the external IP address as it isn’t really necessary.
I used the online open port check to check those ports and also one that shouldn’t be open and
you can see the results below.
Summary
Port forwarding Maps external IP addresses and ports to Internal IP addresses and ports allowing
access to internal services from the Internet.
It is configured on home routers and it is necessary because home routers use NAT which
isolates the home network from the Internet.
A- No the external port is mapped, and not the external IP address. the external IP address
might change see Dynamic DNS
Q- Should I use a static Internal IP address or can I use addresses assigned by DHCP?
A- It depends on the application. You need to check which ports the application uses.
A- You need to know what port the service you want to use is using.However most home routers
will have a list of common games and applications and you just need to select it and it will
automatically select the ports.
A- Microsoft define three levels of NAT- Strict,Moderate and Open. Devices that perform strict
or moderate can affect Gamers on Xbox. See this article for help
A- Yes because you are exposing the home network to the Internet