Port Forwarding
Port forwarding, also known as tunneling, is basically forwarding a network port from one node to the other. This forwarding technique allows an outside user to access a certain port (in a LAN) through a NAT (network address translation) enabled router.
Advantages of Port Forwarding
Port forwarding basically allows an outside computer to connect to a computer in a private local area network. Some commonly done port forwarding includes forwarding port 21 for FTP access, and forwarding port 80 for web servers. To achieve such results, operating systems like the Mac OS X and the BSD (Berkeley Software Distribution) will use the pre-installed in the kernel, ipfirewall (ipfw), to conduct port forwarding. Linux on the other hand would add iptables to do port forwarding.
Downsides of Port Forwarding
There are a few downsides or precautions to take with port forwarding.
- Only one port can be used at a time by one machine.
- Port forwarding also allows any machine in the world to connect to the forwarded port at will, and thus making the network slightly insecure.
- The port forwarding technology itself is built in a way so that the destination machine will see the incoming packets as coming from the router rather than the original machine sending out the packets.
Common Applications of Port Forwarding
Port forwarding is widely used, especially in offices, schools, and homes with many computers connected to the Internet. This is basically when computers are doing port forwarding within itself. If a computer is using a shared IP address it must do port forwarding within itself. If the Internet connection is being shared among many computers, all these computers must do port forwarding in its own system. Also, if a router has NAT enabled, the computers connected to it must also do port forwarding within itself.
For example, in a household with a local area network setup, there basically will be a DSL or a cable modem connected to a router. This router is then connected the computers either by Ethernet or through a wireless, Wi-Fi. As explained, in this port forwarding situation, the router is like the ambassador of all the computers connected to it in the eyes of the Internet. Basically, to the Internet, the computers are invisible behind the router. Obviously, port forwarding is necessary as then the computers will send in requests to the router, who will then present those requests to the Internet. Without port forwarding, the Internet would not be shared among multiple computers.
Port forwarding is also commonly done with Unix systems, as ports below 1024 can only be accessed by the root administrator. As running as a root user can be risky, people will often redirect the incomings of a low number to a higher port number. An example of this is when server administrators redirect the traffic from port 80 (a restricted port) to a safer port, 080. This is done through either or both the TCP protocol and the UDP protocol.
Double Port Forwarding and Reverse Port Forwarding
There are many variations to port forwarding too. One of them is the double port forwarding. As its name suggest, double port forwarding is networking computers using multiple routers. So, one router's ports would be forwarded to another router or a gateway (with an external IP address) which would then again forward to a host on a local area network.
There is also reverse port forwarding, also known as a reverse port tunneling. This is basically composed of usually a session server and a session client. The session server connects with the session port and the session client connects with the session server component, thus a session server. For example, when a connection is established, the session server will tune into a port is to be forwarded. When a connection is done, this connection would be directly forwarded to the session client, with a destination accessible to that session client. This is usually done when an access needs to be made to a port behind a outer or a firewall, but that router or that firewall is not allowing such access. In this case, reverse port forwarding would be necessary.
|
|
- Port Scanner
A port scanner is a program which attempts to connect to a list or range of TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) ports on a list or range of IP addresses. Port scanners are used for network mapping and for network security assessments. The first decision to make when running a port [...]...
- Port Replicator
A Port Replicator is a device which is used to connect portable computers such as notebook computers or laptops to non-portable peripherals i.e. monitor, keyboard, scanner or a printer. Instead of connecting directly to the notebook computer, the peripherals are connected first to the Port Replicator and the notebook computer is then connected to the [...]...
- What Port Number is XXX on?
The way that most services work under TCP/IP is that the server is configured to use a well known port number and the client connects from a random high port. Most of these well known ports are port numbers below 1,024. High ports are ports 1,024 or above. In the old days, ports below 1,024 [...]...
- Computer Port
With each day that passes, we rely more and more on computers for all facets of our lives in the information age. Every aspect of daily life from financial matters, health issues, and leisure time all have ties to the World Wide Web and, ultimately, computers now. For some, their computer is their livelihood. For [...]...
- How to Set a Static IP Address in Windows
Setting up a static IP address on a computer network can be very helpful, especially if port forwarding is required on the network. A static IP address makes it possible for a port configuration to work, but since dynamic IPs create a new IP address each time a computer starts up, port forwarding on a [...]...