Sign in to follow this  
Crest

Port Forwarding Explained

Recommended Posts

So I couldn't help but notice the lack of content in the tutorial section, thought i'd make some contributions, so this is an in depth explination of what port forwarding is, and how to use it, since it seems to be a very common issue to beginners.

 

What is port forwarding?

By definition, port forwarding is the application of computer networking which redirect network requests from one address and port number to another.

What this means;

When a packet of data is sent from one machine to another, a network request is made to a Wide Area Network (WAN) Address from a machine connected to the internet. When the network request hits a router, a set of rules tells the router which machine and port number on the Local Area Network (LAN) the network request should be forwarded to. The definition of these rules allow certain applications on your Local Network to be exposed to the internet.

First let's go over what an IP address is and why you will be working with multiple IP addresses while port forwarding.

You can imagine an IP address similar to your home mailing address or a phone number. An IP Address is simply an identifier for network packets to know which machine to deliver information to. You will generally work with two ip addresses when portforwarding. One ip address is your WAN address, the ip address exposed to the internet. This ip address defines your machine on the "global internet" (as one way to put it). The other address is the LAN address of the machine you wish to expose to a public network. The ip address defines your computer on your local network. I could have 2 machines on my network. One machine is a personal computer, the other is a server which hosts my game server application. My personal machine may have an address of: 10.0.0.100 while my server may have the address of 10.0.0.101, no two machines may have the same address on a single network.

 

A portforwading rule tells which machine the router should forward packets of a specific port to. So, i want to tell me router to direct traffic to 10.0.0.101 since that is the machine hosting the server in which i wish to expose to a WAN.

Do note that there are 2 versions of IpAddress currently in use. There is IPv4 which will have a format such as X.X.XX.XXX and there's an IPv6 address which may have a series of numbers and letters (hexidecimal values). We have IPv6 because we ran out of IPv4 addresses. you may or may not need to work with IPv6 address while portforwarding. Your router may or may not support it.

 

What is a port?

A port is simply a 16 bit, unsigned integer (to define this for beginners; this means a port is a number between 0 and 65535), which acts as an identifier for applications running on a network. Two objects of the same port may not be running on the same machine at the same time, as this causes network delivery conflictions, meaning that the machine's operating system does not know which application to forward traffic to. That is quite literally all a port is. A number that is a unique identifier of applications on a network.

Now actually what port forwarding looks like;

Basically, I want to expose port number 4000 to the internet. The application i want to expose is on the ip address 10.0.0.101 and is running on port 2000. (I'm giving two different port number to give clearer definition of exactly what happens when data packets are received on the network, you do not have to use two different port numbers to port forward.)
In order to expose my application (running on 10.0.0.101:2000) to the public network by port 4000, I must create a port forwarding rule to instruct my router how to forward data. I do this by going to my router's port forwarding control panel.

 

Example of what that looks like:

TypicalPortForwardingSetup.png

 

I can access this control panel by finding my routers gateway address. I can do this by opening up my control panel (windows: Start->Run->cmd.exe) or my terminal (linux), and typing the command ipconfig (window), or ifconfig(linux). Network information will be returned on the console and you want to find the ipaddress for "gateway". I can then take this ipaddress, open up my web browser, and paste it into the address bar. Navigating to this address will bring your to your router's administrator login panel. After logging in (you gotta find your username and password somehow), i will need to find the section of my adminstrator settings for "Port Forwarding" or "Port Range Forwarding".

 

The name of the application does not matter, it is only an identifier for you to know what application that rule is exposing. You could put "Exposive kittens in a blender" if you wanted and it will still work fine. The "public port" field defines what port number you are exposing to the public (which port others will use to connect to your server). The "private port" section determines the port which the application is running on your local network. So in my example problem of which ports i want to expose, port 4000 is my public port. People will connect to my server through port 4000. Port 2000 is my private port, that is the port my server is running on. The "IP Address" field is the ip address of the local machine address running the application you wish to expost. As stated above my server is running on my LAN address 10.0.0.101. So 10.0.0.101 willl be the value of "Ip Address".

 

Protocols (UDP/TCP)

A network protocol determines how a socket handles information. The 2 primary protocols used are User Data Protocol (UDP) and Transmission Control Protocol (TCP). Understanding the difference between these protocls and what they do is a more advanced topic which will not be discussed here. You do, however, need to know which protocol your application is using. I believe intersect uses UDP, but i cannot 100% confirm that, hopefully someone else can in the comments. In most cases you are okay to use Protocol/Traffic Type: "Both". Which states that the receiving port accepts both UDP and TCP data packets.


Connecting to an application after port forwarding:

In order to connect to your application through the Wide Area Network, you will need your WAN address, which you can get by going to google and typing in "What is My Ip Address". An IPv6 Address may or may not be returned, if it is, and your application does not support IPv6, your router should also have an IPv4 address, finding a site that will display this information for you is not hard. This is one that i've found: http://whatismyipaddress.com/

 

After grabbing your WAN Address, you will need to configure your client to use that address. This may involve you opening up a configuration file and updating the address given. The port in this config will also need to be adjusted to that of which is the port you're exposing publically (what you filled out in the "public port" field). Putting your LAN address in will only access the server through your localized network.

 

There's no place like 127.0.0.1!

So i wanted to bring up localhost in this subject to explain a bit about local endpoints. Most networks controllers (practically all) have a networking rule built in that tells a machine to reference itself without hitting an external network by using a specified ip address. We refer to this address as localhost, and in most cases (practically all) this address is 127.0.0.1. In most machines and a lot of applications, you may literally use the string "localhost" as a shorthand to this address. I may open my web browser and type in "localhost" and my machines Domain name resolver, auto resolves this to the address 127.0.0.1 and load up whatever web application is running on my local machine. Again, all this address does is reference the local machine without hitting an external network (LAN or WAN). No other machine on your network may access another machine if you use the ip address "127.0.0.1".

 

That's about all the information i have to give on port forwarding, i hope this post helps reduce the number of questions about port forwarding. If you have questions or are confused about a specific subject in this post, feel free to drop a question in a reply.
 

Wide Area Network; The best way to describe this in my opinion; A series of Local Area Networks linked together. This is what we know as the internet.

Local Area Network; A network of computers locally linked together by some sort of switch. These machines are exposed only to other machines on the same switch.

 

For those looking for a simple guide to the process of portforwarding, I recommend seeing Miharukun's guide:

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this