Although modern routers handle most functions automatically, some
applications will require you to manually forward a port to that
application or device. Fortunately, it’s really simple to do if you know where
to look.
What Is Port Forwarding?
There are plenty of projects we’ve covered that use your computer as a
server for other devices. When you’re inside of your network, most things will
work fine. But some apps, if you want to access them when you’re outside your
network, make things significantly hairier. Let’s start by taking a look
at why that is.
How Your Router Handles
Requests and Uses Ports
Here’s a map of a simple home network. The cloud icon represents the
greater internet and your public, or forward-facing, Internet Protocol (IP) address.
This IP address represents your entire household from the oustide world–like a
street address, in a way.
The red address 192.1.168.1 is the router address within your network.
The additional addresses all belong to the computers seen at the bottom of the
image. If your public IP address is like a street address, think of the
internal IP addresses like apartment numbers for that street address.
This is thanks to a wonderful bit of routing magic known as a Network Address Translation (NAT). This function occurs at the router level where the NAT acts like a traffic cop, directing the flow of network traffic through the router so that a single public IP address can be shared among all the devices behind the router. Because of the NAT, everyone in your household can request web sites and other internet content simultaneously and it will all be delivered to the right device.
So where do ports come into this process? Ports are an old but useful holdover from the early days of network computing. Back in the day, when computers could only run one application at a time, all you had to do was point one computer at another computer on the network to connect them as they would be running the same application. Once computers became sophisticated to run multiple applications, early computer scientists had to wrestle with the issue of ensuring applications connected to the right applications. Thus, ports were born.
Some ports have specific applications which are standards throughout the computing industry. When you fetch a web page, for example, it uses port 80. The receiving computer’s software knows that port 80 is used for serving http documents, so it listens there and responds accordingly. If you send an http request over a different port—say, 143—the web server won’t recognize it because it’s not listening there (although something else might be, like an IMAP email server which traditionally uses that port).
Other ports don’t have pre-assigned uses, and you can use them for whatever you want. To avoid interfering with other standard-abiding applications, it’s best to use larger numbers for these alternate configurations. Plex Media Server uses port 32400, for example, and Minecraft servers use 25565—both numbers that fall into this “fair game” territory.
Each port can be used via either TCP or UDP. TCP, or Transmission Control Protocol, is what’s used most commonly. UDP, or User Datagram Protocol, is less widely used in home applications with one major exception: BitTorrent. Depending on what is listening, it’ll be expecting requests to be made in either one or the other of these protocols.
Why You Need to Forward Ports
So why exactly would you need to forward ports? While some applications take advantage of NAT to set their own ports and handle all the configuration for you, there are still plenty of applications that do not, and you’ll need to give your router a helping hand when it comes to connecting services and applications.
In the diagram below we’re starting with a simple premise. You’re on your laptop somewhere in the world (with an IP address of 225.213.7.42), and you want to connect to your home network to access some files. If you simply plug your home IP address (127.34.73.214) into whatever tool you’re using (an FTP client or remote desktop application, for example), and that tool doesn’t take advantage of those advanced router features we just mentioned, you’re out of luck. It won’t know where to send your request, and nothing will happen.
This, by the way, is a great security feature. If somebody connects to your home network and they aren’t connected to a valid port, you want the connection to get rejected. That’s the firewall element of your router doing its job: rejecting unwelcome requests. If the person knocking on your virtual door, however, is you, then the rejection isn’t so welcome and we need to do a little tweaking.
To solve that problem, you want to tell your router “hey: when I access you with this program, you’ll need to send it to this device at this port”. With those instructions in place, your router will make sure you can access the right computer and application on your home network.
So in this example, when you’re out and about and using your laptop, you use different ports to make your requests. When you access your home network’s IP address using port 22, your router at home knows that this should go to 192.168.1.100 inside the network. Then, the SSH daemon on your Linux installation will respond. At the same time, you can make a request over port 80, which your router will send to the web server at 192.168.1.150. Or, you can try to remotely control your sister’s laptop with VNC, and your router will connect you to your laptop at 192.168.1.200. In this way, you can easily connect to all the devices you’ve set up a port forward rule for.
The usefulness of port forwarding doesn’t end there though! You can even use port forwarding to change existing services’ port numbers for clarity and convenience. For example, let’s say you have two web servers running on your home network and you want one to be readily and obviously accessible (e.g. it’s a weather server you want people to be able to easily find) and the other web server is for a personal project.
When you access your home network from the public-facing port 80, you can tell your router to send it to port 80 on the weather server at 192.168.1.150, where it will be listening at port 80. But, you can tell your router that when you access it via port 10,000, that it should go to port 80 on your personal server, 192.168.1.250. This way, the second computer doesn’t have to be reconfigured to use a different port, but you can still manage traffic effectively—and at the same time by leaving the first web server linked to port 80 you make it easier for people accessing your aforementioned weather server project.
Now that we know what port forwarding is and why we might want to use it, lets’ take a look at some small considerations regarding port forwarding before diving into actually configuring it.
Considerations Before Configuring Your Router
There are a few things to keep in mind before sitting down to configure your router and running through them in advance is guaranteed to cut down on frustration.Source: http://www.howtogeek.com/66214/how-to-forward-ports-on-your-router/
EmoticonEmoticon