What is Port Forwarding?
By Stephen Bucaro
Port forwarding is a function of the NAT (Network Address Translation) protocol.
It redirects a communication request from one address and port number connection to
another while the packets are traversing a network gateway, such as a router.
This technique is used to hide hosts residing on an internal network from hosts
on external networks outside of the gateway. It does this by remapping the destination
IP address and port number of the communication to an internal host.
In a home network, hosts obtain Internet access through a DSL or cable modem
connected to a router configured with NAT. The NAT device's external interface is
configured with a public IP address. Hosts on the home network communicate only
with a private IP address. Computers behind the switch or router are not visible to
hosts on the Internet.
NAT translates between a public IP address and private IP addresses allowing multiple
computers on your home network to appear to the internet as one computer with one address.
When a computer inside your home network wants to connect to a computer on the internet,
it sends a connection request to the router (the configured Default Gateway). The router
takes that connection request (a SYN request) and changes the "reply-to" or return
address from the private IP of the computer to the public IP of the router, so that
the response from the host on the internet will be sent to the router. The router
makes an entry in a database, called the NAT table, so that it remembers it later.
When the response comes back from the remote computer (a "SYN-ACK"), the router looks
in its NAT table and sees a connection to the host on that port that was previously
initiated by a computer on the private network, changes the destination address to
the private address of the computer, and forwards it to that computer on the private network.
In this way, packets can continue to transit back and forth between the public
Internet and your private network with the router transparently changing the addresses.
When the connection is terminated, the router removes the entry from the NAT table.
More Networking Basics:
• What Routers Do
• Computer Networking Basics
• Definition: Cloud Computing
• Network Patch Panel Basics
• Fiber Broadband Internet Service
• Synchronous, Asynchronous, Isochronous. What Does it Mean?
• How to Study For and Pass the CompTIA Network+ Exam
• What is a Proxy Server?
• Home and Small Office Networking Guide
• Wireshark and Ethereal Network Protocol Analyzer Toolkit