You have probably heard of port forwarding. This is a fairly simple to set up and extremely useful tool. Mastering it will not hurt those who are going to deploy game servers or set up video surveillance systems.
A few words about ports
A port is a natural number that is written in the OSI transport layer protocol header and is used to determine the sending process.
Data exchange over the network is carried out according to a specific protocol between two processes (sender and recipient). To establish a connection and transfer information, the following data is needed:
- two IP addresses (sender host and destination host);
- transport protocol type (TCP/UDP);
- port numbers of the sender and receiver processes.
What is port forwarding for?
The router's standard settings provide for masking the addresses of devices located behind it. When the router receives outgoing data packets from the internal network’s device, it opens a specific port and sends data, changing the internal IP address of the destination device to its own external address. When data packets are received on this router's port in response, it redirects them to the device for which the information is intended. It turns out that only the router's IP address is visible from the external network, and the devices behind it remain invisible.
This technology is good in conditions of a critical decrease in the number of free IPv4 addresses, but it has a drawback: the router will only accept data packets that come over a connection initiated by an internal network device. But if the server or computer tries to access the device behind the router first, the requests will be rejected.
Getting access to devices on the local network from an external one is not so easy. To do this, you need to set up port forwarding.
Port forwarding is an operation that is part of the network address translation or NAT (NAT mechanism provides for the use of one external interface by several devices on the local network). Forwarding involves matching a given port on the external interface of the router with a specific port of the requested device on the local network.
It is worth noting that with the introduction of IPv6, the need for port forwarding and NAT in general will disappear.
Port forwarding is configured for the following cases:
- game server’s organization;
- remote computer control;
- connection to an IP video camera or to a computer to which the image from the camera is transmitted;
- organization of WEB/FTP-servers’ work.
How it works
«Forward» ports is to instruct the router to reserve one port and all data coming to it for transmission to a specific computer. In other words, make an exception to the rule of rejecting uninitiated external requests and accept them under given conditions.
To do this, a rule is set to redirect any free port of the WAN interface on the router to a specific port of the specified device.
After the redirect rule is created, incoming requests to the specified external port will be addressed to the specified port of a specific device.
Setting on the example of Totolink routers
First, connect the router to the computer via a cable and enter the settings. How to do it, read here.
Go to «Advanced», then select «NAT Mapping» on the left, the desired tab «Virtual Server» is already open.
Next, click «Add».
Then in the opened window, you need to enter:
- «Service Type»;
- «External Port» (all data coming to this port will be redirected);
- «Internal Port» (data from the external port will be redirected to this port);
- «Internal Server IP» (address of the device to which you want to redirect data, within the network);
Then click «Аpply» — and the rule will be added.
For convenience, clicking «View Existing Servers» will open a list of templates from which you can choose one. After that, all fields in the previous window, except for the host IP address, will be filled in according to the selected template.
In general, the browser window will look like this:
To view the IP addresses and MAC of devices that the router has assigned IP addresses, click: «Advanced» / «Network» / «DHCP&ARP Tables».
One device is currently connected to the router. To «fix» this IP address with the device, i.e. so that this router always gives the same address to this device, you need to select the «Static DHCP Setup» tab:
Then choose the «Static DHCP Setup» and fill in the 3 fields below:
- «IP Address» (IP address that will always be issued);
- «MAC Address» (unique for each device MAC address, on the basis of which an IP address is issued);
- «Comment» (for your own understanding of what kind of device it is).
After entering the data, click the «Add», after that the rule will work.