port forwarding

Posted on 2014-03-25
Medium Priority
Last Modified: 2014-03-26
As I understand it, port forwarding is the packaging packets into an HTTP or HTTPS stream, changing the and once through the firewall, map the packet to the appropriate port

Is this correct?

And more importantly, why would you use port forwarding ?

Many Thanks
Question by:Anthony Lucia
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 35

Accepted Solution

Dan Craciun earned 668 total points
ID: 39954634
Most common use: to make an application that runs in an internal server available from the outside (Internet).

For this you either connect that server directly to the outside, or you use the router to port forward traffic from a specific port to that server's internal IP.

Bonus: you can have many internal servers available on the same external IP, as long as the external ports are different.

LVL 15

Expert Comment

by:Giovanni Heward
ID: 39954637
Port forwarding or port mapping is a name given to the combined technique of

1. translating the address or port number of a packet to a new destination

2. possibly accepting such packet(s) in a packet filter (firewall)

3. forwarding the packet according to the routing table.

The destination may be a predetermined network port (assuming protocols like TCP and UDP, though the process is not limited to these) on a host within a NAT-masqueraded, typically private network, based on the port number on which it was received at the gateway from the originating host.

The technique is used to permit communications by external hosts with services provided within a private local area network.
LVL 35

Expert Comment

by:Dan Craciun
ID: 39954645
@Giovanni Heward: please credit the source. Thank you.
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 1332 total points
ID: 39954920
Port forwarding is in essence any solution which causes packets sent to one port on one IP to arrive on a (potentially different) port on another IP.

Distinctions should be made based on to what extent the packets are re-written during this process; the most basic form is called either NAT or PAT depending on vendor and work done (the terms expand to Network Address Translation and Port Address Translation, respectively; the latter implies that the target port is also rewritten). In this form, the packet arrives at its final (internal) destination with its source IP and port intact, and replies must be routed therefore back though the translating service in order that they be again rewritten to appear to come back from the original IP/Port they were sent to.  Some solutions can perform load balancing, allowing a single external IP to be used to connect to several internal hosts in order to increase the throughput for the solution.

Another common form is called reverse proxy, virtual server, or several other terms (again, vendors seem to like making up new terms for this).  This differs from NAT/PAT in that the source address is also rewritten, so that it appears to come from the internal address of the device hosting the original target IP; this simplifies routing (in that the default route to the internet need not be via the reverse proxy) but hides source data from the internal host (which can cause difficulties in logging) - to offset this, often the proxy can perform tasks "offloaded" from the internal host, such as stripping away SSL (taking on the processor load for that), performing active caching, handling session cookies and so forth.  In cases of simple rewrite, this can also be called "Double NAT" or "Double PAT" indicating the rewriting of both target and source addresses.

As an edge case, a device can act as a socket proxy - this implies active participation by the internal host in selecting and opening the external IP/Port, which then forwards the packets over its own proxy protocol back to the requesting application (socks is an example of such a socket proxy protocol)

Finally, we have solutions such as VPNs, TOR and similar proxy networks, ssh tunnels, ssl tunnels and so forth. With these solutions, a port or virtual network card on the local machine is set to listen for connections by the local client, and the packets are encapsulated in another protocol and sent over that protocol to an external host, where they are then forwarded to a destination. This can be combined with NAT/PAT, socket proxies, forward or reverse proxies and so forth, in order that the traffic from the remote node behave as expected (for example, a ssh forward tunnel link will emerge with a random source port and the external IP of the ssh server, to a predetermined external target IP and port. A reverse tunnel will open a specified port on the remote server to listen for traffic, and forward that - via the tunnel -  to the local client, where it will then be routed - from the IP of the client, plus a random port - to a predetermined target).

As for the Why, you would use port forwarding in any situation where you want to get a connection from a host, unable to connect directly to a target IP/Port, to that target IP/Port, by explicitly connecting to a different IP/Port, which then arranges for that connection to be forwarded as needed.
LVL 79

Expert Comment

ID: 39955053
While the end result is similar, the two port forwarding and reverse proxy are distinct.
Port forwarding is accomplished on the transport layer while reverse proxy is accomplished on the application layer (proxy server handles the request from the remote side and passes the request to the internal resources.  Then upon receiving a response it forwards it back to the requester)

Port forwarding is a packet redirect
Reverse proxy is a request redirect.
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 1332 total points
ID: 39955273
@arnold: Yup.
However, this is in the context that this is a follow-up question so I am trying to cover a fair few bases to save further follow-up questions :)

There are actually a number of key technologies that are interwoven with the information the querient is looking for - tunnelling, vpn, packet/traffic encapsulation, forward and reverse proxy, policy evasion, possibly even uPnP and NAT-PMP - so including information on reverse proxy (as distinct from packet forwarding) saves a little time :)

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Suggested Courses
Course of the Month14 days, 3 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question