[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


port forwarding

Posted on 2014-03-25
Medium Priority
Last Modified: 2014-03-26
As I understand it, port forwarding is the packaging packets into an HTTP or HTTPS stream, changing the and once through the firewall, map the packet to the appropriate port

Is this correct?

And more importantly, why would you use port forwarding ?

Many Thanks
Question by:Anthony Lucia
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 35

Accepted Solution

Dan Craciun earned 668 total points
ID: 39954634
Most common use: to make an application that runs in an internal server available from the outside (Internet).

For this you either connect that server directly to the outside, or you use the router to port forward traffic from a specific port to that server's internal IP.

Bonus: you can have many internal servers available on the same external IP, as long as the external ports are different.

LVL 15

Expert Comment

by:Giovanni Heward
ID: 39954637
Port forwarding or port mapping is a name given to the combined technique of

1. translating the address or port number of a packet to a new destination

2. possibly accepting such packet(s) in a packet filter (firewall)

3. forwarding the packet according to the routing table.

The destination may be a predetermined network port (assuming protocols like TCP and UDP, though the process is not limited to these) on a host within a NAT-masqueraded, typically private network, based on the port number on which it was received at the gateway from the originating host.

The technique is used to permit communications by external hosts with services provided within a private local area network.
LVL 35

Expert Comment

by:Dan Craciun
ID: 39954645
@Giovanni Heward: please credit the source. Thank you.
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 1332 total points
ID: 39954920
Port forwarding is in essence any solution which causes packets sent to one port on one IP to arrive on a (potentially different) port on another IP.

Distinctions should be made based on to what extent the packets are re-written during this process; the most basic form is called either NAT or PAT depending on vendor and work done (the terms expand to Network Address Translation and Port Address Translation, respectively; the latter implies that the target port is also rewritten). In this form, the packet arrives at its final (internal) destination with its source IP and port intact, and replies must be routed therefore back though the translating service in order that they be again rewritten to appear to come back from the original IP/Port they were sent to.  Some solutions can perform load balancing, allowing a single external IP to be used to connect to several internal hosts in order to increase the throughput for the solution.

Another common form is called reverse proxy, virtual server, or several other terms (again, vendors seem to like making up new terms for this).  This differs from NAT/PAT in that the source address is also rewritten, so that it appears to come from the internal address of the device hosting the original target IP; this simplifies routing (in that the default route to the internet need not be via the reverse proxy) but hides source data from the internal host (which can cause difficulties in logging) - to offset this, often the proxy can perform tasks "offloaded" from the internal host, such as stripping away SSL (taking on the processor load for that), performing active caching, handling session cookies and so forth.  In cases of simple rewrite, this can also be called "Double NAT" or "Double PAT" indicating the rewriting of both target and source addresses.

As an edge case, a device can act as a socket proxy - this implies active participation by the internal host in selecting and opening the external IP/Port, which then forwards the packets over its own proxy protocol back to the requesting application (socks is an example of such a socket proxy protocol)

Finally, we have solutions such as VPNs, TOR and similar proxy networks, ssh tunnels, ssl tunnels and so forth. With these solutions, a port or virtual network card on the local machine is set to listen for connections by the local client, and the packets are encapsulated in another protocol and sent over that protocol to an external host, where they are then forwarded to a destination. This can be combined with NAT/PAT, socket proxies, forward or reverse proxies and so forth, in order that the traffic from the remote node behave as expected (for example, a ssh forward tunnel link will emerge with a random source port and the external IP of the ssh server, to a predetermined external target IP and port. A reverse tunnel will open a specified port on the remote server to listen for traffic, and forward that - via the tunnel -  to the local client, where it will then be routed - from the IP of the client, plus a random port - to a predetermined target).

As for the Why, you would use port forwarding in any situation where you want to get a connection from a host, unable to connect directly to a target IP/Port, to that target IP/Port, by explicitly connecting to a different IP/Port, which then arranges for that connection to be forwarded as needed.
LVL 80

Expert Comment

ID: 39955053
While the end result is similar, the two port forwarding and reverse proxy are distinct.
Port forwarding is accomplished on the transport layer while reverse proxy is accomplished on the application layer (proxy server handles the request from the remote side and passes the request to the internal resources.  Then upon receiving a response it forwards it back to the requester)

Port forwarding is a packet redirect
Reverse proxy is a request redirect.
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 1332 total points
ID: 39955273
@arnold: Yup.
However, this is in the context that this is a follow-up question so I am trying to cover a fair few bases to save further follow-up questions :)

There are actually a number of key technologies that are interwoven with the information the querient is looking for - tunnelling, vpn, packet/traffic encapsulation, forward and reverse proxy, policy evasion, possibly even uPnP and NAT-PMP - so including information on reverse proxy (as distinct from packet forwarding) saves a little time :)

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
What we learned in Webroot's webinar on multi-vector protection.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question