port forwarding

Posted on 2014-03-25
Last Modified: 2014-03-26
As I understand it, port forwarding is the packaging packets into an HTTP or HTTPS stream, changing the and once through the firewall, map the packet to the appropriate port

Is this correct?

And more importantly, why would you use port forwarding ?

Many Thanks
Question by:Anthony Lucia
LVL 34

Accepted Solution

Dan Craciun earned 167 total points
ID: 39954634
Most common use: to make an application that runs in an internal server available from the outside (Internet).

For this you either connect that server directly to the outside, or you use the router to port forward traffic from a specific port to that server's internal IP.

Bonus: you can have many internal servers available on the same external IP, as long as the external ports are different.

LVL 15

Expert Comment

by:Giovanni Heward
ID: 39954637
Port forwarding or port mapping is a name given to the combined technique of

1. translating the address or port number of a packet to a new destination

2. possibly accepting such packet(s) in a packet filter (firewall)

3. forwarding the packet according to the routing table.

The destination may be a predetermined network port (assuming protocols like TCP and UDP, though the process is not limited to these) on a host within a NAT-masqueraded, typically private network, based on the port number on which it was received at the gateway from the originating host.

The technique is used to permit communications by external hosts with services provided within a private local area network.
LVL 34

Expert Comment

by:Dan Craciun
ID: 39954645
@Giovanni Heward: please credit the source. Thank you.
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 333 total points
ID: 39954920
Port forwarding is in essence any solution which causes packets sent to one port on one IP to arrive on a (potentially different) port on another IP.

Distinctions should be made based on to what extent the packets are re-written during this process; the most basic form is called either NAT or PAT depending on vendor and work done (the terms expand to Network Address Translation and Port Address Translation, respectively; the latter implies that the target port is also rewritten). In this form, the packet arrives at its final (internal) destination with its source IP and port intact, and replies must be routed therefore back though the translating service in order that they be again rewritten to appear to come back from the original IP/Port they were sent to.  Some solutions can perform load balancing, allowing a single external IP to be used to connect to several internal hosts in order to increase the throughput for the solution.

Another common form is called reverse proxy, virtual server, or several other terms (again, vendors seem to like making up new terms for this).  This differs from NAT/PAT in that the source address is also rewritten, so that it appears to come from the internal address of the device hosting the original target IP; this simplifies routing (in that the default route to the internet need not be via the reverse proxy) but hides source data from the internal host (which can cause difficulties in logging) - to offset this, often the proxy can perform tasks "offloaded" from the internal host, such as stripping away SSL (taking on the processor load for that), performing active caching, handling session cookies and so forth.  In cases of simple rewrite, this can also be called "Double NAT" or "Double PAT" indicating the rewriting of both target and source addresses.

As an edge case, a device can act as a socket proxy - this implies active participation by the internal host in selecting and opening the external IP/Port, which then forwards the packets over its own proxy protocol back to the requesting application (socks is an example of such a socket proxy protocol)

Finally, we have solutions such as VPNs, TOR and similar proxy networks, ssh tunnels, ssl tunnels and so forth. With these solutions, a port or virtual network card on the local machine is set to listen for connections by the local client, and the packets are encapsulated in another protocol and sent over that protocol to an external host, where they are then forwarded to a destination. This can be combined with NAT/PAT, socket proxies, forward or reverse proxies and so forth, in order that the traffic from the remote node behave as expected (for example, a ssh forward tunnel link will emerge with a random source port and the external IP of the ssh server, to a predetermined external target IP and port. A reverse tunnel will open a specified port on the remote server to listen for traffic, and forward that - via the tunnel -  to the local client, where it will then be routed - from the IP of the client, plus a random port - to a predetermined target).

As for the Why, you would use port forwarding in any situation where you want to get a connection from a host, unable to connect directly to a target IP/Port, to that target IP/Port, by explicitly connecting to a different IP/Port, which then arranges for that connection to be forwarded as needed.
LVL 77

Expert Comment

ID: 39955053
While the end result is similar, the two port forwarding and reverse proxy are distinct.
Port forwarding is accomplished on the transport layer while reverse proxy is accomplished on the application layer (proxy server handles the request from the remote side and passes the request to the internal resources.  Then upon receiving a response it forwards it back to the requester)

Port forwarding is a packet redirect
Reverse proxy is a request redirect.
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 333 total points
ID: 39955273
@arnold: Yup.
However, this is in the context that this is a follow-up question so I am trying to cover a fair few bases to save further follow-up questions :)

There are actually a number of key technologies that are interwoven with the information the querient is looking for - tunnelling, vpn, packet/traffic encapsulation, forward and reverse proxy, policy evasion, possibly even uPnP and NAT-PMP - so including information on reverse proxy (as distinct from packet forwarding) saves a little time :)

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
server core and windows updates 3 51
save browser passwords 11 71
Scan Mac for security breach? 5 42
O365 Getting Spoofed from Another Country 4 28
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question