Port Forwarding or Port Mapping is an application of network address translation (NAT) that redirects a communication request from one IP Address and Port Number combination to another, while the packets are traversing a network gateway, such as a Router or Firewall.
This technique is most commonly used to make services on a host residing on a protected internal network available to hosts on the Internet (external network). By remapping the destination IP address and port number of the communication to an internal host’s IP Address and Port Number.
Normally, a network router ( WiFi Router ) will examine the header of an IP packet and send it to a linked and appropriate interface, which in turn sends the data to the destination information that’s in the header.
But in port forwarding, the router reads the packet’s header, notes the destination, and then rewrites the header information and sends it to another computer. One that’s different from the one intended. That secondary host destination may be a different IP address using the same port, a different port on the same IP address, or a completely different combination of the two.
Port forwarding is a applicable way to protect servers, clients and devices from unwanted access from the internet. It hides the Internal network services and servers from the outside world, and limit access to them from the internet.
Port forwarding is transparent to the end user and adds an extra layer of security to networks. See Also : Best Home WiFi Router.
Technically, port forwarding is used to keep unwanted traffic off networks. It allows you to use one IP address for all external communications on the Internet while dedicating multiple servers and devices with different IPs and ports to the task internally.
Port forwarding is useful for home network users who may want to access their internal network’s devices from the internet, like surveillance system, or running a Web server or gaming server on one network.
Read More : WiFi Network Security Tips.
In the simplified example below, a remote computer (81.16.22.43) sends a request to 2.3.4.5 on port 801 (which is defined and mapped to port 8010 for 192.168.1.1, in the router’s forwarding table).
Then the Router intercepts the request(packet) and rewrite the header and send it to 192.168.1.1 on port 8010 (instead of 801) , with 192.168.1.254 (the router’s Internal IP Address) as sender’s IP Address.
Read More : What is Dynamic DNS ( DDNS )
In the opposite direction, the 192.168.1.1 answer’s (response) the request to 192.168.1.254 (the router’s Internal IP Address) on port 8010 . Then the router rewrite the header and send it to 81.16.22.43 on port 801 (instead of 8010) , with 2.3.4.5 (the router’s External IP Address) as sender’s IP Address.
Now, the remote computer has never actually touched the internal server’s real IP Address and Port Number. Because of the way the packets have been rewritten, 81.16.22.43 sees that it has gotten a response from 2.3.4.5.
sample Router’s Port Forwarding Configuration Page