Port Forwarding Basics
Port Forwarding is a technique that directs external traffic entering a specific port on a router to a specific internal device (Private IP) within the local network.
By default, a router (NAT) blocks all unsolicited incoming traffic for security. Port forwarding acts as a rule that opens a specific path, allowing external access to internal services.
1. Understanding via Analogy (Apartment Reception)
- Public IP (Apartment Building Address): The main address reachable from the outside.
- Router (Receptionist): Receives mail and directs it internally.
- Private IP (Unit Number): Individual apartments inside the building.
- Port (Recipient Name/Extension): An identifier for who the mail is for.
Port Forwarding Rule: It's like telling the receptionist, "If a package arrives labeled 'Website (Port 80)', please deliver it specifically to 'Unit 101 (My Computer)'."
2. Working Principle and Configuration Example
Scenario: An external user wants to access a web server hosted on your home computer.
- Configuration: You set a rule in the router: "Forward traffic coming in on External Port 8080 to Internal IP 192.168.1.10 on Port 80."
- Access: The external user types
http://[Public_IP]:8080into their browser. - Forwarding: The router sees the request on port 8080, checks its rules, and forwards the data to
192.168.1.10on port80. - Response: Your computer (web server) sends the response back through the router to the external user.
3. Key Use Cases
| Use Case | Common Ports | Description |
|---|---|---|
| Web Server Hosting | 80 (HTTP), 443 (HTTPS) | Hosting a website on your local computer accessible to the public. |
| Remote Desktop | 3389 (RDP) | Controlling your home computer remotely from an office or cafe. |
| Game Servers | 25565 (Minecraft, etc.) | Hosting a multiplayer game server for friends to join. |
| NAS / CCTV | 21 (FTP), 554 (RTSP) | Accessing home storage (NAS) or security camera feeds from outside. |