In computer networking, port forwarding is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.
This technique is most commonly used to make services on a host residing on a protected or masqueraded (internal) network available to hosts on the opposite side of the gateway (external network), by remapping the destination IP address and port number of the communication to an internal host.
Port forwarding can be divided into the following specific types: local, remote, and dynamic port forwarding
Local Port Forwarding
Local port forwarding is the most common type of port forwarding. It is used to let a user connect from the local computer to another server, i.e. forward data securely from another client application running on the same computer as a Secure Shell (SSH) client. By using local port forwarding, firewalls that block certain web pages are able to be bypassed.
Remote Port Forwarding
This form of port forwarding enables applications on the server side of a Secure Shell (SSH) connection to access services residing on the SSH’s client side. In addition to SSH, there are proprietary tunnelling schemes that utilize remote port forwarding for the same general purpose. In other words, remote port forwarding lets users connect from the server side of a tunnel, SSH or another, to a remote network service located at the tunnel’s client side.
Dynamic Port Forwarding
Dynamic port forwarding (DPF) is an on-demand method of traversing a firewall or NAT through the use of firewall pinholes. The goal is to enable clients to connect securely to a trusted server that acts as an intermediary for the purpose of sending/receiving data to one or many destination servers.
DPF can be implemented by setting up a local application, such as SSH, as a SOCKS proxy server, which can be used to process data transmissions through the network or over the Internet. Programs, such as web browsers, must be configured individually to direct traffic through the proxy, which acts as a secure tunnel to another server. Once the proxy is no longer needed, the programs must be reconfigured to their original settings. Because of the manual requirements of DPF, it is not often used.
Is Port Forwarding Safe ?
Setting up a port forward in your router sounds scary at first and a lot of people want to know if it’s safe or not. It’s a difficult question to answer, but in short:
- If you are forwarding a port to a game console like Xbox or Playstation then it’s absolutely 100% safe.
- If you are forwarding a port to a consumer device like a camera or a DVR then the only risk is people accessing that device, but the risk is very low as long as you’ve setup a password on the device.
- If you are forwarding a port to a computer then you need to make sure that computer has a software firewall. Windows Vista, Windows 7, Windows 8, and Windows 10 all come with an excellent firewall and the default settings are good.
