Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




605 posts

Ultimate Geek
+1 received by user: 21


Topic # 136191 18-Nov-2013 14:19
Send private message

What is the difference between forwarding a port and opening a port?  Simple explanation would be much appreciated.

Create new topic


605 posts

Ultimate Geek
+1 received by user: 21


  Reply # 936639 18-Nov-2013 14:23
Send private message

freitasm: They are the same thing.

So why do we sometimes open port in Windows Firewall and forward in router interface?  I am just trying to understand what exactly happens when port forwarding is done at router level and when a port is opened in Windows firewall and how are they same of different?

 
 
 
 


2533 posts

Uber Geek
+1 received by user: 940

Subscriber

  Reply # 936641 18-Nov-2013 14:24
Send private message

It depends. Often, they are the same for all intents and purposes. "Opening a port" would technically be the process of allowing traffic to pass on that port, while "port forwarding" is forwarding traffic that is received by one device on a given port, to a different device.

Port forwarding is typically used to, for example, forward incoming traffic on port 80 (HTTP), from your firewall/router to your web server.

Opening a port could be used to describe the same process, or it could refer to simply allowing that port to be accessed on the local device (i.e. open the port on your web server) without the "forwarding it on to another device" component.

But, yes, especially when talking about a SOHO setup, many people will use the terms interchangeably.

If a port is "closed" in regards to a firewall, then traffic on that port is not allowed. So a firewall on a web server, with port 80 closed, would mean web traffic isn't allowed. Open port 80, and web traffic is allowed. There is no forwarding involved here.

But when the web server is behind an external firewall or router, that router has to forward the traffic coming on port 80, on to the web server, which must have the port open to allow it.

You could kind of think of it like, a port forward is a signpost showing you which path to take, and an open port is like opening the door to let you walk inside.

5407 posts

Uber Geek
+1 received by user: 1872


  Reply # 936644 18-Nov-2013 14:26
Send private message

Port forward would normally happen through a NAT router where a specific port on the WAN interface is forwarded to an IP address on the internal LAN, whereas opening a port would happen on a firewall where connections are normally blocked, just to let traffic through.

BDFL - Memuneh
63019 posts

Uber Geek
+1 received by user: 13595

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 936649 18-Nov-2013 14:29
Send private message

stitch:
freitasm: They are the same thing.

So why do we sometimes open port in Windows Firewall and forward in router interface?  I am just trying to understand what exactly happens when port forwarding is done at router level and when a port is opened in Windows firewall and how are they same of different?


Hmmm. Ok, you didn't specify "open a port in firewall" and "forward a port in router". I gave a generic answer based on a the limited question posed.

So here is the long one, now that we have all information: a firewall will prevent communication passing through it, while allowing other. By default firewalls will block communications. "Opening a port" in this context" means allowing connections to happen.

Consumer routers are usually configured in a way that it will relay communications from many devices to the Internet and it does so in a way that allows it to return the response to a request that was sent out to pass to the original device. But unsolicited incoming requests need to be directed to a point inside your network. By default routers won't let unsolicited incoming requests to get into the network, basically because it wouldn't know where to send it to. In this context forwarding a port means configuring the router to pass incoming requests to a device that can handle those.

Another way of doing it is by placing a device in the DMZ. A device in the DMZ will by default receive all unsolicited incoming request (obviously if a firewall is running on that device then you should also configure it to allow the connection to be established).







605 posts

Ultimate Geek
+1 received by user: 21


  Reply # 936662 18-Nov-2013 14:37
Send private message

Thanks everyone for the explanations.  I was trying to set up FTP server at home just for some testing and it wouldn't work for external access.  My router has a static ip from ISP so I thought it would work without any other changes or additions. Finally it worked by opening/forwarding port 21 etc and adding the FileZilla server to Windows Firewall.  Now, the reason I asked this question is because I want to know what minimum port opening/forwarding is required for ftp server to be accessed from outside of my Home network as I might have done a bit extra than what was required.

If someone can put the steps in few points that would be great. 



605 posts

Ultimate Geek
+1 received by user: 21


  Reply # 936663 18-Nov-2013 14:39
Send private message

Oh, and I also had to forward port 21 to my Computer(FileZilla Server) from my router settings.

2533 posts

Uber Geek
+1 received by user: 940

Subscriber

  Reply # 936671 18-Nov-2013 14:51
Send private message

stitch: Thanks everyone for the explanations.  I was trying to set up FTP server at home just for some testing and it wouldn't work for external access.  My router has a static ip from ISP so I thought it would work without any other changes or additions. Finally it worked by opening/forwarding port 21 etc and adding the FileZilla server to Windows Firewall.  Now, the reason I asked this question is because I want to know what minimum port opening/forwarding is required for ftp server to be accessed from outside of my Home network as I might have done a bit extra than what was required.

If someone can put the steps in few points that would be great. 


Assuming you have a typical home setup with a broadband connection of some kind coming in to a modem/router, with the FTP server running on a PC of some sort connected to the LAN port / wifi of the router, then you will need to forward port 21 in the router to your FTP servers LAN address, and allow port21 in the firewall on the FTP server.

14642 posts

Uber Geek
+1 received by user: 2722

Trusted
Subscriber

  Reply # 936799 18-Nov-2013 17:40
Send private message

Here's how I understand it (and I'm not a network guy, but I know enough to be dangerous). You have a public IP address on your router, each PC has a private IP. On your router you can set up a port forward, so every packet sent to that port on your public IP gets sent to a specified IP/port on the private network range. This could be useful for P2P connections like bit torrent, or hosting an FTP server.

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Orcon announces new always-on internet service for Small Business
Posted 18-Apr-2019 10:19


Spark Sport prices for Rugby World Cup 2019 announced
Posted 16-Apr-2019 07:58


2degrees launches new unlimited mobile plan
Posted 15-Apr-2019 09:35


Redgate brings together major industry speakers for SQL in the City Summits
Posted 13-Apr-2019 12:35


Exported honey authenticated on Blockchain
Posted 10-Apr-2019 21:19


HPE and Nutanix partner to deliver hybrid cloud as a service
Posted 10-Apr-2019 21:12


Southern Cross and ASN sign contract for Southern Cross NEXT
Posted 10-Apr-2019 21:09


Data security top New Zealand consumer priority when choosing a bank
Posted 10-Apr-2019 21:07


Samsung announces first 8K screens to hit New Zealand
Posted 10-Apr-2019 21:03


New cyber-protection and insurance product for businesses launched in APAC
Posted 10-Apr-2019 20:59


Kiwis ensure streaming is never interrupted by opting for uncapped broadband plans
Posted 7-Apr-2019 09:05


DHL Express introduces new MyDHL+ online portal to make shipping easier
Posted 7-Apr-2019 08:51


RackWare hybrid cloud platform removes barriers to enterprise cloud adoption
Posted 7-Apr-2019 08:50


Top partner named at MYOB High Achievers Awards
Posted 7-Apr-2019 08:48


Great ideas start in Gisborne with hackathon event back for another round
Posted 7-Apr-2019 08:42



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.