Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




615 posts

Ultimate Geek
+1 received by user: 21


# 136191 18-Nov-2013 14:19
Send private message

What is the difference between forwarding a port and opening a port?  Simple explanation would be much appreciated.

Create new topic


615 posts

Ultimate Geek
+1 received by user: 21


  # 936639 18-Nov-2013 14:23
Send private message

freitasm: They are the same thing.

So why do we sometimes open port in Windows Firewall and forward in router interface?  I am just trying to understand what exactly happens when port forwarding is done at router level and when a port is opened in Windows firewall and how are they same of different?

 
 
 
 


2534 posts

Uber Geek
+1 received by user: 943

Subscriber

  # 936641 18-Nov-2013 14:24
Send private message

It depends. Often, they are the same for all intents and purposes. "Opening a port" would technically be the process of allowing traffic to pass on that port, while "port forwarding" is forwarding traffic that is received by one device on a given port, to a different device.

Port forwarding is typically used to, for example, forward incoming traffic on port 80 (HTTP), from your firewall/router to your web server.

Opening a port could be used to describe the same process, or it could refer to simply allowing that port to be accessed on the local device (i.e. open the port on your web server) without the "forwarding it on to another device" component.

But, yes, especially when talking about a SOHO setup, many people will use the terms interchangeably.

If a port is "closed" in regards to a firewall, then traffic on that port is not allowed. So a firewall on a web server, with port 80 closed, would mean web traffic isn't allowed. Open port 80, and web traffic is allowed. There is no forwarding involved here.

But when the web server is behind an external firewall or router, that router has to forward the traffic coming on port 80, on to the web server, which must have the port open to allow it.

You could kind of think of it like, a port forward is a signpost showing you which path to take, and an open port is like opening the door to let you walk inside.

5420 posts

Uber Geek
+1 received by user: 1876


  # 936644 18-Nov-2013 14:26
Send private message

Port forward would normally happen through a NAT router where a specific port on the WAN interface is forwarded to an IP address on the internal LAN, whereas opening a port would happen on a firewall where connections are normally blocked, just to let traffic through.

BDFL - Memuneh
63279 posts

Uber Geek
+1 received by user: 13826

Administrator
Trusted
Geekzone
Lifetime subscriber

  # 936649 18-Nov-2013 14:29
Send private message

stitch:
freitasm: They are the same thing.

So why do we sometimes open port in Windows Firewall and forward in router interface?  I am just trying to understand what exactly happens when port forwarding is done at router level and when a port is opened in Windows firewall and how are they same of different?


Hmmm. Ok, you didn't specify "open a port in firewall" and "forward a port in router". I gave a generic answer based on a the limited question posed.

So here is the long one, now that we have all information: a firewall will prevent communication passing through it, while allowing other. By default firewalls will block communications. "Opening a port" in this context" means allowing connections to happen.

Consumer routers are usually configured in a way that it will relay communications from many devices to the Internet and it does so in a way that allows it to return the response to a request that was sent out to pass to the original device. But unsolicited incoming requests need to be directed to a point inside your network. By default routers won't let unsolicited incoming requests to get into the network, basically because it wouldn't know where to send it to. In this context forwarding a port means configuring the router to pass incoming requests to a device that can handle those.

Another way of doing it is by placing a device in the DMZ. A device in the DMZ will by default receive all unsolicited incoming request (obviously if a firewall is running on that device then you should also configure it to allow the connection to be established).







615 posts

Ultimate Geek
+1 received by user: 21


  # 936662 18-Nov-2013 14:37
Send private message

Thanks everyone for the explanations.  I was trying to set up FTP server at home just for some testing and it wouldn't work for external access.  My router has a static ip from ISP so I thought it would work without any other changes or additions. Finally it worked by opening/forwarding port 21 etc and adding the FileZilla server to Windows Firewall.  Now, the reason I asked this question is because I want to know what minimum port opening/forwarding is required for ftp server to be accessed from outside of my Home network as I might have done a bit extra than what was required.

If someone can put the steps in few points that would be great. 



615 posts

Ultimate Geek
+1 received by user: 21


  # 936663 18-Nov-2013 14:39
Send private message

Oh, and I also had to forward port 21 to my Computer(FileZilla Server) from my router settings.

2534 posts

Uber Geek
+1 received by user: 943

Subscriber

  # 936671 18-Nov-2013 14:51
Send private message

stitch: Thanks everyone for the explanations.  I was trying to set up FTP server at home just for some testing and it wouldn't work for external access.  My router has a static ip from ISP so I thought it would work without any other changes or additions. Finally it worked by opening/forwarding port 21 etc and adding the FileZilla server to Windows Firewall.  Now, the reason I asked this question is because I want to know what minimum port opening/forwarding is required for ftp server to be accessed from outside of my Home network as I might have done a bit extra than what was required.

If someone can put the steps in few points that would be great. 


Assuming you have a typical home setup with a broadband connection of some kind coming in to a modem/router, with the FTP server running on a PC of some sort connected to the LAN port / wifi of the router, then you will need to forward port 21 in the router to your FTP servers LAN address, and allow port21 in the firewall on the FTP server.

14741 posts

Uber Geek
+1 received by user: 2745

Trusted
Subscriber

  # 936799 18-Nov-2013 17:40
Send private message

Here's how I understand it (and I'm not a network guy, but I know enough to be dangerous). You have a public IP address on your router, each PC has a private IP. On your router you can set up a port forward, so every packet sent to that port on your public IP gets sent to a specified IP/port on the private network range. This could be useful for P2P connections like bit torrent, or hosting an FTP server.

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

HPE to acquire supercomputing leader Cray
Posted 20-May-2019 11:07


Techweek starting around NZ today
Posted 20-May-2019 09:52


Porirua City Council first to adopt new council software solution Datascape
Posted 15-May-2019 12:00


New survey provides insight into schools' technology challenges and plans
Posted 15-May-2019 09:30


Apple Music now available on Alexa devices in Australia and New Zealand
Posted 15-May-2019 09:11


Make a stand against cyberbullying this Pink Shirt Day
Posted 14-May-2019 20:23


Samsung first TV manufacturer to launch the Apple TV App and Airplay 2
Posted 14-May-2019 20:11


Vodafone New Zealand sold
Posted 14-May-2019 07:25


Kordia boosts cloud performance with locally-hosted Microsoft Azure ExpressRoute
Posted 8-May-2019 10:25


Microsoft Azure ExpressRoute in New Zealand opens up faster, more secure internet for Kiwi businesses
Posted 8-May-2019 09:39


Vocus Communications to deliver Microsoft Azure Cloud Solutions through Azure ExpressRoute
Posted 8-May-2019 09:25


Independent NZ feature film #statusPending to premiere during WLG-X
Posted 6-May-2019 22:13


The ultimate dog photoshoot with Nokia 9 PureView #ForgottenDogsofInstagram
Posted 6-May-2019 09:41


Nokia 9 PureView available in New Zealand
Posted 6-May-2019 09:06


Motorola Solutions joins local partners to deliver advanced communications network in New Zealand
Posted 30-Apr-2019 21:50



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.