Concepts: Network Address Translation and Port Forwarding
A friend of mine was wondering how Port Forwarding works, so I decided to whip up a post to try to explain it (with pictures! …well, diagrams at least).
Let’s start off with a single computer connected directly to the internet (with a cable or DSL modem, or something).
All traffic on the internet connection is able to pass directly from the internet to the computer. Since the computer is the only device connected (via the modem) there is no need for NAT or port forwarding. Applications on the computer can access any port on the internet, and any computer on the internet can access ant port on the local computer (since in this example there is no firewall). This is the simplest way to connect a single computer to the internet, but since most ISPs only give you one IP address, chances are that you can only have one computer connect at a time. In order to have multiple computers connected to the internet using only one IP address, Network Address translation and Port Forwarding systems were created.
This diagram shows our sample network, with an internet address of (98.52.143.18).
The only device visible from the Internet’s point of view is the router. At this point the internet has no idea that the router is connected to four other computers.
When multiple computers are connected on the same local area network, there must be a router for them to be able to connect to the internet using only one Internet addressable address. Since all of the traffic from the internet is now addressed to only one IP (the router’s), a system had to be created to determine which computer (A,B,C, or D) a packet of data is supposed to go to. The router keeps a list of which computers are connecting to the internet using which ports, and when an incoming packet has a port number that matches what is in the list, it forwards it to that computer. The diagram bellow shows one pathway that is created between computer A and a device on the internet. It is important to note that a computer on the LAN must initiate the connection. If a device on the internet tried to initiate a connection, the only thing it would be able to reach is the router, as the router would not know which computer (A,B,C, or D) to forward the packet or connection to.
This diagram shows how multiple computers can use the internet at the same time, all on different ports on the internet.
I know that this is not a complete explanation, and might have a few errors, so be sure to check out the Wikipedia page if you want more information about this stuff.
Hey man thanks for doing this, it helped me out