Port forwarding is also known as port mapping and tunnelling. It is the method of forwarding traffic destined to a specific network port from one network node to another. The external user can access a specific port on a private IPv4 address inside a LAN from the outside, through a NAT-enabled router. In other words, port forwarding is directing traffic from the outside world to the right server inside a local TCP/IP network.
Port forwarding is mostly used to isolate network traffic, optimize network speed and to permanently assign a network path for a specific protocol or network service. Usually, well-known port numbers are being used in port forwarding. It is typically implemented at a gateway router, to mechanize the process of identifying and transferring network packets to a destination port.
Usually, peer to peer programs such as web servers and outgoing FTP, require port forwarding or open ports to allow these services to work. Because NAT hides internal addresses, but peer-to-peer only works from the inside out where NAT can map outgoing requests against incoming replies. NAT does not allow connection establishment from the outside network. This condition can be resolved with port forwarding to identify specific ports that can be forwarded to inside hosts.
The Internet software applications working on different ports that need to be open or available to those applications. For example, HTTP operates through the well-known port 80 and FTP operate through the well-known port 21. When someone wants to open the https://networkustad.com address, the browser displays the networkustad home page. They do not specify the HTTP port number for the page request, because the application assumes port 80.
If a https://networkustad.com is configured with a different port number, then it can be appended to the URL separated by a colon (:). For example, if we configure the server port 8080 in place of 80. then we will enter the address on our browser to open the website on address like https://networkustad.com:8080
Port forwarding allows access to internal servers from the internet via the WAN port address of the router and the matched external port number. The internal servers are typically configured private IPv4 addresses. When a request is received to WAN port of the router with IPv4 address of the WAN port in packet header from the Internet, the router forwards the request to the appropriate server on the private network. By default, the broadband router does not permit any external network request to be forwarded to an inside network.
The figure below illustrates the example of port forwarding. An internet service provider opens a web server for their client on their local network. The server can be accessed within the local network because it has a private IPv4 address, it is not publically accessible from the Internet.
Now the owner wants to provide access from anywhere on the Internet. So, port forwarding on the router is configured using the destination port number and the private IPv4 address of the webserver. To access the server, the client software would use the public IPv4 address of the router and the destination port of the server.
Wireless Router Example
We should specify the local address that requests should be forwarded to. In the above configuration, HTTP service requests, coming into a wireless router, will be forwarded to the webserver with the inside local address of 192.168.10.101. If the external WAN IPv4 address of the wireless router is 188.8.131.52, the external user can enter http://www.domain_name.com and the wireless router redirects the HTTP request to the internal webserver at IPv4 address 192.168.10.101, using the default port number 80.
We can change the default port of the webserver but, the external user would have to know the specific port number to use. The above figure illustrates the port forwarding window of TP-Link router. But it depends on the brand of the router as well as the model of the broadband router.