Why port forwarding?
Author
So I have a general understand of how NATs work and in why port forwarding is needed, what I don't understand is why it's needed in only certain cases.
If I set up a TCP listening socket so someone can connect to me, I have to port forward the port that socket is listening on.
Once someone connects to me, that socket spawns another socket for the actual communication to take place and assigns it a random port.
My question is why does the listening socket's port need to be port forwarded, but the random port it creates for the communication socket does not need any port forwarding?
On linux for example - some services (like Adobe Flash security mechanism) listens on 843 - ports below 1000.
To serve these requests but avoid running as root (or having suid bit set on your server binary) - generally it's security issue, forwarding (prerouting) can be used and everybody is happy.
To serve these requests but avoid running as root (or having suid bit set on your server binary) - generally it's security issue, forwarding (prerouting) can be used and everybody is happy.
If you're sending outbound traffic on that port (before receiving inbound traffic), then the router can figure out that it needs to forward the incoming traffic on to you.
If it's the other way around (inbound happens first, and then outbound comes afterwards), then the router has no way to know who it should forward the inbound traffic to, so you've got to set up port forwarding in advance.
Applications can work around this issue and make manual port-forwarding unnecessary by using NAT-punch-through techniques (usually involving a 3rd party in the middle that both ends use to coordinate).
If it's the other way around (inbound happens first, and then outbound comes afterwards), then the router has no way to know who it should forward the inbound traffic to, so you've got to set up port forwarding in advance.
Applications can work around this issue and make manual port-forwarding unnecessary by using NAT-punch-through techniques (usually involving a 3rd party in the middle that both ends use to coordinate).
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement