Port forwarding is a method of making a computer on your network accessible to computers on the internet, even though you are behind a router. To understand port forwarding, you need to know what the ports in your router are used for.
Let's talk about router ports, port forwarding, and the general steps for forwarding ports in your router. The reason port forwarding is necessary is also covered near the end of this article.
What is Port Forwarding?
Port forwarding creates a path through your router so that packets can get to devices inside your network. Creating a port forward in your router opens up access to certain applications from the internet.
Port forwarding is commonly used for hosting game servers, VoIP, and peer-to-peer downloading. There are many other reasons you may need to forward a port.
Possible reasons to forward a port:
- You want to monitor your security cameras at your house while you are at work.
- You play multiplayer games and are suffering from high ping times.
- You have a home media server and you want to listen to your music while you are on the road.
- You have a private Minecraft server and you want your friends to join it.
- You're a member of a private torrent tracker and need to increase your seeding ratio.
- You are having difficulty getting your VoIP system to ring.
What are Ports?
A port is just a number appended to a packet of data on a network. Devices and applications listen for packets that have a specific port number. There are 65,536 port numbers to choose from. A good analogy is to think of ports like extensions on a phone system.
In IPv4 every packet of data has both a destination IP address and a port number. It doesn't matter if this packet of information is on your home network or on the internet, both pieces of information are always necessary.
IP packets are usually written with the IP address and port number separated by a colon.
The above is usually said: "To 192.168.0.100 on 443"
The IP address tells the packet where to go and the port number describes what the packet is containing.
What are some commonly used ports?
Every program on your computer that uses the internet is programmed to send its packets through specific ports. Sometimes the ports are selected arbitrarily by the programmers of the software, but other times programmers will use a more standard port depending on the functionality of the software.
Here are a few examples of industry-standard uses for common ports:
- Web: ports 80 and 443 TCP
- Xbox Live: 3074 TCP & UDP
- MQTT: port 1883 TCP
- Plex: port 32400 TCP
For more information on the ports that specific programs use, please see our List of Ports. There you will find the ports that you need to port forward for any application, such as Minecraft, Xbox Live, PlayStation 5, Plex, and many more.
General Steps for Forwarding a Port in Your Router
- Log in to your router
- Set up a Static IP address
- Find the forwarding section in your router
- Forward the correct ports in your router for the application that you wish to use
- Check to make sure that your ports are open. Our Port Checker can help you with that - and it's FREE!
Hopefully, this has demystified port forwarding a bit. If you're ready, head straight into our Router Guides which will walk you through the process of forwarding ports on your specific router.
If you would prefer to set up your forwards with just one click instead of setting it all up manually, take a look at Network Utilities.
Why Is Port Forwarding Necessary?
When the internet was first created, it was intended for every device to have a unique IP address. The internet worked this way until broadband became popular. Once everyone had broadband to their house things needed to change.
The internet before broadband
The internet runs on IPv4. In IPv4 there are about 4 billion unique IP addresses. There are so many IP addresses that the early creators of the internet handed them out haphazardly, giving huge blocks to regions of the world that would never use them all.
Over time, some areas of the world began to run out, but by then everyone had already allocated their huge blocks of IP addresses in ways that were impossible to redistribute.
Then along came broadband and suddenly every household in developed countries needed at least one unique IP address. Internet service providers did not have enough IP addresses to hand out. To fix this, network hardware manufacturers began to implement a bandaid to the problem, called NAT.
NAT, or Network Address Translation, is a way of separating your home network from the internet. This has the advantage of protection from internet hackers and alleviating the ISP of their dwindling IP problem. However, it broke a fundamental concept of how the internet works.
The problem with NAT
In a NAT network all connections must originate from the inside. It is not possible to connect to a device inside a NAT network from the internet.
With NAT in every router, homes were protected, ISPs were happy, and the internet seemed to work. Except for that pesky incoming connection problem.
The internet with NAT
When you connect a home router to the internet your ISP gives your router your one and only IP address. This IP address is referred to as your external IP address, and it is used for every communication on the internet. It is your router's job to translate between that IP address and the private IP addresses on your home network. Those private IP addresses are known as internal IP addresses.
The reason that a router cannot set up port forwarding automatically is that it doesn't know what you want. When your router receives an incoming packet on its external IP address, it does not know which internal IP address to forward that packet to. Now, you could just tell your router to forward all incoming packets to a single device inside your network. This is called DMZ, and it is considered dangerous because it exposes that device to the internet and all the hackers out there.
A better solution is to selectively forward just some packets to some devices. This has the advantage of both protecting your network from malicious hackers and allowing the control to fine-tune where each packet goes. Port forwarding allows you to forward packets for different reasons to different devices.
As an example, let's assume you have two security cameras, both of them running a web server on port 443. We'll call them Camera A and Camera B.
When you connect them to your network your router gives them each a unique IP address. This means that when you are at home you can easily talk to both of them. You simply talk to them by their IP address on port 443 and it works.
Now let's assume you are at work and you want to talk to Camera A. You know that you have to connect to your router's external IP address on port 443. The problem is when you make that connection, your router doesn't know whether you intend to connect to Camera A or Camera B.
A port forward tells the router where you intend an incoming packet to go.
In your router, you create a port forward directing all traffic on port 443 from the router's external IP address to Camera A. Your router then forwards all incoming traffic on port 443 to Camera A on your network, and you are able to connect to it when you are away from home.
The downfall is that since you forwarded port 443 to Camera A there is no way to talk to Camera B from the internet. This is a limitation of NAT. Some routers overcome this limitation with an advanced setting called port translation.
As you can see from this example, you had to decide which camera to forward traffic to. Your router does not know what you want, so it cannot do this automatically.
Now that you understand why port forwarding is necessary it should be easier to set up port forwards in your router. Just remember that a port forward is telling your router what you want, so you need to be sure that you understand the reason why you want a forwarded port.
For help with port forwarding visit our Router Guides which will walk you through the process of forwarding ports on your specific router.