In layman terms, port forwarding is a way to allow Internet traffic to flow to a certain computer or application more quickly and efficiently. If you’ve experienced lag on video games or if you’ve had an application (like Skype or Netflix) that was unable to connect to the server, port forwarding may help.
For a more technical understanding of port forwarding, it helps to understand how your home network communicates with the Internet. If you don’t care about all that, feel free to skip to How to Forward Ports on your Router.
IP Addresses and Network Address Translation (NAT)
Every device connected to the Internet has its own IP address. This IP address is used so a server knows which device to send information (“packets”) to.
Each IP address is further broken down into ports. These ports tell the device which application to send the packet to.
For example, when your computer wants to reach google.com, it will connect to Google’s IP address: 126.96.36.199. To be more specific, for your web browser (say, Chrome) to connect to Google’s web server application, it could connect via port 80, which is the standard port used for transmitting HTTP information (i.e. webpages). So, when you point your browser at Google.com, you are actually communicating with 188.8.131.52:80 (ipaddress:port).
If that’s not clear, think of it like a letter being sent to an office building with 1,000 employees. Putting the street address on the envelope gets it into the mailroom, but the mailroom isn’t going to know which of the 1,000 employees gets the letter. That’s why you put ATTN: Editor in Chief, groovyPost in addition to the address. That way, the mailroom knows to bring it right to Brian Burgess. Without that ATTN, the mail guy would have to walk up and down the cubes, asking if someone was expecting a letter from that sender. Chances are, he’d never find the intended recipient.
In your home, the device that connects to the Internet is most likely your router. Like a mailroom for an office building, your router serves as an intermediary between all the computers, smartphones and tablets in your house and the Internet. To accomplish this, your router will assign private IP addresses to each of the devices on your network. These private IP addresses are not visible to the Internet. Rather, all packets destined for your computer are sent to the router, which sorts out which computer gets what. This is called network address translation (NAT).
One of the limitations of NAT is that servers and clients on the Internet don’t know what the private IP address for your computer is. So, they can’t send data directly to your computer. Instead, they’ll send it to your router and hope that it all gets sorted out. For common applications, it does get sorted out (eventually). But for less common applications, such as games and peer-to-peer clients, the router might not be able to figure out which computer needs to receive the data and the connection will fail (return to sender). This is where port forwarding comes in.
Port forwarding on your router is a way to explicitly tell your router to send data sent on a specific port to a specific computer. Going back to the mailroom analogy, it’d be like sending an organization chart to the mailroom with all the names, departments and positions of the employees in the building. So, when a letter comes in ATTN: Editor in Chief, groovyPost, they can look at the org chart, see Brian’s name at the top of the ladder (just below Steve’s ), and forward the package right to him. Port forwarding ensures two things: (1) that the packet gets to the right computer and (2) that it gets there as quickly as possible.
For example, if you are running a Minecraft server on one of your computers, incoming data from the Internet relevant to Minecraft will be sent on port 25565. So, you would tell your router to forward all traffic sent to port 25565 to your computer with the Minecraft server. If you didn’t do this, your router might block the traffic for security reasons.
How to Forward Ports on Your Router
The specific steps for forwarding ports on your router will be a little bit different depending on the make and model of your router. Fortunately, the folks at PortForward.com have put together a massive database of Port Forwarding Guides for practically every brand and model of router. Just choose your router brand and router model and click Search.
Currently, Portforward.com is pimping its paid PFConfig software, which I haven’t used so can’t recommend. What you’re looking for is the Default Guide, which will be somewhat buried after you hit Search.
For most routers, you’ll type in the IP address of your router into your browser to access the administration page. This is usually 192.168.0.1 or 192.168.1.1. You’ll be prompted to enter a username and password. This is usually “admin” for both. If that doesn’t work, try “root” or “password” or leaving the username empty and entering “admin” for the password. Still stumped? Try routerpasswords.com
For the Airport Extreme (which I have), you have to use the AirPort Utility. Other routers may also require proprietary configuration software other than a web browser. In Airport Utility, I have to click Manual Setup to configure the router.
From there, I go to the Advanced tab and go to Port Mapping. Your tabs may be different, such as Applications & Gaming (Linksys).
Next, add a new port mapping entry, service or port forwarding entry (depending on what your router calls it). You’ll be asked to enter the following information:
- Service name: A description of the application that uses the port. For example, “Minecraft” or “Windows File Sharing.”
- Service type (TCP/UDP): Choose TCP or UDP, depending on what the application requires. Most high end games use UDP, but others use TCP (such as Minecraft). If you don’t have luck with one, try the other.
- Starting Port/Ending Port: Let’s you enter a range of ports to forward. If you are only forwarding one port, enter that port into both the starting port and ending port fields. Alternately, some configurations only give you one field to enter your port. This is the case for Apple Airport Extreme. You can still enter a range in this field, e.g. 137-138.
- Private IP address/Server IP address: Enter the IP address of the computer that’s receiving the data. This is the private IP address assigned by your router. Read this to find out how to determine your local IP address.
Again, these options are going to be presented a little differently for each make and model. The resources at PortForward.com will come in handy, since they’ll give you guides specific to particular applications as well as routers.
For illustration purposes only, screenshots for the Airport Extreme are below:
The Port Mapping screen:
For Airport Extreme, rather than choosing TCP/UDP, they give you fields for both. You can just leave one of them blank.
Don’t forget to name your service.
Testing a Port Forwarding Configuration
There are a number of free tools that let you check your port forwarding:
- YouGetSignal – Port Forwarding Tester
- IPFingerPrints – Network Port Scanning Tool
- CanYouSeeMe.org – Open Port Check Tool
You may need to restart your router after adding a port forward.
Also note that even if your router is correctly port forwarding, your computer may be blocking ports using Windows Firewall or another security program. For more information on Windows Firewall, read Austin’s tutorial on How to Allow a Program through Windows Firewall.
Need help with port forwarding? Leave a comment and I’ll steer you in the right direction!
[Port forwarding graphics derived from Sergio Sanchez Lopez and Everaldo Coelho and YellowIcon (GPL)]