Port Forwarding



What is Port Forwarding?
Port forwarding, or tunneling, is the behind-the-scenes process of intercepting data traffic headed for a computer's IP/port combination and redirecting it to a different IP and/or port. A program that's running on the destination computer (host) usually causes the redirection, but sometimes it can also be an intermediate hardware component, such as a router, proxy server or firewall.
Of course, even though anyone sending data to a server isn't aware of what's going on, the request will still get to its ultimate destination.

Playing with packets.

It all starts with the packets that get created when you send a data request over the Internet.
Normally, a network router will examine the header of an IP packet and send it to a linked and appropriate interface, which in turn sends the data to the destination information that's in the header.
But in port forwarding, the intercepting application (or device) reads the packet header, notes the destination, and then rewrites the header information and sends it to a another computer—one that's different from the one intended. That secondary host destination may be a different IP address using the same port, a different port on the same IP address, or a completely different combination of the two.

Why port forwarding?

Port forwarding is an excellent way to preserve public IP addresses. It can protect servers and clients from unwanted access, "hide" the services and servers available on a network, and limit access to and from a network. Port forwarding is transparent to the end user and adds an extra layer of security to networks.
In short, port forwarding is used to keep unwanted traffic off networks. It allows network administrators to use one IP address for all external communications on the Internet while dedicating multiple servers with different IPs and ports to the task internally. Port forwarding is useful for home network users who may wish to run a Web server or gaming server on one network.
The network administrator can set up a single public IP address on the router to translate requests to the proper server on the internal network. By using only one IP address to accomplish multiple tasks—and dropping all traffic that is unrelated to the services provided at the firewall—the administrator can hide from the outside world what services are running on the network.

A look at port forwarding.

In the simplified example below, IP Address 10.0.0.1 sends a request to 10.0.0.3 on Port 80. An intermediate host—10.0.0.2—intercepts the packets, rewrites the packet headers and sends them on to IP Address 10.0.0.4 on Port 8080:
10.0.0.1
-->
10.0.0.2
-->
10.0.0.4

Makes a request to

Actually sends to


10.0.0.3:80

10.0.0.4:8080

The host, 10.0.0.4, responds to the request, sending it to 10.0.0.2. Then 10.0.0.2 rewrites the packet—indicating that the response is from 10.0.0.3—and sends it to 10.0.0.1:
10.0.0.4
-->
10.0.0.2
-->
10.0.0.1

Sends its response to

Forwards the response to


10.0.0.2:8080

10.0.0.1:80

As far as 10.0.0.1 is concerned, it has sent a request to 10.0.0.3 on Port 80 and has received a response back from 10.0.0.3 on Port 80. This is not what has happened—the traffic has never actually touched 10.0.0.3. However, because of the way the packets have been rewritten, 10.0.0.1 sees that it has gotten a response from 10.0.0.3.
The perceived destination is always from the perspective of the requesting computer. As it shows in the diagram, even though 10.0.0.4 has become the real-time destination for traffic from 10.0.0.1, the destination for all traffic (as far as the requesting host knows) is 10.0.0.3.

Port forwarding and proxies.

It probably won't surprise you to learn that Web proxies use a port-forwarding service. Similar to the above home-network example, Web proxy servers use port forwarding to prevent direct contact between clients and the wide-open world of the Internet. When a proxy or VPN receives your online activity (an email sent or a request to see a website), it inspects and rewrites data packets of your transmission before it moves them to and from their Internet destinations.



Comments

Post a Comment

Popular posts from this blog

RHEL 7

RHEL 7 ..... ************************RHCSA Version 7 **************** Initial configuration.txt: *you have been provided a virtual box named as serverX.example.com (hint:where X is your domain number) * password for both virtual machine should be "Postroll" *serverX.example.com provided with ip=172.25.X.10/255.255.255.0 *serverX.example.com are provided with gateway 172.25.254.254 & example.com dns domain with the IP: 172.25.254.254 gateway 172.25.0.1 netmask 255.255.255.0 nameserver 172.25.254.250 1) configure your systems that should be running Enforcing 2) create a new 100MB Physical partition mounted under /Gluster (Note because partition sizes are seldom exactly what is specified when they are created, any thing within the range of 70MB to 120MB is acceptable) 3) create a new 150MB swap partition f/s. (Note because partition sizes are seldom exactly what is specified when they are created, any thing within the range of 13...
Read more

Configure TLS SSL 389 Directory Server CentOS

Image
389 Directory server is an amazing MultiMaster LDAP solution. Out of the box 389 is not configured to use TLS/SSL, so we are going to walk through the setup process. Please note, that we are using this as a test, so we are using a self-signed certificate, but the directions should work for both scenarios. login, and su to root Generate the Self-Signed Certificate: change to the necessary directory, and setup a few files for the CA now generate the key/certificate setup your certificate as appropriate set permissions on the cert key now we need to make sure certificate matching is disabled (unless you are using a full cert) modify lines 85-88 as follows: Generate and Self-Sign Certificate launch the 389-console open the directory server you were just working on, and click "Manage Certificates" Servername –> Directory Server –> Manage Certificates set, and REMEMBER ...
Read more

How to configure apache server in linux

Image
Apache is the most popular, secure, robust, reliable and powerful web server. Apache is used by more websites than all other web servers combined. RHEL6 includes Apache version 2.2 RHCE6 Exam objectives covered in this article HTTP/HTTPS Configure a virtual host. Configure private directories. Deploy a basic CGI application. Configure group-managed content. In this tutorial I will use three systems Server, linuxclient and windowclient from our LAB environment. I will configure Apache Web Server on Server system and test from inuxclient and windowclient system. If you want to check the network topology used in this article please check following article. Lab set up for RHCE 6 practice Installation of Apache Two packages are required for Apache server httpd mod_ssl elinks httpd package install Apache web server. mod_ssl is the additional package which required to create secure websites elinks is the additional package for text based we...
Read more