Hi,

Why do some apps require Port forwarding?

If the app is behind a NAT router then the router should hold the devices internal ip and the external pool ip in its table.So I can't see why there is a problem recieving traffic back to that internal ip address.

As I understand it port forwarding will forward any traffic sent to a specified external ip on a specified port number to a specified internal address.

so a packet heading to :x.x.x.1:1417

should hit my router which should hold in its table:

x.x.x.1 = 192.168.0.2

the router should just send the packet on shouldn't it?

I just don't understand why this extra step is needed.Why can't the NAT take care of it?


Someone please set me straight.

Cheers

I know two reasons ... there can be more ...

1) How should the router know to which internal ip it should send the packet? When there is more than one pc behind the router, then the router had to randomly send the packets.

2) Security. Simply security. With port forwarding you can decide which port should be open and spreading worms don't have a chance unless you forward port 135, 445 etc...

thanks for this post..now i know. i installed a racbot on one of the computers on a network...i dont know what happened but after a few weeks i cant control it anymore through dcc..probably the router as explained above dont where to send the packets anymore..but what bothers me is that..weeks before that, i can access the bot through dcc..it just suddenly didnt work..probably the admin of the network changed something..i dont know..anyways, thanks for the info here...now i know th eprobable explanation which confirmed my idea but i was just not sure casue im new to networks..


tnx

thanks blasta,

but i still don't get it.

the router should know which internal ip to send the packet to because it maintains a table for the internal and external addresses.

or if its using port address translation it should also include the port numbers.

192.168.1.1 = x.x.x.x:1
192.168.1.2 =x.x.x.x:2

or something along those lines.

since this table exists why do i need to specify a setting in my router and app to create a link?

So, let's say you got 2 pcs (192.168.0.1 & 192.168.0.2) behind the router. Both run an ftp server on port 21. Your WAN IP is 555.555.555.555.
Well, someone connects to your WAN IP on port 21. To which pc should the router send the packets? 192.168.0.1 or 192.168.0.2 ? For this reason you can define in the router settings which port it should forward to which internal ip.

ok, cool.now its making sense.

so it's all about connections originating from outside coming in which would usually be stopped by NAT.


thanks

@sevenvirtues

it is possible that they blocked the irc protocol so it cant connect to irc anymore. They use that at my school for example, havent found away to get around it. IRCing from over an httpsite wont work either then.

if they only had to block outgoing 6666 and 6667 then why isnt port forwarding aint working ?