Port Forwarding

So a little bird told me you want to know what port forwarding is. And that you talk to little birds. You should get some professional help. But I digress.

In order to understanding port forwarding, we first need to understand all those tube things they call the internet. It is a lot like the mail system.

Let’s say you, being a boring person, sent something via snail mail. Even snails don’t use that anymore. Let’s say you send some random junk to your equally-boring cousin.

Like magic, your letter gets there… eventually.  But how?

The Address

The first important piece of the puzzle is an address. It is how people know where to forward the letter. Nobody knows where your boring cousin is. So we have standard information to tell us. City, state, all that stuff.

So you put the address on there, as well as adding your return address, and send it off.

The internet uses addresses as well, called an ip address, ip standing for Internet Protocol. Instead of geographical information, it has routing information in the form of four numbers, typically expressed as “x.x.x.x”. For example, “”. Like with normal addresses, the first numbers are broader, and the later numbers get more specific near the end. Each number ranges from 0 to 255. Presuming you can count that high, we should be ok.

The Routers

The addresses give us all the information we need to get a letter from A to B. But it still needs to get from A to B somehow. Nobody is going to carry it all the way from A to B, as that would be very inefficient. Even the pony express didn’t do that, and ponies are far superior to humans. Instead, the system uses layered routing. People in the Boringtown post office route letters to and from town. They sort outgoing mail by destination and send it all at once to the next post office. Each office fulfills its role as a link in the chain, until eventually it gets there. each post office sends the letter to a nearby post office that is closer to the destination. This continues city by city until it reaches the destination.

On the internet, routers fulfill this role. They send your cat pictures and memes and whatever else you do from router to router until it gets where it is supposed to go.

The Ports

There is a problem with the plan so far. Sometimes the address doesn’t quite contain all the information we need. Let’s say your cousin is in an apartment building. The address gets the letter to the building, but many different people are in the same building. In the real world, we fix this with a second line for the address, when needed, to solve the problem.

On the internet, ip addresses identify computers. As it happens, this isn’t quite good enough. What if multiple things use the network at once? There is no way to tell them apart. It would be very limiting if only one application could access the network at once. But if they all access the network, we have a problem. Your cat pictures might end up mixed up with… other cat pictures, or something equally tragic.

Same problem as in the real world. So to fix it, we have port numbers. Contain your enthusiasm, it has nothing to do with boats. Ports are… numbers. Simple as that, really. For example, when you view a webpage, your computer sends another computer a message, on port 80. That uniquely identifies web traffic, and makes sure it goes to the web server. If you send it instead to port 79, chances are good nothing will happen, because no application was waiting for messages on port 79. There are a number of standard ports, such as 80 for web traffic, 443 for secure web traffic, 25565 for minecraft, and many more.

Private Addresses

There is a part I left out. I wasn’t sure if you could handle it, but here it is. There are actually two different sorts of IP addresses. Public IP’s are globally routable – no two computers on the internet can have the same public ip. However, there are also private addresses. These are local to the network you are accessing, much like phone numbers without an extension are. IP addresses that begin with certain numbers, like 10.x.x.x, or 192.168.x.x, are private addresses. for me is different than for you, unless we happen to be on the same network. In most cases, at any given time you will only have a private ip address, whether on a business network or a home network.

Unfortunately, you cannot access the internet with a private ip address, because it would be ambiguous where to send return traffic. Long story short, some people figured out a way to have many privately-addressed computers access the network through a single public ip. In practice, this is often the ip of the router for your network. To websites on the internet, you effectively look like your router. Which, let’s face it, is an upside: your router is much better-looking than you.

That is all well and good for the vast majority of what you want to do. But there is one case this doesn’t cover. What if you wanted to run a website (about your boring life, no doubt) from your house? Let’s say that your website, lookatmahcats.com, points to your public ip, the ip of your router. So now when people want to look at your cats, their messages reach your house. But your house isn’t a web server, presumably. Instead, only one of your computers runs your web server. Problem, again. And this time, ports don’t help us, because the only ip the internet knows is the public ip of your router.

Port Forwarding

Finally we reached the reason we need port forwarding. Port forwarding is really quite simple. It is a function performed by your router. When messages reach your router – messages sent to your public ip – it checks its port forwarding rules – basically, the settings you configured. These settings consist of a port range, a port destination, and an ip. You effectively tell your router “if you get any messages on port x, send them to this ip with port y.” This ip will be the private ip of the computer hosting the server. In most cases, the internal and external ports are the same, but they do not have to be.

Now, when somebody accesses your website, they send messages to your router. Your router, having been configured previously, knows traffic to this port (80) should be sent to the internal address (say,, so it forwards it along. The computer with that address receives the message and replies like usual.

That is all there is to it, really. The way to configure port forwarding varies slightly depending on the brand of router, so there is no one-size-fits-all guide. You can either roam through the options and find it eventually, or look up port forwarding for your specific model.


Jacob Clarity


Leave a Reply