Port Forwarding Explained

Port Forwarding Explained

Port Forwarding is the technique of taking packets destined for a specific TCP of UDP port and machine, and 'forwards' them to a different port and/or machine. This is done 'transparently', meaning that network clients can not see that Port Forwarding is being done. They connect to a port on a machine when in actually fact the packets are being redirected elsewhere.

Just like IP Masquerade, when using Port Forwarding the packets that you wish to redirect need to pass through the machine running Guidedog. If you are using Port Forwarding to forward a port on the Guidedog machine to somewhere else, everything will work fine by default. The packets go directly to the Guidedog machine and are then redirected/forwarded.

Port Forwarding

When using Port Forwarding it is important to keep in mind that Guidedog can only modify packet traffic that passes through the computer running Guidedog.

This is best explained by example. Looking at the diagram above, we have a couple machines (A and B) on a local area network. They are connected to the internet via a gateway (G). The gateway computer is also running Guidedog. Imagine that we want to port forward traffic to TCP port 80 on machine G to port 80 on another computer on the internet (I). TCP port 80 is usually used by web servers incidently. Packets from the LAN (A and B) would go to port 80 on the gateway (G), and then Guidedog would forward the packets on to their new destination, the machine (I) on the Internet. This would all work as expected.

What wouldn't work is if you tried to use Guidedog to forward a port belonging to machine B. Packets passing through Guidedog would be affected, but the port forward would not packets from machine A because machine A communicates with B directly without going through Guidedog -- they are on the same local network.

This usually means that Guidedog needs to run on a machine that is also acting as a gateway for the local network.

KDE Logo