vacancies advertise contact news tip The Vault
facebook rss twitter

Port Forwarding

by Steve Kerrison on 26 July 2005, 00:00

Quick Link: HEXUS.net/qabku

Add to My Vault: x

Setting up port forwarding

You'll find information on what ports are required to be accessible to play certain games, get a service in an application to work or run servers in abundance on the Internet. For example, EA Games list what is needed for a Battlefield 2 server to run properly. Imagine you're running one on your computer, behind a router. You'll need to forward these ports through the router to your computer.

The first thing you'll have to do is log in to your router through its web admin interface. They all work differently, but have similar principles. Hopefully you've already set your router up and know how to get to the configuration pages! Once you're in, there are two terms to look out for. Either 'port forwarding' or 'virtual server'. One or the other is likely to be listed somewhere.

Virtual Server

Port Forwarding

The top picture is of a hilariously cheap router which uses a very common web admin interface. It lets you specify a range of incoming ports, but only one port to forward to. I'd imagine the latter is simply where the range starts, because you can't forward a group of ports to a single port. The lower picture is a somewhat friendly port forwarding page. It is in fact an Operating System called Clark Connect, used to turn an old computer into a router, rather than having to buy one. Expect to see a virtual server/port forwarding page somewhere between the two on your router.

Seeing as at the time of writing, Battlefield 2 is a popular game, we'll stick with it for use as an example. Let's imagine we're running a server that we want our mates to be able to connect to over the Internet. Here's what EA say you need open:

ProtocolPort
UDP27900
UDP/TCP29900
TCP80
TCP4711
UDP27901
UDP1500-4999
UDP/TCP1024-1124
UDP29900
UDP/TCP27900
UDP16567
UDP55123-55125

That's a hefty list. In a lot of cases you'll only need one port or one range forwarding, but just in case, let's look at a few of the methods you need to know.

Regardless of whether you're forwarding a range of ports or a single port, you need to know whether the protocol being used is TCP or UDP. First on our list is UDP port 27900. Unless you get clever and start reconfiguring servers, you'll want to forward from one port number to the same port number, like so:

Specify the port

Then you'll have to set the IP address of the computer to forward to. This means, in general, that you'll have to set up the computer in question with a fixed IP, rather than have it obtain one automatically, something not covered in this article.

Specify IP address

Click add, and BOOM, the port will be added to the forwarding list.

Success!

Let's try something tricky now, specifying a range!

Specify port rage

Gosh, that wasn't so hard! If you have to forward both UDP and TCP protocols, you might be able to select "both" as an option. If not, forward the ports for UDP, then do them again for TCP.

For the forwarding settings to take effect, you may need to save and reboot your router. It will probably give you some indication of whether this is necessary.

Points to note

Hopefully now it's clear that forwarding ports isn't actually that hard, it's just a matter of knowing which ports to forward and where to forward them to. Here's a rundown of what you need to remember:

  • Consult documentation or the Internet to see if you need any incoming ports open for your game/application/server to work.
  • Find out whether they use TCP or UDP protocol.
  • Forward the ports to the IP of the machine running the game/application/server.
  • You cannot forward the same port to two IPs, except perhaps if they're different protocols (one UDP, the other TCP).
  • If the IP of the machine you're forwarding to isn't fixed, you may one day find the forwarding stops working because the machine's IP has changed.
  • Outgoing connections don't need port forwarding setting up. A TCP or UDP packet can get out of your LAN onto the Internet without trouble, it's just the other way around that can sometimes be the problem.
  • If you forward a port, then the machine you've forwarded to is accessible from the Internet on that port. Make sure you don't forward ports unnecessarily, and for safety you may wish to run a software firewall on that computer.

If you get stuck, even after reading this guide, then head to the HEXUS.community for more advice!



HEXUS Forums :: 15 Comments

Login with Forum Account

Don't have an account? Register today!
intresting read. that port list for BF2 is insane!

bear in mind some routers only have provisioning for 10 virtual servers.

It also precludes most home users from running a local web server on that machine / IP as HTTP requests are available to it.

( not everyone would want to run BF2 servers from home as I understand it needs a pretty beefy upload for anything more than a handfull of players ? )

the other way would be to build a machine with a very solid software firewall on it , and use the DMZ functions of cheap routers to forward all unknown ports to it.

This isn't a DMZ in the common networking sence of the phrase ( where the DMZ is firewalled from the private ( or trusted ) network as well as the public network.
Indeed some cheap routers do have a limit to the number of ports that can be forwarded.

However most of the time the ports a user might want to forward are few.

You can get away with one of bittorrent uploads, one for MSN transfers, one or two for P2P applications, some games need ports open even when playing as a client.

Of course, since NAT routing become popular, there are now lots of applications that can live with it. Still, knowing what port forwarding is and how to do it if neccesary is rather handy. :)
it is a usefull thing indeed - hopefully more and more applications will be NAT friendly.

I have had brief flirtations with uPnP to dynamically map ports as needed , but have had mixed sucess with it.
uPnP sure is a weird one. Remember all the security issues it had?
The top picture is of a hilarious cheap router which uses a very common web admin interface.

heh thats the one I have. The £20 ebuyer thing. Works really well and never had a problem with it.