Port Forwarding: Why And How

Discussion in 'General Tutorials & FAQs' started by Rydian, Aug 3, 2012.

Aug 3, 2012

Port Forwarding: Why And How by Rydian at 8:38 AM (4,256 Views / 3 Likes) 8 Comments

    • Member

    Rydian Resident Furvert™

    Member Since:
    Feb 4, 2010
    Message Count:
    27,886
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    Port Forwarding: Why And How

    How come I can't run an online game server on my computer?
    Why do I need to "port forward" for torrents to go fast?
    What is port forwarding, how do I log into the router?



    This guide will attempt to answer these questions. The exact steps to forward ports varies depending on a number of things such as the model router/gateway you have, and the game you're port-forwarding. The screenshots shown here might not match what you pull up, you'll just have to search around for the right settings. The example game used for this tutorial is Terraria which works on TCP port 7777, remember to replace TCP and 7777 with whatever settings you need to when you're doing this yourself.

    What is "port forwarding", and why do many of us need to do it?


    1. Let's say that the following diagram shows your house (with three computers in it), the internet, and a few random computers on the internet.
      [IMG]

    2. Now, let's say that your computer wants to connect to a web server to view a web page. First it tries to establish a connection with the web server on the internet. Your PC sends data through the router, out onto the internet and to the target machine.
      [IMG]

    3. The connection is established, and now data can flow both ways across the connection. Since your computer initiated the connection, the router knows that the data should be flowing to YOUR computer, not anything else.
      [IMG]

    4. What if something out on the internet attempts to connect to you? The connection attempt gets to your router... and your router has no clue which machine to send it to.
      [IMG]

    5. Since the connection cannot be established, none of the players can connect to your server!
      [IMG]

    6. However if port forwarding is set up properly, then the router can make decisions on data flow depending on the port number. If a player tries to connect to your server on port 7777 (the default terraria port) for example, then your router has been told that incoming connections on port 7777 should be sent to a specific machine.
      [IMG]

    7. Since the router forwarded the connection attempt to the right machine, a connection was established, and the random terraria player online can now connect to your server.
      [IMG]


    What information do I need in order to port forward?


    You need your router information, the port that will be used, and both of your IP addresses (internal and external).

    1. Router Information
      Find your router and look at it to get it's make and model information. The "router" is the little box thing that gives off the wireless signal in your house (if you have wireless), and/or the box thing that a desktop may be hooked into.

      The "make" is the company that made it, such as Linksys, Buffalo, Zyxel, or whatever (this is often the "brand" name), this is often displayed on the top or front or something.

      The model is which specific router of theirs it is. This information is sometimes on the underside, and is often in the form of a few letters followed by a few numbers (such as WRT54G). This is NOT the "serial number" or "S/N".

    2. Port Number
      Check the documentation, manual, online help, or google to find which ports you need to forward (and whether it's TCP or UDP). The default port for terraria is currently 7777, so that's what's used in the thread here.

    3. Internal IP Address
      This is your computer's IP address according to your router. This is how the router refers to your computers, so when you're telling the router which PC to forward to, you need to make sure to give it this IP address.

      In your start/globe menu, go to the "run" command. If you're on vista/7, you'd use the little white box near the bottom. Type in "CMD" and press ENTER. In the black box that comes up, type "ipconfig" and press enter. It'll list a series of four numbers as your "IP address" or "IPv4 address". Write those down. The numbers should be in the form of 192.168.x.x, or rarely 10.x.x.x or even more rarely 172.16.x.x - 172.32.x.x.

      Look at this example.

      [IMG]

      As you can see my local/internal IP address is 192.168.2.2, meaning if I tell my router to port forward, I need to give it that IP. Do NOT confuse this with "default gateway"!

    4. External IP Address
      This is your IP address as the internet sees it (well to be technical it's the IP address of your router). The quickest way to find this is to visit a site such as http://whatismyip.org/ and seeing what IP address it reports.

      For some people this may rarely change, and for other people it may change a lot, so if people can connect one day but not another, go see if your external IP address changed so you can give people the new one.




    Now that I have that information, how do I do it?


    1. In your start/globe menu, go to the "run" command. If you're on vista/7, you'd use the little white box near the bottom. Type in "CMD" and press ENTER.
    2. In the black box that comes up, type "ipconfig" and press enter. It'll list a series of four numbers as your "default gateway" (do NOT confuse this with the "IP address").

      [IMG]
    3. Write those down. Go open any web browser, and enter the four numbers into the address bar, and press enter. A login box should come up. The username could be "admin" or blank, and the password can be anything from "admin" to "administrator" "pass" to "password" or "password1", or something else if you've set it differently. Ask whoever set up the router what the password to get into it is, or check this page. http://www.phenoelit-us.org/dpl/dpl.html
    4. You'll need to find the port forwarding section of your router's control panel. Different routers have completely different control panels, and there's so many routers out there that it's way beyond my capability to list exact instructions for every single one, so you're going to have to do a little searching yourself to find the port forwarding section. Key words to look for are "port forwarding", "NAT", "firewall", "network address translation" "local network", and stuff like that. If you're lost, you can try googling for a port forwarding guide for your router, that should show you where the right section is.

      When you find the port forwarding section, it might offer to automatically set it up for some specific services (such as WWW/HTTP , FTP, POP3, stuff like that). if it does that, there will often be some sort of "custom" or "user-defined" option, you'll need to choose that.

      If it asks you about TCP and UDP, put in whatever you need. I selected TCP (which is the connection type Terraria uses) for this tutorial.

      When you go to tell the router to add a new port forwarding rule, you'll need to give the router both the port number to forward (7777 is terraria's default), and the local/internal IP address to forward it to. If it asks for a "start" and "end" port, just set both of them to whatever port you're using.

      It may look something like this.
      [IMG]
    5. Save the changes, give the router a minute or two to update itself, and then start your server and let people connect and play!




    The port forwarding appears to break every few days!
    My internal IP changes a lot, how do I stop that?


    This is going to require some explanation because it's important that you understand what you're doing. If you set this up incorrectly it's likely that you'll start kicking other machines in your house off of the internet.

    As you learned earlier in the guide, the router (or "gateway") controls the connections in your house. In order to do this, it automatically assigns internal/private IP addresses to devices as they connect. This setup is called "DHCP". IP addresses given automatically don't last forever though, they're generally on a lease. The lease time is generally 24 hours (this can be changed), so if a machine is disconnected (shut down, moved out of range of the network, etc) when the lease time expires, then the IP it was using is freed. Let's use an example to explain it...

    1. Let's say you're hosting something from your laptop at home, with a local/private IP of 192.168.1.5, and you have the port forwarded to 192.168.1.5. Well, that normally works fine.
      [IMG]
    2. Let's say one day you shut down the laptop and take it to school, and while you're at school with it (so it's not connected to your home network) the IP 192.168.1.5 at your home becomes free, it's not being used.
      [IMG]
    3. Then your mom comes home before you, with her laptop. If she turns it on and connects to the internet, the router/gateway automatically gives her an IP address... and 192.168.1.5 is free at that time, so she may get it.
      [IMG]
    4. If you then come home later and turn your laptop on, you'd likely be given 192.168.1.6, since .5 has already been given!
      [IMG]

    So since your port forwarding points to .5, it's now pointing to your mom's laptop instead of yours, and your server doesn't work anymore because the ports aren't forwarded properly.

    So how do we prevent that? There's two ways. The first is "DHCP Reservation", where you tell your router to reserve a specific IP address for your computer. This is generally the safer route, but only newer routers support it.

    If that's not available on your router, then you'll want your computer to request a static IP. This means that instead of letting your computer be given any old IP address from your router/gateway, you should have it request a specific address that other machines won't use, so this situation doesn't happen. There's two steps to that.

    • Find out what the DHCP range of addresses is, and how many are being used normally.
      Remember, you need to be requesting an IP that's not being used by other machines! So you should find out the "DHCP pool", which is the "pool" or "group" of addresses that the router/gateway will give out via DHCP first, so you know which addresses are actually valid. After that, find which addresses are used so you know which ones to NOT set.

      Finding the DHCP Pool.
      Log into your router's settings (like you've done before), and look around the local/LAN section for some sort of DHCP or IP settings. It may look something like this.
      [IMG]
      In this example the IPs start at .2 and there's 32 of them... so 192.168.2.2 through 192.168.2.33 will be given out by the router automatically. Sometimes the range is near the lower numbers, sometimes it's at the higher numbers, it depends on your router.

      In other cases the router/gateway will just plainly show you the start and end address.

      Finding out how many addresses are used.
      Well now that we know how many can be given out, let's figure out how many are being used often. There's two ways to do this, a technical and a "duh" way. Let's do the technical way first...
      • Technical Way
        In your router/gateway's settings there is likely to be some spot to pull up the "DHCP Client List". This shows you a list of the machines currently connected to your router/gateway that are getting automatic/DHCP addresses, and what those addresses are.
        [IMG]
        In this example we can see two devices, using the .2 and .3 addresses.
      • "Duh" Way
        Simply count how many computers and devices in your home use your wired/wireless internet. :P This is actually often more reliable since you don't always have every single device connected at once.
    • Choose and set your static IP.
      Well now that you know the range of DHCP addresses, it's time to decide which one to use for your computer that'll be hosting the game/service. While in many cases you can simply choose one that's higher than the DHCP range and it'll work just fine, in some cases that may not be allowed, so you should pick one that's near the upper end of the address "pool" to be safe.

      So for example if 192.168.2.2 though 192.168.2.33 are being given out via DHCP, go ahead and use 192.168.2.32 or 192.168.2.33.

      As for the actual process of setting a static IP on your machine, it varies depending on your OS, but generally it involves changing the settings for your local/internet connection on the computer. Detailed information on setting it for the various OS's out there would take up way too much room, so simply use this link.

      Windows XP/Vista/7: http://www.howtogeek.com/howto/19249/how-to-assign-a-static-ip-address-in-xp-vista-or-windows-7/


    My external IP changes a lot, is there anything I can do?


    Outside of paying your ISP for a static IP address, there's nothing you can do to stop it from changing if you happen to have a situation where your ISP changes your IP address often (sometimes daily).

    However there is a way to work around it so that your external IP changing won't cause an issue for hosting! What you'll want to do is set up a DynDNS account, and then install a program to your computer that automatically keeps track of your external IP and updates the record as needed, so you can tell people to join something like "rydian-terraria.dyndns.org", and that name will always translate into your current IP address (you may see some servers already doing something like this).

    Two free services for this are FreeDNS, and No-IP
    http://freedns.afraid.org
    http://www.no-ip.com/

    For both of the services, you can sign up for the site, and add a free subdomain. If you're asked, the type of record is "A".

    Then after setting up the domain, you download a "Dynamic DNS Client", or whatever client the service suggests. Once this program is installed on your computer and you've put in the proper login/address info, it should keep your server's address updated with your current IP address automatically.



    F.A.Q.


    • I did all this but it still doesn't work.
      Go to http://canyouseeme.org/ and enter the port number you're hosting on, see what it says. There may be some firewall on your computer (perhaps built into your antivirus) that's stopping people from connecting, this is very common because the point of a firewall is to deny hosting from the inside so with most firewall software (or anti-virus programs that include a firewall) you will need to disable it or add the game/server/software to the whitelist before you can host.
    • I've added the game/server/software to my firewall before, but it stopped working after an update.
      Sometimes when programs update, they change the executable, so on technical terms it's not the exact same program it was before, so you may need to re-add it to your firewall's whitelist after it updates.
    • I don't need to port forward to host, why is that?
      Either you're not using any sort of router or firewall, or the router has already been set up by somebody else to forward all ports to the specific machine you're using (DMZ/+).
    • I'm stuck on part (x)!
      Post whatever information you have (especially your router make and model) and see if somebody can help you.
    • I'm on dialup and my hosting sucks, why?
      You're on dialup. No way around it. Dialup's bandwidth is terrible, and most modern games/services do not take it into account. Comparing dialup to modern internet is like comparing a tricycle to a modern motorcycle.
    • I'm on satellite and my hosting sucks, why?
      Satellite has two forms. One uses a dialup modem for upload (in which case you're in the same boat as dialup users as far as hosting goes), and the other uses the satellites for upload as well as download... the issue being that satellite has a very high latency associated with it, so any sort of online gaming/serving is subject to terrible lag in either case.
    • I'm on 3G/4G and my hosting sucks, why?
      Cellular internet tends to have worse latency than home broadband, and while not nearly as bad as satellite it's still often enough to ruin online gaming. If you're tethering through your phone, try getting a 3G dongle for your PC from your provider so you don't need to do that anymore, as your phone may be the bottleneck.
    • What about hamachi?
      You'll find many people are not willing to (or allowed to as it needs admin rights) install hamachi just to play on your server. If you port forward properly then anybody on the internet should be able to play on your server. In addition Hamachi encrypts the connection, which adds latency and potentially lowers usable bandwidth. If all you're looking to do is host a server, just port forward.

    triassic911, Cyan and Originality like this.
    • Member

    dicamarques Definetely not Bruce Wayne.

    Member Since:
    Jun 25, 2010
    Message Count:
    870
    Location:
    Your computer's Recycle Bin
    Country:
    Portugal
    Great tutorial, you should also mention http://portforward.com/ it helped me with weird router alot, and it as per game/app configurations. And another thing there are routers that assign the internal ip according to the MAC address, so that situation of my mom coming earlier than me and she gets my ip, it's not going to happen :P.

    EDIT: Shouldn't this be in the FAQ's/Tutorials forum??
    • Member

    ComeTurismO Look out, bitch. I'm watching you.

    Member Since:
    Sep 18, 2011
    Message Count:
    2,050
    Country:
    Canada
    Wait.. Was this made for me? If yes, I can thank you in such a way.
    • Reporter

    FAST6191 Techromancer

    Member Since:
    Nov 21, 2005
    Message Count:
    17,095
    Country:
    United Kingdom
    I should note the most popular routers in the UK (BT homehubs*) usually set their DHCP range to the end of the 192 range so you might have to go below it instead if you are doing static IP addressing. They do not offer static DHCP but they will forward to the "computer name" or if you do it right mac address like a big boy router and redo it accordingly. It will also support dyndns in router although as dyndns hosed up their free stuff last year (need a credit card and then cancel at the end of the month last I checked) it is not such a good thing.

    Also rather than paying a dynamic DNS to work on your proper domain you can always set a cname to your dynamic DNS and get a subdomain of your site (I guess you could use the default and www if you wanted but that is not usually the done thing).

    *I have seen far worse ISP routers and indeed probably prefer them to most entry level belkin, netgear and linksys junk not to mention many can do openWRT now- http://wiki.openwrt.org/toh/start#bt
    • Member

    TheRedfox Valwin V2

    Member Since:
    May 17, 2012
    Message Count:
    171
    Location:
    Nope
    Country:
    Netherlands
    Btw, if your router has the option you can better use DHCP reservation.
    [IMG]
    Then a device gets always the same IP from the DHCP server and it's better than using static dhcp
    • Member

    Rydian Resident Furvert™

    Member Since:
    Feb 4, 2010
    Message Count:
    27,886
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    I used to just send people to that site, but it's sold out now and attempts to misdirect people into buying their guide/program. I haven't been able to find another site that lists all the info without attempting to mislead the user, which is why I made this guide a while back. I've made attempts to link people there before, but they have the site set up now so that the ads come up before the router selection (and there's no way past that short of me linking to every single model page individually).

    Giving the same IP back to the same MAC is usually how DHCP is set up, the default DHCP lease time is 24 hours so the situation I listed wasn't that common, but still happened to people that swapped around machines a lot so I added it.

    @[member='Cyan']
    I keep forgetting general computer guides go there since it's not a subforum of the computer section (unlike the other guides sections which are subforums of the main ones).

    Nah I made it for Terraria a while back, since there's 50,000 kids there wanting to run "dedicated" servers on home machines with 0.5Mb/s upload that they only leave turned on 3 hours a day and also run torrent software on.


    Just didn't bother moving it here all this time since port forwarding wasn't a big concern for a while, but with the growing availability of semi-decent upload speeds in the home, and the growth of home-run game servers (indie multiplayer games mainly), port forwarding has come up in these forums more and more. Also there's been confusion here on when and why you need to port forward, so I figured moving this here as a resource wouldn't hurt.

    I'll mention that.

    How would that be done if, for example, the website and game server are running on two totally separate hosts/systems?

    Haven't seen it yet, will mention.
    • Global Moderator

    Cyan GBATemp's lurking knight

    Member Since:
    Oct 27, 2002
    Message Count:
    10,227
    Location:
    Engine room, learning
    Country:
    France
    No problem ;)
    I also kept a link in the computer forum so user can find it from both places.

    Good guide by the way :)
    I hope it will help a lot of users.


    I always want to make such diagrams, but I loose patience to draw them myself.
    I found few websites allowing online diagram creations, I might give it a try someday.
    • Member

    Rydian Resident Furvert™

    Member Since:
    Feb 4, 2010
    Message Count:
    27,886
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    I use this site for various flowcharts, such as the ones in the OP, and the ones in the PSP hacking FAQ thread.
    https://www.lucidchart.com/
    (And then edited them in an image editor if needed).
    • Global Moderator

    Cyan GBATemp's lurking knight

    Member Since:
    Oct 27, 2002
    Message Count:
    10,227
    Location:
    Engine room, learning
    Country:
    France
    That's one I found. (I was looking for programing diagrams applications but found only websites as good choice)
    This website provide a great interface, and lot of pre-created UI (ipad, iphone, etc. :P)

SPONSORED LINKS
 

Share This Page