Mumbai University > Electronics Engineering > Sem 8 > Advanced Networking Technologies

Marks: 10M

Year: May 2013

1. Port forwarding is also termed as Network Address Translator/ Port Mapping. A technology that can provide mapping between the private and universal addresses and at the same time support virtual private networks is network address translation (NAT). The technology allows a site to use a set of private addresses for internal communication and a set of global internet addresses for communication with rest of the world. The site must have only one single connection to the global internet through a NAT capable router that runs NAT software.

2. Port forwarding can be divided into the following types:

   a. Local Port Forwarding:

   • Local port forwarding is the most common type of port forwarding. Local port forwarding lets a user to connect from local computer to another server.
   • By using local port forwarding firewalls that block certain webpages are able to be bypassed. In this technique data is securely forwarded from client application by forming secure shell of that computer. This secure shell is configured to redirect the data from a specified local port through secure tunnel to specified destination or host.
   • Local port forwarding is used to receive a Mail or to connect to website using secure shell tunnel.

   b. Remote Port Forwarding:

   • This form of port forwarding enables the server to be connected to client via secure shell tunnel. Thus it allows user to connect from server to other remote network services located at other end of Secure Shell tunnel.
   • To use remote port forwarding the address of the destination server and two port numbers must be known. Remote port forwarding allows other computers to access application hosted on remote servers.
   • Such as opening remote desktop session via network using computing port and including destination address.

   c. Dynamic Port Forwarding:

   • It allows user to connect securely to a trusted server that acts as an intermediary for the purpose of sending or receiving data on one or many destination server.
   • DPF is implemented by local application such as proxy server which acts as a secure tunnel to another server.
   • Once the proxy is not needed programs are reconfigured to original settings. Because of this they are less used.
   • DPF provides additional security to user connected through an untrusted network. DPF is also used to bypass firewalls that restrict access to outside websites.

Disadvantages:

a. Port forwarding makes server vulnerable to intruder trying to disrupt the services of server. Especially in case of dynamic port forwarding where user may bypass firewall to access blocked websites.

b. It allows only one client on the network to use a particular service that occupies a particular port.

c. Due to permanent opening of incoming ports it can be subjected to attacks. The lack of security is major disadvantage of port forwarding method.