Port Forwarding and Port Triggering

Port forwarding or port mapping is the name given to a technique of forwarding data from a port on one node to another node. Port triggering is a dynamic form of port forwarding used when port forwarding needs to reach multiple local computers.

Port triggering is used by network administrators to map a port or ports to one local computer. Port triggering is considered to be dynamic because ports are opened when they are needed and closed when they aren’t in use.

In theory, sending data from device to device is a simple concept, but what happens when you want to access a service remotely? Your ability to connect with internal networked devices is restricted by a firewall that has been designed to keep out unwanted intruders. To sidestep these concerns administrators use port forwarding and port triggering to allow end-users to connect.

With port forwarding and port triggering data is forwarded to ports locally, remotely, and dynamically. The router acts as an intermediary that sends data back and forth between the networked devices in a way that external users can access.

What is Port Forwarding?

Port forwarding or port mapping is the name given to a technique of forwarding data from a port on one node to another node. Essentially data is intercepted and redirected from one computer to another. Port forwarding is used in scenarios where you want to access a networked device or service connected to the internet from a remote location.

There are many different forms of port forwarding including:

  • Local Port Forwarding – Sends data from one client application within one system. Local port forwarding is used for connecting to local computers and sidestepping firewalls.
  • Remote Port Forwarding – Allows server-side applications on SSH to access services on the client-side.
  • Dynamic Port Forwarding – Forward through a firewall or NAT by discovering loopholes.

How Does Port Forwarding Work?

In a stock TCP/IP network, there are many ways that data can be transmitted throughout the network. However, on the whole, when data is transmitted from one location to another it is broken down into packets so that it can be easily transported. Each packet contains information that details things such as the final destination the packet is traveling to.

These packets are sent between network devices through routers which act as intermediaries. Routers are tasked with sending and routing packets to their final destination. To do this, the router looks at the information inside the packets. For example, the router uses the header of the packet to send it along to its final destination.

Port forwarding changes this approach by having an application intercept packets once they are in transit. The intercepting application takes on the role of the router and notes the packet header and destination before rewriting it. Once the information is rewritten the application then sends the packet to another destination that is different from the one originally listed.

Related post: Port Mirroring Guide

How to Set Up Port Forwarding

The first thing you need to set up port forwarding is a device using a static IP address. A static IP address is essential because it ensures that you only need to enter the specific IP address once rather than every time the IP address is renewed. You can configure a static IP address from your computer or within the router.

How you do this on a router is dependent upon the vendor or type of router that you’re using. Generally though, you’ll want to be operating as an admin and look for settings including; client list, DHCP pool, and DHCP reservation.

At this stage, you’re looking for a list with all the devices connected to the router where you can locate the specific IP address of the device you want to forward to. To select the IP address you want to click Add or Reserve so that packets are sent onwards.

Now log in to the router as an admin and find the port forwarding settings. These are generally titled Port Forwarding or Port Triggering but the name differs from router to router. Next, you need to type the port number or range that you want to forward. The process is slightly different for individual ports and port ranges:

  • One port – type the port number in Internal and External boxes
  • Port ranges – Enter the port in the Start and End sections

The port numbers you use will depend on the service that you’re trying to support. Most applications will tell you the ports you need to open. Next, pick TCP or UDP and then enter the static IP address we mentioned earlier. To finish off, enable your new port forwarding rule by setting it to Enable or On.

What is Port Triggering?

Port triggering is a dynamic form of the port forwarding model. Generally, port triggering is used when the user needs to use port forwarding to reach multiple local computers. However, port triggering is also used when applications need to open incoming ports that are different from the outgoing port.

Port triggering is used by network administrators to map a port or ports to one local computer. Port triggering is considered to be dynamic because ports are opened when they are needed and closed when they aren’t in use.

How does Port Triggering Work?

When using port triggering, the router is used to monitor traffic within the network. The user specifies a trigger port that sends outbound data. The router then logs the IP address of computers that have sent traffic to that port. The router then opens an incoming port or ports before forwarding the traffic to that location.

It is important to note that port forwarding is dependent not just upon the user choosing a trigger port but also specifying which incoming ports you want to use. Port triggering is considered to be secure because ports are closed when they aren’t in use. This minimizes points of entry that cyber attackers can attempt to exploit.

How to Set Up Port Triggering

Setting up port triggering isn’t a complicated process. The first thing you need to do is log into the router’s Web setup page. Here you will find port triggering options within or near port forwarding settings. The exact setup process is dependent upon the type of router you’re using and the vendor.

On Netgear routers, you’ll find the setup options under the Port Forwarding/Port Triggering page. Once you’ve found the Setup page the router will require an incoming port number and an outgoing port number (or range).

Why is Port Forwarding Important?

Port forwarding is extremely important because it provides the user with a way to access LANs remotely through the internet. ‘Forwarding packets’ ensures that end users can make their way around the firewall and interact with services within the network. Port forwarding is important because most networks have a firewall that is used to block incoming ports. Firewalls keep these ports blocked to ensure that the network stays secure.

Without port forwarding, it would be harder for end-users to access services when offsite in a remote location. The router bridges the gap because it listens for traffic on specific ports and then forwards it to a resource once the user makes a request. Port triggering works similarly but closes ports when they aren’t in use.

What is the Difference Between Port Forwarding and Port Triggering?

Port Forwarding
Port Triggering
Static IP
Dynamic IP
Selected ports constantly available
Ports only open once triggered
IP addresses need to be specified
IP addresses identified automatically

At a basic level, port forwarding and port triggering are two different techniques for routing packets within a LAN. Each can be configured within the router to route traffic more efficiently. However, while port forwarding and port triggering bear certain similarities they are different due to their use of open and closed ports.

When using port forwarding a port on the router is left open continuously so that packets can be received easily. On the other hand, port triggering opens a port for a specified period of time. It is for this reason that port triggering is considered to be a dynamic extension to port forwarding.

Of the two techniques, port triggering is more secure because it minimizes the amount of time ports are left open. Ports are vulnerable to cyber-attacks and port forwarding can be problematic because ports are left open continuously. In other words, port triggering is considered to be the superior technique in terms of security.

Port forwarding is made possible by a protocol called UPnP or Universal Plug and Play. UPnP is based on the PnP protocol that automatically connects devices with each other via peer-to-peer direct connections or a network. Whenever a device is connected to the network it is automatically given an IP address and is provided with the details of other devices connected to the network.

UPnP is important to port forwarding and port triggering as it is one of the technologies that underpin them. UpNp is used because it can accommodate ethernet, wifi, firewire, and Bluetooth connections.

As a protocol UPnP has a number of security issues that you need to bear in mind. One of the most significant is that there are a number of vulnerabilities within the code of UPnP that can be exploited by cyber attackers. Attackers can insert their own code to interfere with your network.

Coding vulnerabilities aren’t the only concern as UPnP also makes your devices easy to discover on the network. This means that people can see your devices on the internet and attempt to gain access to private devices within your network. As such, you need to be particularly vigilant when using port forwarding and UPnP.

See also: LAN monitoring tools

Is Port Forwarding Safe?

As we discussed further above, port forwarding can be considered unsafe because it keeps ports open and thus vulnerable to external threats. Now while port forwarding is classified as an insecure method, it isn’t necessarily unsafe if it is managed correctly. The golden rule with port forwarding is that the method is as safe as the application where data has been forwarded to.

Making the decision to open a port should be made by considering the risks that you leave the network open to by opening the port. If you make the decision to open the port then you can minimize the risks by ensuring that the connected application is kept updated and patched. Updating the application will help to decrease the risk of any vulnerabilities being exploited.

Even if you’re proactive there is still a risk that the application can be compromised, but this is true of networking in general. Ultimately port forwarding should be used if the benefits to the application exceed the security risks that are possible by keeping ports open.

Port Forwarding and Port Triggering vs Virtual Private Networking (VPN)

Users looking to access a service remotely aren’t limited to port forwarding and port triggering because they can also use a VPN. With a VPN, users can connect to a LAN as if they were within the local network. As a result, VPN is used for many services as it provides a simple way for end-users to connect to remote services.

There are a number of advantages that a VPN has over port forwarding particularly in terms of security. For instance, a VPN uses encryption and requires a password to be accessed. It is also more secure because it doesn’t require the user to leave open ports which can be exploited by attackers.

However, a VPN is also easier to configure as well. Unlike port triggering and port forwarding, all ports and internal resources can be accessed with a VPN. With port forwarding and port triggering, you need to create rules for devices that you want to use. Creating these configurations requires extra work from the administrator.

That being said, port forwarding and port triggering can be faster because traffic doesn’t need to be encrypted. VPN encryption may make users more secure but it also slows access to the service. Likewise, the sign-in process can take longer with a VPN as the user needs to log in to the VPN connection and then the internal resource each time.

Port Forwarding and Port Triggering: Data Transfer Essentials

Port forwarding and port triggering are two of the most important techniques in an administrator’s arsenal to help manage packet transfers more effectively. Configuring a router to send packets to certain ports helps to automate packet flows so that remote users can interact with network services. Though port forwarding keeps ports open and raises more security risks, it is still widely used by enterprises today.

The dynamic approach of port triggering provides a port forwarding option that is more secure and keeps ports closed when they aren’t in use. Though this does help to increase security it is important not to fall into the trap of thinking that port forwarding is completely insecure. Port forwarding remains a viable option so long as you manage the connected application effectively. With regular updates and patches, port forwarding is still relatively secure.

Port Forwarding vs Port Triggering FAQs

What is the difference between DMZ and port forwarding?

A DMZ is a “demilitarized zone.” In networking, this term means an area of the network that is accessible to the public. The DMZ isn’t undefended. It has a firewall and traffic management devices, such as load balancing and DDoS protection, to protect it. However, there will be a second firewall between the publicly accessible DMZ and the network used for office functions. Port forwarding involves network address translation (NAT) it maps private network IP addresses to unique public IP addresses for use on the internet. As you can see, DMZ is a network topology and port forwarding is an address management strategy.

Is port forwarding worth it?

In some instances, port forwarding is a bad idea. The incompatibility of private network addresses and the address space of the internet automatically creates a very strong defense against hacker attack – port forwarding weakens that defense. However, businesses that need to allow incoming connections in order to operate will need to implement port forwarding.

Why is my port closed after forwarding?

An “open port” is really a daemon running on the device recursively. If that process is stopped, the port will be closed. It could be that the daemon has instructions within its code to stop once a transmission is received. It could also be that a network management tool has done a port sweep and closed all unnecessary ports – that is, killed non-essential services that expect to receive data on the network.

Do I need to restart the router after port forwarding?

Ordinarily no. The device should start implementing the port forwarding instructions as soon as they are saved. Similarly, the removal of port forwarding instructions should be implemented as soon as the changes are saved.