Port forwarding is a process that allows users on remote networks to communicate with a device that sits on a local network, usually behind a router or series of switches. In simple terms, it will enable users to create dedicated servers, run different types of services, and much more without being restricted from accessing anything anywhere because you will be able to direct traffic via your router directly to the desired device that sits behind it.
Put it this way: when you and I move into a new house, dorm room, or apartment, chances are we’re all sharing one router or T3 line with our housemates, classmates, or apartment-mates. That means my computer is given equal visibility than my neighbor’s machine on the same network.
But what happens if, say, I am setting up a very specific FTP server with an objective to have external contacts upload files to me? What happens if I can’t fully appreciate an Xbox game because of some lagging across the network? By default, unless you are the only device hooked up to a router, no one from outside your network can reach your network, and that’s why port forwarding exists.
Port forwarding tells your router that among all the devices hooked up to the router, certain instructions should go to certain devices. You’re opening specific ports on your router so that the traffic doesn’t bottleneck in the router; it is instead directed to the device of your choosing.
The thing is, this is hard to set up in your house unless you’re IT savvy. It’s darn near impossible to do in a dorm setup because there’s no way you’re buddy buddying up with the school’s technology department. And unless you are besties with the person configuring your router in your apartment, it’s not worth the hassle to constantly forward ports to the various devices you know will need them (your PC, Xbox, PS4, and whatever else).
That being said, we’re going to talk about how to do port forwarding yourself. In order to achieve this desired goal, you have to configure some changes on your router’s main settings to forward the desired port.
As discussed above, you can use port forwarding to remotely access your at-home devices like printers or computers. Most PC gamers port forward their routers to access an MMO game server (Fortnite or Minecraft).
There are three kinds of port forwarding actions that you can perform on a router:
Dynamic port forwarding is needed when you connect your computer to a reliable server that behaves as a single point of network to receive or send data to various servers. Dynamic port forwarding can offer extra security when you are connected to an unreliable network.
You might be having trouble with hosting a website or connecting to an online server. This is where port forwarding can help you. Chances are you can’t connect because a port needs to be opened.
If you usually play online games on your computer, download P2P files, or want remote access to some devices, then it’s worth considering port forwarding. Just a note, though: port forwarding can’t enhance your internet speed or performance. This is not how it works and not its intention; it helps with stability and ensures access, but doesn’t improve speed.
That being said, because port forwarding may support performance enhancements, port forwarding can help you play Minecraft, Call of Duty: Cold War, or Fortnite without any lagging. As you are creating a direct line of communication with a game server, you can enjoy a smooth gaming experience.
The bottom line when it comes down to port forwarding is you are just setting up your router to forward a specific incoming port to a specific device. Therefore, port forwarding is creating a bridge between your device and a server in a completely different location without any distortions.
To understand and appreciate port forwarding, you have to know about TCP/UDP ports first. The process is similar to how customer support works. If you’re familiar with Interactive Voice Response (IVRs), you may press 3 to speak with technical support and 4 to speak with the billing department.
Think of your router as an IVR; it knows specific rules and directs you, the caller, to the right place. Like an IVR, your router has specific directives configured in the backend that will perform a similar function, sending internet traffic that is associated with a port number to the specific device on the network that is configured to receive that traffic. (Don’t worry, every packet that hits your router that is intended for your game or server is embedded with the port, so your router will know what to do.)
You should also know that every application uses a specific port number to handle incoming requests from the outside world. For instance, the FTP protocol receives traffic only from port number 21, while the HTTP protocol uses port number 80.
Remember our first analogy here, the phone number of a company is the IP address, and the forwarded requests as denoted by the numbers you press when interacting with the IVR are the port numbers.
Whenever you connect to the internet, your internet service provider will assign your device a public IP address. An IP address is just a number (like your house number) that allows ISPs and other networks to recognize you on the internet. But your ISP will assign you a single IP address only; your ISP is pretty oblivious to the fact that you may have WiFi-powered cameras, tablets, 5 computers, and 3 consoles. This is where your router comes in.
When you connect your computer to a WiFi router, which connects to a modem, the router will assign private IP addresses to every single one of your devices (e.g., 192.168.2.33, 192,168.2.92, 192.168.2.221). Your public IP (let’s say it’s 220.127.116.11) address will be the one your ISP assigns you, but your private IP addresses may change.
To simplify things, look at this to understand the connection:
All connected devices at home < Wi-Fi Router < Modem < Internet Service Provider
Now comes the port forwarding part…
Take the website example here. If you’re hosting a web server, someone trying to access your website will make incoming requests to port 80, the HTTP protocol’s assigned port (unless you happen to be hosting your web server on a different port, but we’re keeping it simple here).
In order for traffic to hit the web server that’s situated behind your router (remember, with 5 computers, 3 consoles, and a bunch of tablets, among other things, how is the router supposed to know which one is the web server?), you need to specify a rule in your router configuration that directs port 80’s traffic to your web server (denoted by its private IP).
Therefore, 18.104.22.168’s web traffic will be directed via the router to 192.168.2.92:80. Without port forwarding, when you tell your two friends to join your Minecraft server using your public IP address, it won’t work. You need to make similar configurations for all the games you play, in fact.
Those configurations put simply, are exactly what port forwarding achieves. It’s a directive that “my webserver gets port 80 traffic” and “my Xbox One gets UDP ports 4500, 3544, 3074-3075, 500, and 88 as well as TCP port 3074 so that I can play Call of Duty: Modern Warfare effectively.” In other words, if you are a heavy gamer and internet geek like we are, you’ll be making a lot of rules like these to divert traffic to the right devices.
Yes and no. You are actually poking holes in your router by port forwarding. Nothing is ever safe online, and there’s always an underlying risk. On the other hand, you can’t connect to a game server or an external network without applying port forwarding rules. This leaves you vulnerable but only to specific traffic, and if the external device can’t communicate with you, it’s game over for them.
For example, you might have port 443 open for a database connection. Someone trying to FTP into that (which would normally be port 21) can’t communicate with port 443. It’s like trying to fit a square peg in a round hole.
If your router is strong security-wise and can easily dodge DDoS attacks, then opening ports is harmless. You can also use a Virtual Private Network, otherwise known as a VPN, to enhance your encryption level when it comes to port forwarding. A VPN supports both TCP and UDP ports as well as offers secure access to external servers.
You need to know the IP address of your router and the device you are using, and the port numbers of a game server. Port numbers are well defined for games or requests so you don’t have to worry about finding them. The easiest way to find your router’s IP address is to visit our router IP page.
Another easy way to open ports on your router is to use a VPN that offers port forwarding. Forwarding ports using a VPN is much easier than manually configuring the router, especially when there are many many ports to open for many many games. Using a port forwarding add-on can help get around NAT firewalls and also encrypt your internet connection.
You can either connect a VPN before you apply port forwarding rules on a router or afterward. The idea is to protect your direct line of communication from unknown requests and DDoS attacks.
Here’s how to use our Port Forwarding Add-on:
This is how you can port forward a game or router and protect your incoming traffic at the same time. You can rely on PureVPN’s bank-grade encryption and security protocols to prevent prying eyes from snooping into your network.
Use our port forwarding add-on and create servers without any risk of a DDoS attack (after all, your IP address can change on a click with a VPN). As you know, nothing is safe online. Since hackers are smarter than most internet users, you have to ensure online safety at all times.
Apples and oranges, baby. Port forwarding can simply create a connection between your device and a remote server. The process can’t enhance or affect your ping time in any way. However, you are able to download P2P files much quicker via port forwarding, but not because of a low ping time.
For port forwarding rules, it’s recommended that you use a static internal IP, not a dynamic IP address. The reason is simple: you want the router to point to your device at all times. Let’s look at it this way:
Say you have a laptop with a dynamically assigned IP address (let’s say it’s 192.168.3.21) that you set up port forwarding rules to port 81. Now say you take that laptop on a business trip for a week. You come back home, reconnect to the network, but your router now assigns you the IP address of 192.168.3.33. The port forwarding rule only applied to 192.168.3.21, so your router will attempt to forward port 81 traffic to a device that is no longer seen by the network.
Therefore, on your network, you should always reserve the IP address of the devices behind it, thereby making them static and not dynamic. Your router will recognize your laptop’s MAC address (that’s your identifier) the next time you reconnect to the network, ensuring that you’ll reclaim 192.168.3.21.
Yes, it can if you are using IP cameras. The best way to boost security is to close all unknown ports when you are not using them and use VPN encryption when accessing remote cameras. If you don’t do that, then peeping Toms (and other curious hacker types) can get access to your in-home security cameras.
The major difference is you need a static internal IP address for port forwarding while port triggering requires a dynamic IP address. With port triggering, the IP address keeps changing, and therefore it is considered more secure than port forwarding.
UPnP, also known as Universal Plug and Play, is another form of port forwarding where you open ports automatically. You can use UPnP to create a line of communication between internet-connected devices. Learn more about UPnP.