Difference between External/Internal Start/End port?

router port-forwarding port
41,938

Let's start by understanding the difference between the external and internal port.

According to this article:

“External Port Range“: Ordinary, the external port range matches the Internal port range. However for security purposes, we may want to change the external port value.

“Internal Port Range“: Port value of the service running on the internal IP host. The services were going to make available and port number associated are, FTP 21, IIS 80 and RDP 3389.

If you are running a server for a game that uses port 12345, on a computer with internal IP address 123.123.123.123 and you have a router with external IP address 12.12.12.12

Normally, you set up the port forwarding such that for any traffic that goes to 12.12.12.12 with a port value of 12345, the router would direct them to your computer 123.123.123.123

When your friends want to join you, they enter your IP address 12.12.12.12 with a port value of 12345 and they will be able to connect to your server.

But what if, you don't want others to know what game server you are actually running? This can happen if the port 12345 is well known enough that everyone would know what service is running when they see port number 12345. That is where internal and external port come in handy.

The router specifies an internal port, in our case, the 12345 that directs traffic to our computer. Additionally, it also specifies an external port, which you can choose arbitrarily, such as 11111. In this case, anyone that wants to join your game has to enter your ip address with the external port 11111 and when the router receives the request, it will understand that this is a request to the port 12345. Essentially, you masqueraded the original port.

The benefit of this is that those that stumbled upon your router and saw an opening port 11111 would not be able to know what service is actually being run.

Regarding the start and end point, it allows you to input a series of port number without having to type them in individually.

Share:
41,938

Related videos on Youtube

Tyilo
Author by

Tyilo

Lol

Updated on September 18, 2022

Comments

  • Tyilo
    Tyilo over 1 year

    When setting up port forwarding using NETGEAR Genie, I can specify up to 4 different ports for each forwarding:

    • External Start Port
    • External End Port
    • Internal Start Port
    • Internal End Port

    If you could only specify two ports (eg. external and internal), I would assume that the router would check if the port specified in the packet matched the external port and if so, it would rewrite the packet with the internal port and send it to the specified local ip address.

    What do each of these mean? Which are conditions and which are rewriting rules?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why do I see router and not my real IIS?
Cannot open port 443 on modem
What happens to other computers on a network when you forward a port?
how to move router port 80 to other?
Port forwarding with PROLiNK H5004N ADSL
Ports closed when checked with canyouseeme.org
Port forwarding not working for port 9
Scanning my public IP address with Nmap finds TCP port 1720 open, is this a security concern?
I don't see a port forwarding option in my router, how can I set up a ssh server then?
Are there good alternative HTTP ports rather than port 80?