My PC is sitting behind a wireless router and I’m interested in using it as a server of various flavors. Assuming that no one else in the house is doing anything similar, will configuring the router to forward traffic on certain ports mess up anyone else’s typical internet experience?
Services I’m thinking about would be: http, ssh, svn, rdp, random ports to create a game server, etc…
Also, I won’t be able to get back to the thread until later tonight, but thanks in the meantime for any info.
Yes, I know that I can use non-traditional ports for most things. RDP is bad example anyway. Let’s just look at http (port 80). If I direct all incoming http requests to my machine, will that mess up anyone else’s internet?
No, because it’s associated with your public IP address (i.e. the public IP address on your firewall, router or other gateway device). What happens is that when a packet comes in on ‘your’ public IP, if you have a port forward for, say, port 80, to an internal private IP address, it will send it on. Unless you have a bunch of other customers down stream (i.e. you have a bunch of folks on your internal network using the same internet gateway) it will only effect packets coming in to your public IP.
Hopefully this makes sense as I’m writing it on my iPad in an airport, always a shaky proposition for clarity sake. The bottom line is it won’t effect anyone else (with the caveat I mentioned earlier about having others on your private network using your gateway).
Are you thinking that all HTTP traffic uses port 80? It doesn’t. When computer B is trying to connect to computer A on port 80, computer B is using a random port for the connection. Looking at the connections I have now, they’re all using high random numbers like 46677, 40540 and 55750 to connect to various sites and servers.
The only way it would mess up anyone else’s internet is if they’re running a webserver on port 80. In that case, people trying to view their site would be directed to your computer. But if they’re just surfing the net, their computer isn’t sending requests and waiting for replies on port 80, they’re using random high number ports to connect to port 80 on somesite.com.
Port 80 is the standard (default) HTTP port. Most webservers and browser capable devices come with port 80 out of the box. And this is simply wrong:
It won’t mess up their webserver unless said server is on your network and accessed through your gateway (in which case there are other ways to get around that…like simply changing the port numbers or getting a block of public IP addresses and having each webserver services by a different public IP). If it’s on my network then nothing you do will interfere with my webserver, no matter what port you use.
Think of it as a house address. If I send a letter to your house address and tell you to redirect it to your brothers bedroom if it comes in with a certain marker on it then it will only affect letters going to your house. Letters coming to my house are addressed to my house, so won’t be affected by any additional forwarding that may be placed on letters going to your house…and vice versa.
Yep, I know that. I assume the OP wants to forward HTTP (and a bunch of other ports I see) to a webserver or game server he’s got at his house, or he’s got a browser capable device inside his network that he wants to forward too. I also assume s/he is asking if by doing so it will effect someone else not on his or her internal network by doing so.
Assuming my assumptions are assumed correctly (;)) then the answer is ‘no’…putting port forwarding won’t affect any inbound port 80 traffic to any other network. It also won’t affect any of the internal users of the OPs network on outbound HTTP traffic either, obviously.
Am I not understanding what the OP is asking? Like I said, I’m posting this from my iPad from an airport, so it’s always possible I’m not getting what’s being asked.
Right, which is exactly what he was asking. Well, he was asking if directing http requests to his machine would mess up the internet connection of anyone else on the network. I’m just guessing that he may be under the impression that all computers use the same port for http requests and was illustrating that they don’t. Of course, port 80 was just an example since it’s the default/most common.
Right, because port forwarding only affects inbound traffic (i.e. traffic coming in from the internet), not traffic originating from inside the network (like, say a computer browser trying to get to the straightdope). Same goes for the other ports…we are talking inbound packets, not outbound packets originating from within the private network.
I’m not sure what this even means, to be honest. So, let me 'splain. pause Never mind, that will take too long. Let me sum up:
You put a port forward on a router, firewall or gateway device so that inbound traffic (coming in from outside your network, i.e. the internet) can access a device inside your network using a standard port and through a public IP address (RFC 1918 private network addresses are non-routable on the internet). So, if I have, say, a gaming server that I’m hosting inside my network, and I want my buds to be able to get to it, I’ll set up a port forward on my firewall that takes inbound traffic to my public IP (say, 12.12.12.12) and forwards it to my internal game server (say 192.168.1.1) on all port 80 and 225 traffic (just to use an example). So…if an inbound packet comes in to 12.12.12.12 on ports 80 or 225 it gets automatically forwarded to 192.168.1.1. That’s really it. It doesn’t affect any traffic originating from my 192.168.1.0/24 network, since that’s kept in a separate NAT table…so, when I’m trying to get to alt.sex.farmanimal.com (not a real URL ;)) my port forward won’t affect that traffic at all, and it will happily go on it’s merry way, giving me the access I crave.
Hopefully I’ve answered the question and not made things more confusing. Apologies if I have, I’m a bit punchy atm after nearly a day of travel…and I’m a bit, um, impaired as well.
This part of the OP leads me to believe s/he is asking whether or not configuring ports on the house network will negatively impact the typical Internet experience of anyone else IN THE HOUSE.
Then again I am on an iPod myself so I might be reading it wrong.
I didn’t read it that way at first, but I think you have it right ZipperJJ…I think that’s exactly what s/he is asking. The answer, in either case is still ‘no’, however.
Port 80 is the HTTP server’s listening port, i.e. client’s (for example web browser) destination port. The browser’s source port will be a random non-privileged port assigned by the operating system. That’s what Fubaya was saying.
Right and I agree with you that the answer to the OP is no, if no one else is running any network services, like the OP stipulates.
We were talking past each other, then. Or you guys were talking and I was too dense to follow what you were saying. I’d subscribe to the later, since it is, well, me.
The quick answer is that yes, port forwarding can mess up internet connection for the other computers behind your router. But if you choose non-standard, high number ports you won’t have any problem.
No, it can’t, assuming you mean ‘the other computer behind your router trying to get out to the internet’. It won’t have any effect at all. That’s not how port forwarding works. It will only affect inbound traffic coming into your private network from the internet.
I have my firewall at home forwarding port 80 to one of my network appliances inside my private network and it has zero affect on any of my workstations, servers or wireless devices getting out to the internet and going where ever they want to go.
Thanks for the replies guys. There is a possibility I completely forgot about making this thread…
The reason I posed the question in the first place is because when I was talking about this with my labmate, he thought it would mess things up for other people because Hulu (among other sites) runs some sort of client-side service that responds to incoming traffic which I assume is routed via NAT rules.
So, with my understanding of port forwarding of just being a static NAT rule, that would mess it up if what my labmate says is accurate, right? Unless, I guess, as Fubaya has brought up, the service is receiving traffic on some random high numbered port.?