Routers with VOIP Service
What is a port?Every ip address is divided into ports. Ip Addresses are divided into ports, so that one ip address can be used by multiple programs to send and receive data at the same time. Ports make it possible for you to check your email and browse the web at the same time. This is possible because browsing the web uses port 80, and getting your email uses port 110.
You can think of a port as a path for data. When a program is using a port to send or receive data, think of the port as blocked. Meaning that no other program can use a port when it is already in use by a program. Well that is the short and long version of what ports are.
Port Forwarding
A broadband router or other NAT application (like ICS) creates a firewall between your internal network and the internet. A firewall keeps unwanted traffic from the internet away from your LAN computers. A ‘tunnel’ can be created through your firewall so that the computers on the Internet can communicate to one of the computers on your LAN on a single port. This is handy for running web servers, game servers, ftp servers, or even video conferencing. This is called port forwarding. One of your computers could run a web server (port 80) while another computer could run an FTP server (port 23) - both on the same IP address.
DMZ
This is a feature that is included on some routers but is not in Internet sharing software. A DMZ allows a single computer on your LAN to expose ALL of its ports to the Internet. When doing this, the exposed computer is no longer ‘behind’ the firewall.
Port Forwarding vs DMZ
A DMZ is far easier to set up than port forwarding but exposes your entire computer to the Internet. Sometimes TCP/IP applications require very specialized IP configurations that are difficult to set up or are not supported by your router. In this case, placing your computer in the DMZ is the only way to get the application working. Placing a computer in the DMZ should be considered ‘temporary’ because your firewall is no longer able to provide any security to it.
Port forwarding can sometimes be difficult to configure, but provides a relatively safe way of running a server from behind a firewall. Since only a single port (or small series of ports) is exposed to the Internet, the computer is easier to secure. Additionally, port forwarding allows you to run multiple kinds of servers from different computers on your lan.
Many broadband routers have special port forwarding configuration screens for standard applications (FTP, WWW, Mail, etc) and special screens for custom applications.
Port Triggering
Port triggering is a specialised form of port forwarding which allows computers behind a NAT-enabled router dynamic hosts on a local network to provide services which would normally require a static host (a host with an unchanging network address). Port triggering triggers an open incoming port when a client on the local network makes an outgoing connection to a predetermined port on a server.
Similar to standard port forwarding, it allows a client to connect to a host behind a NAT router. The disadvantage of port forwarding is that it only allows one client on the network to use a particular service that occupies a particular port. Port triggering is unsuitable for having servers behind a NAT router (you want standard port forwarding) because it relies on the computer to make an outgoing connection before it can receive incoming ones.
NAT
NAT first became popular as a way to deal with the IPv4 address shortage and to avoid the difficulty of reserving IP addresses. Use of NAT has proven particularly popular in countries other than the United States, which (for historical reasons) have fewer address-blocks allocated per capita. It has become a standard feature in routers for home and small-office Internet connections, where the price of extra IP addresses would often outweigh the benefits.
In a typical configuration, a local network uses one of the designated "private" IP address subnets (such as 192.168.x.x or 10.x.x.x), and a router on that network has a private address (such as 192.168.0.1) in that address space. The router is also connected to the Internet with a single "public" address (known as "overloaded" NAT) or multiple "public" addresses assigned by an ISP. As traffic passes from the local network to the Internet, the source address in each packet is translated on the fly from the private addresses to the public address(es). The router tracks basic data about each active connection (particularly the destination address and port). When a reply returns to the router, it uses the connection tracking data it stored during the outbound phase to determine where on the internal network to forward the reply; the TCP or UDP client port numbers are used to demultiplex the packets in the case of overloaded NAT, or IP address and port number when multiple public addresses are available, on packet return. To a system on the Internet, the router itself appears to be the source/destination for this traffic.