[Gllug] port forwarding and port translation
Mike Brodbelt
mike at coruscant.demon.co.uk
Wed Aug 31 22:46:24 UTC 2005
On Wed, 2005-08-31 at 18:35 +0100, gilbert francourt wrote:
> verge of getting the NetGear DG834, but I was wondering if there were
> better (inexpensive!) ones that anyone could suggest. I came across a
> web page that said Netgear products don't do 'port translation', which
> apparently would make running home servers awkward.
>
> However, I've read the PDF manual on this model and it says that port
> forwarding can be done. Is this the same as 'port translation'?
Not usually. There are a few basic technologies:-
NAT (network address translation), which is used when you want to
translate IP addresses between an internal network and the outside
world. The usual case for this with home networks is when you want to
put several computers behind your router, but you only have one
externally routable IP address from your ISP. NAT can do more than just
this, but the use I've utlined is by far the most common on small home
networks.
NAT goes under different names in different places. The Linux kernel
used to call it IP Masquerading, but is now tending towards calling it
NAT. Windows calls it Internet Connection Sharing. Router vendors call
it whatever their marketing department feels like.
Port forwarding is where a router forwards connections received on a
certain port to a specific machine on the internal network. You need
this if you want to run a server that's reachable from the internet on a
machine without a directly routable IP address.
Packet filtering/firewalling - not so vital when the router is the only
directly internet accessible device, but absolutely necessary if you're
running without NAT. If the firewall is stateful, as opposed to just a
simple packet filter, so much the better. I'd personally always want a
router with firewalling anyway, as it often comes in handy....
> I want to attempt building a server some time, so it seems that the
> Netgear is off the menu. Or is it?
I don't know about specific models, but I set a Netgear up a while ago
for a friend, and it supported NAT and port forwarding quite happily. It
didn't have a firewall though.
If you feel really adventurous, you could buy something like the Linksys
WRT54g. It supports what you need out of the box, and when you want
more, you can re-flash the firmware with Linux, and get the full power
of the kernel iptables implementation to play with. Check out
http://www.batbox.org/wrt54g-linux.html for more info.
HTH,
Mike.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list