Djeex/docudjeex
1
1
Fork 0
Code Issues Pull Requests Projects Wiki Activity
Files
eaabf7db685774384d6735f6258859eadfa615a4
docudjeex/content/2.general/1.networking/1.nat.md
Djeex 66d51c4010 Typo
2025-07-27 14:27:10 +00:00

80 lines
4.1 KiB
Markdown
Raw Blame History

---
navigation: true
title: NAT & DHCP
main:
fluid: false
---
:ellipsis{left=0px width=40rem top=10rem blur=140px}
# Router and NAT
::alert{type="info"}
🎯 __Goals:__
- Understand how port forwarding works
- Learn how to configure router NAT
- Learn how to issue DHCP leases (fixed IPs)
::
![picture](/img/global/nat.svg)
## What is a "port"?
---
Ports are different channels through which your router sends and receives data. This allows multiple services to run simultaneously.
When it receives data through a port, your router forwards that data to the machine that:
- either initiated the request,
- or is configured to receive data on a specific port.
Your router has over 65,000 ports available.
Some programs and applications are designed to use specific ports. For example, when your network sends data from an HTML page, the router receives it through port 80 (non-secure) or port `443` (secure via SSL).
So, your router acts as a data dispatcher between the internet and your local machines.
## Port Forwarding
---
Forwarding a `port` means setting a rule that specifies which `source` can send data to which `port` on your router, which will then forward it to a specific `port` on a specific `machine`. The `sources` and `destination machine` are identified by their IP addresses.
| Variable | Description | Example |
|------------------------|---------------------------------------------------------|-------------------------|
| `source machine` | IP of the source machine (from the internet) | `All`<br>`123.45.67.89` |
| `source port` | Incoming port on the router | `443` |
| `destination port` | Port on the destination machine | `3000` |
| `destination machine` | IP of the target machine (on your local network) | `192.168.1.50` |
According to the table:
If we remove `All` and keep the IP `123.45.67.89`, all traffic from this IP sent to port `443` on your router will be forwarded to port `3000` on the local IP `192.168.1.50`.
If we remove the IP and keep `All`, then all traffic from the internet on port `443` will be redirected to port `3000` on `192.168.1.50`.
This is useful when you have a server that must be accessible from the internet. For instance, a website uses port `80` (non-secure) or `443` (SSL-secured).
To make the website accessible, you'll configure your router to redirect the domain request to your local server.
Assume your service runs on port `3000` locally (`http://192.168.1.50:3000`), you would redirect all traffic from port `443` on the router to port `3000` on the local server.
::alert{type="warning"}
:::list{type="warning"}
- __Warning:__ If you have multiple services to expose like `subdomain1.mydomain.com` and `subdomain2.mydomain.com`, your router cannot differentiate requests and forward to different ports.
You must use a [Reverse Proxy](../../serveex/core/swag) to route traffic based on the request.
:::
::
## DHCP
---
Every time a device connects to your local network, your router assigns it an IP address using DHCP rules.
This IP is randomly selected from a predefined pool.
At every device reboot, the IP may change — which is problematic if you're forwarding ports, as the target IP may no longer be valid.
To avoid this, use your router's DHCP server to assign a static IP address.
Each device has a physical "MAC address".
To assign a fixed IP, you must know your device's MAC address (visible in your router when it's connected), and assign it a static IP.
This is called a "static DHCP lease."
That way, your machine's IP never changes and your port forwarding rules remain effective.
| Variable | Description | Example |
|---------------|----------------------------------|---------------------|
| `IP` | Fixed local IP to assign | `192.168.1.50` |
| `MAC Address` | Physical address of the device | `5E:FF:56:A2:AF:15` |
For more information, refer to your router's documentation.
Reference in New Issue View Git Blame Copy Permalink