If you want to access server services on your home computer from the outside, one method is port forwarding.
Port forwarding is also translated as “port mapping”, and some machines refer to port forwarding as a virtual server.
Port forwarding allows external connections to machines hidden behind NAT, such as Minecraft server connections, access to NAS resources, P2P file sharing, etc.
Let’s give a more specific example: I want to connect to the web interface of the Linux version of qBittorrent from the outside network. When I am at home, I http://192.168.0.250:8080
can connect using a regional IP. But what about external networks? I want to be able to http://140.112.91.11:8080
connect to qBittorrent from the public IP. At this time, I have to set up port forwarding!
1. Environment
- Tested operating systems: Ubuntu 22.04, Arch Linux 6.5.0
- Modem: Zyxel P880 (modem from Chunghwa Telecom)
- Network architecture: This article assumes that the Linux computer is directly connected to the modem (little turtle, modem) through a network cable, without any router in between. At this time, the modem plays the role of NAT.
2. Linux computer settings
- Suppose I want to open a server service, use the communication port
8080/tcp
, and the firewall must allow 8080 to pass:
sudo ufw allow 8080/tcp
sudo ufw reload
- Use nmtui to connect Linux to the Internet with a fixed IP
- Use
ip addr
the command to obtain the regional IP of the Linux computer, which should start with 192.168. For example, the following is192.168.1.101
#Example output
2: enp2s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
inet 192.168.1.101/24 brd 192.168.1.255 scope global dynamic noprefixroute enp2s0
- To obtain the public IP of a Linux computer, you can use the curl tool to connect to the ifconfig.io website for confirmation. For example, the following is
140.112.91.11
curl ifconfig.io
#Example output
140.112.91.11
3. Settings on the modem
- Open the browser of the Linux computer and log in to the backend of the modem. The IP address of each modem is different. The IP address of Zyxel P880 is
http://192.168.1.1
- Google the password for P880 by yourself. Be sure to log in to the backend with the admin account.
- Check the menu on the left
Expert Mode
,Advanced Setup
andNA
it will appear in the T.Virtual Servers
The function is equivalent to port forwarding. Press Add. - Check
Custom Service
Fill in the following:
Server IP Address
Fill in the IP of the Linux computer.
External Port Start
And External Port End
fill in the communication port to be forwarded. In the example here, we fill in 8080, so that when the external connection is connected to the 8080 communication port of the modem, it will be directed to the 8080 communication port of the Linux computer.
Protocol
Change to TCP/UDP.
- Finally, press
Apply/Save
- Try using another device, enter the public IP of the Linux computer, and connect to the Linux computer.
- It should be noted that the public IP of the home network is usually floating and changes every time. If you don’t buy a domain, it’s best to use a dynamic DNS plan with a fixed connection address, such as the No-IP company’s plan.
4. Set up dynamic DNS service
This is an optional step. If your public IP changes frequently, you can run a dynamic DNS (Dynamic DNS) service and use the domain name to connect to the remote host.
For example, http://140.112.91.11:8080
change it http://myservice.ddns.net:8080
to connect.
Many companies provide dynamic DNS services. Take No-IP as an example. If you run their client on Linux, they will give you a free domain name and regularly update the DNS according to your public IP. You no longer need to remember the long IP.
Refer to How to Install the Linux Dynamic Update Client on Ubuntu
❤️ If you liked the article, like and subscribe to my channel “Codelivly”.