9 Replies - 2387 Views - Last Post: 24 February 2010 - 10:58 AM

#1 Xioshin  Icon User is offline

  • D.I.C Regular

Reputation: 4
  • View blog
  • Posts: 264
  • Joined: 05-November 08

How does the router know which machine to point you to remotely?

Posted 23 February 2010 - 05:58 PM

Hi, I have a question which will probably lead to a pretty basic answer :)

I'll give you some fake details to make it a lot easier to provide the answer. Thanks in advance.

[Network Details]
IP address of network (external, visible from outside) - 123.123.123.123
Gateway (Router) - 192.168.1.1
IP address of 1st machine running VNC Server - 192.168.1.10
IP address of 2nd machine running VNC Server - 192.168.1.20

Let's say from a remote location I wanted to connect to the 2nd machine. In the VNC Client, I would put 123.123.123.123, but how would I specify which machine I want to connect to? All the external will do is point me to the proper gateway (123.123.123.123 --> 192.168.1.1). Now that the gateway has received a VNC client connect request, how does it know which machine to pass the request to?

I assume it has something to do with firewall configuration. In the firewall configuration, even if I had port 5900 open to allow VNC, wouldn't it be logical to make the rule say "inbound, any machine"?

In this example, we are getting inbound connections for 2 machines, but even then, having 2 firewall rules will still not tell the gateway which machine I am trying to VNC to. How do I target a particular machine from outside the local network?

Is This A Good Question/Topic? 0
  • +

Replies To: How does the router know which machine to point you to remotely?

#2 Trakker  Icon User is offline

  • A$$hole Extraordinaire.
  • member icon

Reputation: 13
  • View blog
  • Posts: 2,386
  • Joined: 06-June 01

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 12:33 AM

Ports.
When these VNC servers are set up, they have the option of letting you chose which port they advertise on (or to leave as default). Then on the router in front of those servers, there should be port forwarding, saying anything coming to the router destined for inside the network on SPECIFIED PORT NUMBER send to SPECIFIED IP ADDRESS.

For example (using your IP addresses)
VNC server 1 192.168.1.10 is running VNC service on port 6900.
VNC server 2 192.168.1.20 is running VNC service on port 6910.
Router has rule tcp/udp traffic inbound any IP address on port 6900 forward to IP address 192.168.1.10
Router has rule tcp/udp traffic inbound any IP address on port 6910 forward to IP address 192.168.1.20

This is the concept yes, but if you need help configuring, let us know what vnc server you're using and what router.
Was This Post Helpful? 4
  • +
  • -

#3 baavgai  Icon User is online

  • Dreaming Coder
  • member icon

Reputation: 5832
  • View blog
  • Posts: 12,686
  • Joined: 16-October 07

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 04:32 AM

The magic term you're looking for is NAT. The short answer is, incoming requests to the gateway generally don't get to find the machines behind the router. Part of the point of NATing is to hide your private networks from the big bad world.

That said, the idea of using ports to route to separate boxes it quite good. A number of gateway routers support something called "port forwarding". On the router itself you may be able to set this up so that external request for a given port get sent to a given address. You may have to specify protocols as well on the router.
Was This Post Helpful? 0
  • +
  • -

#4 Xioshin  Icon User is offline

  • D.I.C Regular

Reputation: 4
  • View blog
  • Posts: 264
  • Joined: 05-November 08

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 08:58 AM

View Postbaavgai, on 24 February 2010 - 03:32 AM, said:

The magic term you're looking for is NAT. The short answer is, incoming requests to the gateway generally don't get to find the machines behind the router. Part of the point of NATing is to hide your private networks from the big bad world.

That said, the idea of using ports to route to separate boxes it quite good. A number of gateway routers support something called "port forwarding". On the router itself you may be able to set this up so that external request for a given port get sent to a given address. You may have to specify protocols as well on the router.


Thanks Baavgai, but that was part of my initial question. VNC runs on a specific port, does it not? Once that specific port is used up by one machine, how can I possibly have another machine using that Protocol Port + 1, another machine using Protocol Port + 2, etc. (5901, 5902, 5903, etc...)

I very much understand the fact that we use NAT to make sure hosts outside the network can't see what's inside. The other side of your answer I'm still unclear about as well: "may be able to set this up so that external request for a given port get sent to a given address".

Are you saying if I had a machine running on port 30000 and I wanted to target that machine, I could do "192.168.1.10:3000", and if I wanted to target the other machine, I do: "192.168.1.20:30001" ?
Was This Post Helpful? 0
  • +
  • -

#5 dorknexus  Icon User is offline

  • or something bad...real bad.
  • member icon

Reputation: 1256
  • View blog
  • Posts: 4,618
  • Joined: 02-May 04

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 09:17 AM

Via port forwarding, that's correct. The router will know to forward any incoming data on a certain port to a certain machine on the internal network. At a more basic level, routers utilize routing tables to remember which machines are attached to which physical ports. This is similar to NAT which uses translation tables however not all routers do NAT.

You are also correct in thinking that you can't specify which client to connect to without changing the port. Port forwarding can only be setup to forward traffic to a single machine for a given port range. The port ranges must be disjoint between machines.

This post has been edited by Dark_Nexus: 24 February 2010 - 09:20 AM

Was This Post Helpful? 0
  • +
  • -

#6 Trakker  Icon User is offline

  • A$$hole Extraordinaire.
  • member icon

Reputation: 13
  • View blog
  • Posts: 2,386
  • Joined: 06-June 01

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 09:39 AM

Quote

When these VNC servers are set up, they have the option of letting you chose which port they advertise on (or to leave as default).


If not during setup, then there should be an option in the configs. Please provide us with the vnc server you're using.
Was This Post Helpful? 0
  • +
  • -

#7 Xioshin  Icon User is offline

  • D.I.C Regular

Reputation: 4
  • View blog
  • Posts: 264
  • Joined: 05-November 08

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 09:54 AM

I'm not tracker, I specified that in my beginning post. I'm just trying to REALLY understand how multiple machines running the same services can both be running concurrently without any connection issues from remote hosts.

I understand that I can use ports to get the router to know which machine I want a remote machine to be able to connect to, BUT... It's not like I get a free choice of which port its running on.

If I have 3 machines running VNC on the designated VNC port (5900), how can I possibly have a remote host connect to machine #2 in my local network instead of machine #1 or #3?

EDIT --- Ohhh Okay, so I can have one running on 5901, another running on 5902, etc, and then in my router configuration create multiple rules, one for 5901 going to machine 1 IP address, another rule for 5902 going to machine 2 IP address... Gotcha! Is this correct?

This post has been edited by Xioshin: 24 February 2010 - 09:57 AM

Was This Post Helpful? 0
  • +
  • -

#8 Trakker  Icon User is offline

  • A$$hole Extraordinaire.
  • member icon

Reputation: 13
  • View blog
  • Posts: 2,386
  • Joined: 06-June 01

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 10:15 AM

Yes.
Was This Post Helpful? 0
  • +
  • -

#9 baavgai  Icon User is online

  • Dreaming Coder
  • member icon

Reputation: 5832
  • View blog
  • Posts: 12,686
  • Joined: 16-October 07

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 10:17 AM

View PostXioshin, on 24 February 2010 - 10:54 AM, said:

Is this correct?


You got it.

Ports are just numbers; they are fundamentally arbitrary. Certain ports are traditionally used by certain things, but that needn't constrain you. You choose the ports you want your services to run on. From a security perspective, it's sometimes even a good idea to move services off their expected port, if you want them available but less well known.
Was This Post Helpful? 0
  • +
  • -

#10 Xioshin  Icon User is offline

  • D.I.C Regular

Reputation: 4
  • View blog
  • Posts: 264
  • Joined: 05-November 08

Re: How does the router know which machine to point you to remotely?

Posted 24 February 2010 - 10:58 AM

View Postbaavgai, on 24 February 2010 - 09:17 AM, said:

Certain ports are traditionally used by certain things, but that needn't constrain you. You choose the ports you want your services to run on.


You've cleared it all up now. Thanks very much.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1