Routing

Let us look at an everyday event.

John Doe of Super Duper Inc. places a call to me, the telephonist will make that call and leave me a message if I could not come to the telephone. When I return call to John, the telephonist will transfer the call to John knowing that John has placed a call to me. If someone were to call and says one is returning call to John, the telephonist probably will cut the connection.

That event is a typical routing. Outgoing calls are recorded and stored. A return call is checked against the records and transferred to the station which made the outgoing call if there is a match or dropped when there is no match.

I will take bits from the event and put them in networking terms.

Telephone number of Super Duper Inc	public IP
Telephone extension of John's Department	private IP
Telephone extension of John Doe	private port
My name	a domain name
My telephone number	another public IP
My department telephone extension	any private IP
My telephone extension	any private port
Telephonist	router

The telephonist's routing table probably will look like this:

from  John  Sales  to    MyName  MyPhone  nil  nil  PSTN 
to    John  Sales  from  MyName  MyPhone  nil  nil  PSTN

Let us try to write that as a routing table:

source      [private IP] [private port] destination [public IP] any any TCP 
destination [private IP] [private port] source      [public IP] any any TCP

Unlike a telephonist who will consult the intended recipient of a call before deciding if a call should be transferred or dropped, a router will not check anything other than the routing table and will return or drop in-coming packets.

In some organisations, the telephonist is given additional lists, such as list of employees who can make calls beyond city limits, list of employees who are not allowed to receive calls. Similarly, routers are also equipped with additional utilities to perform tasks like blocking access to certain domain and local IP filter.

Real world example

dos-netstat-r: Output of netstat -r

Here is a routing table taken from an internet host:

To see the routing table on your system, issue this command from DOS:

$ netstat -r

Note that the command shown is that of Linux whereas the figure is that of DOS. The command netstat -r is the same on both operating system.

Summary

Routing is the redirection of signals originated from a host within the local net to [the gateway of] another network and of signals returning from the remote net. If the originating source is remote, signals will not be routed.

Network Address Translation (NAT)

NAT is another way of saying routing. The translation referred to is the substitution of private IP with public IP at the gateway (router) on out-bound packets and the reverse on in-bound packets.

Q&A

How do I allow remote-originated signals into my LAN?

You can allow remote signals by port forwarding, that is by redirecting such signals to a port on a local IP within the local net. Virtual servers and network address/port translation (NAPT) work on the same principle as port forwarding. You should not forward any port if you are not hosting any server. You should also refuse installation of any application which requires you to open a port until you have fully understood the consequences of doing so.

My server port is forwarded correctly because people are downloading from my P2P connection...

P2P works on send-reply technique to get packets through the router into a local net (your computer) just like a browser. It does not need any forwarded port.