1

I'm a beginner with networking, specifically linux networking, I have a question that I'll split into 2 parts :

  • If I have an x number of hops inside the same subnet ( namely 192.168.1.x ) and my goal is to have the #y port open for both UDP and TCP, I have to open ports / manage the NAT on all the routing devices or just the first and last device of interest ?
  • what if I have the same problem about keeping ports opened but the modem is on one subnet ( 192.168.1.x ) and the device is on a different subnet ( 192.168.2.x ) ?

I'm using anything from linux 2.6 to 4.x on this devices .

Thanks for your help .

user31223
  • 13
  • 2

1 Answers1

0

You don't have hops within the same network (subnet). A hop is between networks.

IP addresses are layer-3, and TCP/UDP ports are layer-4 addresses. Your subnet is all going to be on the same layer-2 domain, and layer-2 doesn't look at layer-3 or layer-4 addresses. By default, routers (layer-3) don't look at ports (layer-4). NAT messes that up, and that is where port forwarding comes in.

You only need to forward ports on devices doing NAT.

Ron Maupin
  • 98,218
  • 26
  • 115
  • 191
  • on a linux machine how do you check if " it's doing NAT " ? – user31223 Oct 12 '16 at 17:11
  • Unfortunately, host configurations are off-topic here. You could try to ask that on [su] of maybe [unix.se]. – Ron Maupin Oct 12 '16 at 17:14
  • ok, so if any of the intermediate machines is doing NAT, I have to open ports on them too ? I assume that a firewall is considered layer 4 too ... – user31223 Oct 12 '16 at 17:16
  • Firewalls, can look at various network layers, depending on the model. Most work at layer-3 and layer-4, but some can look at layer-7.See this question and answers: [How to know at what OSI Layer(s) does a firewall operate](http://networkengineering.stackexchange.com/q/17115/8499). – Ron Maupin Oct 12 '16 at 17:19