Target audience: LAN users
Used tools: router
What’s the purpose: config DDNS
Well – one day i have to login to my raspberry with Drupal blog on it, with other WiFi router Both of them have a quick setup -all procedure make necessary configuration automatically. Internet access was made and worked but blog on the Raspberry could not be seen – instead of blog I saw login page of router. With little help I remember that there was additional configuration in the router – I have to config so called forwarding – then my colleague remind me these two rules :
- If you have to use i-net for all PC in LAN behind router , then NAT must be enabled – this is made in most SOHO routers by default
- If you have a PC in your home LAN, behind the router , which have to receive the requests from i-net , then you have to config so called port forwarding or simply enable DMZ on IP address of this PC – in my case – IP of the raspberry from inner/home LAN
MORE INFO :
http://www.howtogeek.com/66214/how-to-forward-ports-on-your-router
http://superuser.com/questions/284051/what-is-port-forwarding-and-what-is-it-used-for
https://www.quora.com/What-is-the-difference-between-dmz-and-port-forwarding
DMZ is more dangerous since you’re opening ALL ports, and relying 100% on the software the machine the ports are forwarded to. Any services or vulnerabilities that exist on that machine are fully exposed to the internet unless that machine is running a software firewall.
With individual port forwarding, you’re only opening what you need, usually for the purpose of hosting a service (i.e.: FTP server, game server). With individual port forwards, it is only a security risk if the services running on those ports have vulnerabilities.
Forwarding ports != opening ports. Ports are opened by services listening for unsolicited inbound connections. “DMZ” only forwards all ports; whether they are opened, or not, depends upon what is running on the computer.