2024-07-12
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
Port Mapping, also known as Port Forwarding, is a technology that redirects the data flow of one network port to another network port. This is often used for services running behind a firewall or router, allowing external devices to access specific services in the internal network. Port mapping can be done in a local network or across networks, through protocols such as SSH.
Local Port Forwarding:
8080Mapped to the remote server80port, so that it can be accessed locallylocalhost:8080Access the web services of a remote server.Remote Port Forwarding:
2222Port mapping to the local computer22Port, so that you can access the SSH service of the local computer through the remote server.Dynamic Port Forwarding:
Remote access to internal services: Through port mapping, you can access specific services within the company or home network from the external network, such as web servers, database servers, etc.
Firewall penetration: Through port mapping, you can bypass firewall restrictions and access services blocked by the firewall.
Improved safety: Port mapping through SSH tunnel can encrypt data transmission and improve security.
Load balancing and proxying: Load balancers and proxy servers often use port mapping technology to distribute and forward traffic to improve service reliability and performance.
Suppose there is a web service running on a remote server, and the port it listens on is80To access this service from your local computer, you can create a local port mapping using the following SSH command:
ssh -L 8080:localhost:80 user@remote-server
This command will be the local computer's8080Port mapping to the remote server80Now, access the local browserhttp://localhost:8080, which is equivalent to accessing the Web service of a remote server.
There are several main reasons for port mapping (or port forwarding) during development:
Accessing protected services: Some services on your development machine may only listen on the local host (127.0.0.1) and cannot be accessed directly from the outside. Through port mapping, these services can be exposed and accessed from the outside.
safety: Port forwarding through SSH tunnels allows secure access to internal services without directly exposing the services. SSH tunnels encrypt data transmission, increasing security.
Convenient debugging: During the development process, developers may need to access multiple services running on the development machine. Through port mapping, these services can be accessed directly from the local machine without having to log in to the development machine every time.
Bypass firewall or network restrictions: In some network environments, there may be firewalls or network restrictions that prevent direct access to services on the development machine. Through SSH tunneling, you can bypass these restrictions and access services.
Multi-user access: If multiple developers need to access the same service, port mapping allows each developer to access the service in their own local environment without having to log in directly to the development machine.
for example:
Assume that you have a Jupyter Notebook server running on your development machine, which listens on port 7860, but only allows local access. You can use the following SSH command to map port 7860 of the development machine to port 7860 of your local machine:
ssh -p 37367 [email protected] -CNg -L 7860:127.0.0.1:7860 -o StrictHostKeyChecking=no
You can then access it in your local browser http://127.0.0.1:7860 to view and use the Jupyter Notebook server on your development machine.
The development machine has its ownExposed PortsandPublic IP, which can be used for our local ssh connection
But in the development machine, which is the serverRun the programWhen the program is on the serverOn a portIn progress
So if we want to see the program running on the server locally, we need to establishPort Mapping, when the browser opens the local port, forward it to the server's port for viewing
ssh -p 37367 [email protected] -CNg -L {本地机器_PORT}:127.0.0.1:{开发机_PORT} -o StrictHostKeyChecking=no
For example:
ssh -p 37367 [email protected] -CNg -L 7860:127.0.0.1:7860 -o StrictHostKeyChecking=no
This command is used to create an SSH tunnel. Below is a detailed explanation of each part:
ssh: Command used to initiate an SSH connection.-p 37367: Specifies the port number of the remote host to connect to (port 37367 in this example).[email protected]: Username (root) and host name (ssh.intern-ai.org.cn).-CNg: A combination of options: -C: Enable compression.-N: Tell SSH not to execute remote commands, just do port forwarding.-g: Allow remote hosts to connect to the forwarded port.-L 7860:127.0.0.1:7860: Perform local port forwarding and map port 7860 of the local machine to port 7860 of 127.0.0.1 of the remote host.-o StrictHostKeyChecking=no: Disable host key checking, which prevents interactive prompts on first connection.In summary, this command will create an SSH tunnel between the local machine and the remote host, forward the local port 7860 to the remote host’s port 7860, and will not execute remote commands or check host keys.
As shown below:
After port mapping, the program running on port 7860 of the server is displayed.
I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.
