2

I am having trouble understanding how ports work.

What I tried to do: I wanted to check if a particular port was open on my laptop. The port that i chose to check was the port used by bittorrent client for incoming connections. Let's say the port used by my bittorrent was 51346. I went to canyouseeme.org to check if that port was open. It showed an error.

Here is when the confusion started.

My bittorrent client is using the port without any issues. It was receiving data which means it must have been listening on that port. So, no firewall issues here. But why does cannyouseeme.org show me an error. I did check with other open port checker tools online. All show me the same error.

So, where am i going wrong? Why is it that I am not able to check if the port was open?

Extra Info (You can skip this if you want)

This is not the first time I am messing around with ports. I first tried to setup a public web server on my laptop with little luck. I had faced the same problem. I was running the server on port 80. But to the outside world, that port was closed. My idea was to access the web server with my public ip address. I tried it on a different port, didn't work. I setup port forwarding, still couldn't access the web server. Disabled windows firewall, didn't work. Initially I thought somehow my ISP is blocking all the ports which sounds ridiculous. I eventually gave up on trying to setup a public web server. Then I had to change my ISP and again gave the public web server idea a shot. Again failed. I still have no idea where I cam going wrong.

My current knowledge on how it all works: Any computer can access any other computer on the internet using the IP address. DNS only comes into the picture to translate the host name into an IP address. So, technically I should be able to access a web server setup on my laptop using my public IP address. But wasn't able to.

If you read till the end, thank you. Please correct me if my understanding of networks is flawed anywhere.

Edit: I am using Windows 10. But tried it with Windows 8.1 as well.

Improve this question
22
  • On your laptop, the port can be listening, but what address is it bound to?For example,you can have a port listening on 192.168.0.2:80. In this case a client that can access your computer with the above IP address can connect to the port providing port 80 is open from a firewall perspective. Port 80 could be listening on just 127.0.0.1:80. In this case only processes on the local computer can connect to it. It could be listening on all interfaces, i.e. 0.0.0.0:80? I would start by understanding locally what interface the port is listening on. netstat -ano > net.txt would be a good start.
    – HelpingHand
    Commented Jun 20, 2018 at 18:42
  • ...If it's on an external interface on your computer, port forwarding from your router to it should work but then your IP on your laptop could change if you're getting an IP from your router by DHCP. Was it setup as static on your computer as I'm sure the port forwarding rule would have been to a static IP.
    – HelpingHand
    Commented Jun 20, 2018 at 18:43
  • @HelpingHand TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1032 TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 TCP 0.0.0.0:1536 0.0.0.0:0 LISTENING 692 The netstat cmd did help. So if I am getting this right, the applications listening on above ports are bound to all IP address and not just the localhost. So, I should be able to check online if my port is open and it shouldn't give an error right?
    – Yashas
    Commented Jun 20, 2018 at 18:51
  • Yes, I have configured a static private IP address in my router settings.
    – Yashas
    Commented Jun 20, 2018 at 18:54
  • That tells me that port 135 is listening on all interfaces and the PID of the process listening is 1032, this is going to be the svchost.exe process that hosts the RPC endpoint Mapper. 445 is listening on all interfaces and the PID is 4 which is the Sytem process - this is file and print sharing/SMB. Port 1536 is listening the PID is 692. No idea what that is, what is PID 692? Just because, they are locally open, doesn't expose the ports to the internet which is a good thing. You'd have to port forward the ports to your computer from the router.
    – HelpingHand
    Commented Jun 20, 2018 at 19:03

1 Answer 1

Reset to default
2

You have confirmed that you are behind Carrier Grade NAT.

This is confirmed by the fact that you have a class-A private address as your routers WAN address. But when checked by canyouseeme.org you see a public address. (The address that is doing NAT/Masquerading)

Contact the ISP to see if you can obtain a public IP number. They are the only ones that can help you in this situation. Another option would be looking for another carrier.

Regards,

Improve this answer
6
  • That makes sense. But I have a doubt. I found this simple static web server called fenix server. It makes your local development publicly accessible by assigning it a temporary domain name on localtunnel which essentially points to your IP address. How come this works if I am behind a CGN?
    – Yashas
    Commented Jun 21, 2018 at 18:41
  • Erm, execpt for it doesn't actually point to your address. You are creating a outbound connection, (the ssh tunnel) tunnel.me which is on a FQDN webserver that is using the ssh tunnel to reach your Fenix instance. Don't be confused by this, it's a service for people who don't know how to port-forward, or people in your situation that do not have a public IP. This can be verified by doing a whois lookup on the domain name address it gives you. It's pretty well explained in this video. youtu.be/liYneTTtYhM
    – Tim_Stewart
    Commented Jun 21, 2018 at 18:54
  • 1
    I kinda get it. But I am unfamiliar with SSH tunnels and how the tunnel is used to reach the fenix instance on my laptop. If you know any resources that explain these concepts, please do share. Thanks a lot for you help!
    – Yashas
    Commented Jun 21, 2018 at 19:10
  • Absolutely, I have heard it called reverse ssh tunneling before. I'm sure you could find plenty of reading material on Google for bidirectional ssh tunneling. Here is a pretty good answer on the subject. unix.stackexchange.com/questions/46235/…
    – Tim_Stewart
    Commented Jun 21, 2018 at 19:15
  • 1
    Oh, I didn't know about aws tier 1. It's amazing. It'll help a lot in learning. Thanks for letting me know. Networking is pretty awesome. I am still pretty psyched about Reverse SSH tunneling.
    – Yashas
    Commented Jun 22, 2018 at 12:42

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .