Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Basics

Dynamic ("Triggered") Mapping

Sometimes called "Special Applications", this feature attempts to bypass the "one map per IP" limitation of static port mapping. You typically set up a port mapping as you would for a static mapping, but then specify a "trigger" port (and sometimes, protocol). The router then watches the outbound data stream, i.e. data from computers on your LAN headed to the Internet, for the trigger criteria.

When it sees the trigger, it remembers the IP address of the computer that sent the trigger data. When data that matches the trigger request tries to come back into your LAN, the mapping that the trigger is tied to is enabled, and the data is allowed through the firewall. The router then disables the mapping as soon as the transfer is finished so that another computer can use the same mapping. This gives the illusion of multiple computers simultaneously using the same mapping, but, of course, only one computer can use the mapping at a time.

NOTE: Since the trigger event must come from a computer on the LAN, triggered maps can't be used to allow access to multiple servers on your LAN that use the same port. So if you're running two webservers, you'll still need to set up static mappings for two different ports, and configure the webservers accordingly.

NOTE: Triggered maps are best used for quick data requests / transfers because it depends on the mapping being available when another computer triggers it. If you have an application that uses a continuous data stream (i.e. streaming audio or video, Internet phones, etc.), that ties up a port for a long time, a triggered map isn't going to help you.

UPnP

Universal Plug and Play is a feature that router manufacturers were pretty much forced into by Microsoft. As a result, it has taken a long time for it to be implemented in a large number of routers and the features that are implemented vary widely. One of UPnP's key tricks is its NAT Traversal feature, which automatically opens ports in a UPnP-enabled router's firewall for applications that know how to speak UPnP.

My main objection to this "feature" is that it opens these ports without either asking the user's permission or even providing an indication that it has done so. Since NAT Traversal depends on the application that requests the ports to be opened to also request that they be closed, it's possible for the ports to be left open if the application crashes or otherwise abnormally exits before issuing the request.

Fortunately, NAT Traversal didn't catch on much outside of Microsoft and as a result only Microsoft Messenger, Remote Assistance and Remote Desktop know how to automatically open ports on UPnP-equipped routers. My advice is to find the control on your router and disable UPnP if you don't use these applications.

DMZ ("Exposed Server")

This is the ability to virtually place one computer outside your router's firewall. Note that we say "virtually" because the target machine is still physically connected to the LAN side of your router. What this option actually does is map ALL ports through to the IP address that you specify.

When a computer is placed in DMZ, however, it is for all intents and purposes, directly exposed to the Internet. So make sure that any computer placed in DMZ is running up-to-date antivirus software and has no sensitive data on it.

Because DMZ depends on the router's firmware to do the job, you can have problems with some routers that have buggy implementations of this feature and still not be able to use a desired application even if you place the target computer in "DMZ".

Mapped Server "Loopback"

If you have forwarded or mapped servers on your router's LAN side, you would normally reach them by using the private IP address assigned to the computer that the server is running on if your computer were also on the LAN side of the router. On the other hand, users on the WAN side of the router would reach the server via the router's WAN IP address.

"Loopback" is the ability for LAN-side users to reach a forwarded server via the router's WAN IP address (or assigned Domain Name if it has one and the proper DNS services are in place). This is a desirable feature that allows users on the same LAN subnet as the server don't have to hassle with remembering special addresses and can reach a server just like anyone else does. Manufacturers typically don't specify whether loopback is supported, so do some Googling before you buy if you really need this feature.

More Basics

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

So if we held a contest for the dumbest, least important question asked on these wonderful forums, this one has to be at least a contender. It is pure...
Hi everybodyI am new to here and need help to get the latest Wireguard ipk version for Asus rt-ac86u.Somebody wrote that I could get the latest versio...
I've just picked up a pair of XT8s and have updated them to the latest firmware (3.0.0.4.386_25790). I was surprised to find that my devices were usin...
Update 2020/10/22 (9.0.0.4.386.40577)386 rc2-7 - Google Drive drive.google.com This version includes 18 models:ZenWiFi: XT8(RT-AX95Q), XD4(R...
Hello,I have a new dual-band RT-AC86U for only one month and I use it in "router" mode. Before that, I used a one band (2.4GHZ) wireless AP. The route...

Don't Miss These

  • 1
  • 2
  • 3