This is explained in SSH manual, especially the differences between -R and -L.
-R [bind_address:]port:host:hostport
Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side.
This works by allocating a socket to listen to
porton the remote side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made tohostporthostportfrom the local machine.
-L [bind_address:]port:host:hostport
Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.
This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address.
Whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to
hostporthostportfrom the remote machine.
The following example tunnels an IRC session from client machine 127.0.0.1 (localhost) using port 1234 to remote server server.example.com:
$ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
Note: The -f option backgrounds ssh and the remote command sleep 10 is specified to allow an amount of time to start the service which is to be tunnelled.
And finally -N:
-N- Do not execute a remote command. This is useful for just forwarding ports.
Source of the above illustrations: An illustrated guide, tutorial, how-to, on ssh tunneling.