UPnP - Multiple Xbox One Gaming Consoles & NAT

[e38BimmerFN]

Ok, was just wondering if the Miniupnp implementation/IPTable change was on your fork as it is for Merlin is all. I presumed there would be differences seen on OEM and other 3rd party FW. I tested a RT-3100 with Merlin and OEM and this OPEN NAT issue isn't a problem on Merlin with two consoles running same game. It is on OEM FW.

 

[jrmwvu04]

According to some of the references previously posted, my take away is that it's defining characteristic is that it will accept UNSOLICITED packets, just like defining a manual port forward. Do you really want an application to have the ability to open a random port fully to the internet?

Isn’t some version of that why, many years ago (Windows XP days), conventional wisdom was that upnp was a security risk? I for sure remember tech websites in the early 00s suggesting upnp was dangerous.

 

[e38BimmerFN]

Most of that code was corrected in recent versions of uPnP core. Ive been using uPnp for a while now. No issues aside this multiple same game console issue seen in various Mfr routers and FW.

 

[Vexira]

Yes

EDIT: AFAIK, there are three things that can affect how the port forwarding will work....
- The SDK (and therfore the netfilter modules) for the router. In this case, each router that uses a different SDK MAY behave differently....an N66 may be different from an AC68 which may be different from an AC3200....
- The miniupnpd implementation. This should be the same across all of Merlin (and my fork), but may be different for ASUS firmware vs DD-WRT vs Tomato...
- The creation and ordering of the firewall rules, which again will be different depending on the firmware stream being used. In this case, even my fork is different from the latest Merlin.

EDIT2: Something to think about with respect to Full Cone NAT. According to some of the references previously posted, my take away is that it's defining characteristic is that it will accept UNSOLICITED packets, just like defining a manual port forward. Do you really want an application to have the ability to open a random port fully to the internet? In my mind, that's why game manufacturers need to move away from that as a requirement, and why most routers have already restricted that capability.

i personally wouldn't mind an option to choose between symmetric and full cone to see the difference, if only I could get it working. The only way to stop the problem is for game devs to have dedicated servers and get rid of the p2p system they use or give the games the ability to chose a different port if the first port doesn't work, but I guess they leave that up to router manufacturers to do, then again I don't understand why, manufactures of routers don't, by default enable some port redirection capabilities, like merlins fix, to solve the issue.

 

[e38BimmerFN]

I presume that most router mfrs design and decisions are based on the average home users. Users was quick and easy install and setup. Also there is no need for two different NAT kinds on routers in that regard. Putting something in that may not be used frequently may not be beneficial. The main issue is that if the console and game MFrs can make it work with any kind of NAT, then this would negate having different NAT kinds on routers as the console, upnp and port functions, we hope, will and should work with any kind of NAT that router Mfrs put in there HW.

As time goes on, I presume more and more router Mfrs will move away from Full cone to Symmetric as it's more secure than Full Cone and Port Address Restricted.

I'm very curious to see what this new MS port feature does with two or more consoles running same game.

 

[Jack Yaz]

I presume that most router mfrs design and decisions are based on the average home users. Users was quick and easy install and setup. Also there is no need for two different NAT kinds on routers in that regard. Putting something in that may not be used frequently may not be beneficial. The main issue is that if the console and game MFrs can make it work with any kind of NAT, then this would negate having different NAT kinds on routers as the console, upnp and port functions, we hope, will and should work with any kind of NAT that router Mfrs put in there HW.

As time goes on, I presume more and more router Mfrs will move away from Full cone to Symmetric as it's more secure than Full Cone and Port Address Restricted.

I'm very curious to see what this new MS port feature does with two or more consoles running same game.

Or once IPv6 is the default NAT will die at long last.

 

[e38BimmerFN]

Yes, that too. Once all ISPs support IPv6 natively with there customers.

 

[Vexira]

so if nat is gone in ipv6 how will games that use p2p networking handle eg cod, id assume they would still work aslong as their port is open?, i assume thats why ms is pushing for ipv6 on xbox since theres a medsage avout swtiching to ipv6 in the network test section, also the mention of a 4 to 6 tunnel.

 

[e38BimmerFN]

Not sure if Port usage is the same with IPv6...

 

[Vexira]

Good news Ip6 is the solution to nat issues.

 

[jrmwvu04]

Bad news is none of us will live to see it

 

[Vexira]

I doubt it

 

[ColinTaylor]

Good news Ip6 is the solution to nat issues.

Err, yes. Tell us something we didn't already know.

Have you done some sort of test that you're not telling us about?

 

[Vexira]

Err, yes. Tell us something we didn't already know.

Have you done some sort of test that you're not telling us about?

sort of dad

 

[Vexira]

in all serousness I was have a conversation with some one who has ipv6, he was telling me about getting open nat across 2 Xboxes, not all I need is to wait for my isp to seceded to switch or change isps to one that has it so I can verify it works, and he wasn't just confused, also I was trying to point it out to those who don't know.

 

[e38BimmerFN]

Well it will be achievable when ALL ISPs support native IPv6. Some of us don't have that luxury yet.

 

[e38BimmerFN]

two consoles and two same games?

in all serousness I was have a conversation with some one who has ipv6, he was telling me about getting open nat across 2 Xboxes, not all I need is to wait for my isp to seceded to switch or change isps to one that has it so I can verify it works, and he wasn't just confused, also I was trying to point it out to those who don't know.

 

[RMerlin]

With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.

 

[e38BimmerFN]

That will be nice when it arrives to my house.

With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.

 

[Vexira]

With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.

so would upnp still be needed, even on ipv 6?