Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

UPnP - Multiple Xbox One Gaming Consoles & NAT

Discussion in 'Asuswrt-Merlin' started by BiggShooter, Oct 21, 2016.

  1. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Interesting. I've seen this port restricted cone nat before on other older routers. They also had a EndPoint Independent selection as well. I recently tested this and from what my results are, any port restricted or address restricted causes Moderate NAT in game on the 2nd console. When Endpoint Independent is selected, we see OPEN NAT in game on the 2nd console.

     
  2. Vexira

    Vexira Senior Member

    Joined:
    Jan 20, 2017
    Messages:
    476
    Location:
    Australia
    Yep that's the issue right there, but what baffles me, is that cod gets open nat on both PC's after Merlins fix that involves masquerade rules, but nat is not picked up as symmetric or full cone I wonder if it's possible change it to symmetric NAT via IP tables, looks like I have to ask miniupnp dev mabye he knows more.
     
  3. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
  4. Vexira

    Vexira Senior Member

    Joined:
    Jan 20, 2017
    Messages:
    476
    Location:
    Australia
    So it a combination of port restricted and address restricted cone NAT. Not quite full cone not quite symmetric.

    (Address)-restricted-cone NAT
    • Once an internal address (iAddr:iPort) is mapped to an external address (eAddr:ePort), any packets from iAddr:iPort are sent through eAddr:ePort.
    • An external host (hAddr:any) can send packets to iAddr:iPort by sending packets to eAddr:ePort only if iAddr:iPort has previously sent a packet to hAddr:any. "Any" means the port number doesn't matter.
    Port-restricted cone NAT

    Like an address restricted cone NAT, but the restriction includes port numbers.

    • Once an internal address (iAddr:iPort) is mapped to an external address (eAddr:ePort), any packets from iAddr:iPort are sent through eAddr:ePort.
    • An external host (hAddr:hPort) can send packets to iAddr:iPort by sending packets to eAddr:ePort only if iAddr:iPort has previously sent a packet to hAddr:hPort.
     
  5. Vexira

    Vexira Senior Member

    Joined:
    Jan 20, 2017
    Messages:
    476
    Location:
    Australia
    Merlin said that in that router it's most likely a black box or closed source, impmentation.
    Also do you have any pc games with rockstar social club like gta v I'd be interested in what nat reading it gives also battle born, and mw3 spec ops, my r8000 used to have open nat in gta.
     
  6. Vexira

    Vexira Senior Member

    Joined:
    Jan 20, 2017
    Messages:
    476
    Location:
    Australia
    I'll try ip tables again tomorrow to see if it works.
     
  7. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Yes, these are the same nat features I see on older D-Link routers. They had all three selectable features...They started removing them around the 2011/12 time frame. The feature was still in the FW however the user selections were hidden in the UI. This feature is no longer in there newer generation models.

     
  8. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Seems to be FULL CONE NAT on the R7800.

    At any rate, nice tool to find what router is using for NAT kind. I'll start using this and put the GT-5300 back online later today and start collecting data. This is good stuff. Just what we needed.

     
  9. Vexira

    Vexira Senior Member

    Joined:
    Jan 20, 2017
    Messages:
    476
    Location:
    Australia
    Open or secure nat filtering on the netgear, I think it's a switch between full cone and symmetric
     
  10. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    I presume so. All I do know is that this model router doesn't have problems with two consoles and getting OPEN NAT on both in game. I've posted this link else where and have asked a couple of people I know to check there routers. Will be interesting too see results from various Mfrs and models. I'll check the GT later on today. I can't do any testing right now as others are using the internet.
     
    Last edited: Aug 11, 2017
  11. sm00thpapa

    sm00thpapa Very Senior Member

    Joined:
    Nov 24, 2012
    Messages:
    1,667
    • NAT Type 1 (Open) – You are either NOT behind a router/firewall OR you have already DMZ enabled. You shouldn’t run into any issues whilst gaming, but this may cause security issues.
    • NAT Type 2 (Moderate) –Your PS3/PS4 is connected properly and you shouldn’t run into any issues.
    • NAT Type 3 (Strict) – You may be able to connect to the PSN and perform downloads/updates other functions may not work as intended.
    Found that on a gaming site. The best I can get is NAT Type 2 which is secure and Open. I have never seen any PS4 owner get NAT Type 1.
     
  12. RMerlin

    RMerlin Part of the Furniture

    Joined:
    Apr 14, 2012
    Messages:
    23,539
    Location:
    Canada
    The GT NAT will be 100% identical to any other Broadcom-based Asus router - it's the exact same NAT code.

    I know for a fact that the R7800 uses proprietary NAT code, it's not just speculation:

    Code:
    [email protected]:~/netgear$ find R7800-V1.0.2.32_gpl_src/ -name ipt_CONENAT.ko
    R7800-V1.0.2.32_gpl_src/git_home/kmod-conenat.git/ipt_CONENAT.ko
    
    Again, you guys are just putting far too much emphasis on the NAT type... And you need to look at the more important fact that Full Cone NAT *IS* a security risk versus more restrictive NAT types. It pretty much nullifies part of what an SPI firewall does.

    Security should be far more important than having two consoles report a magical open NAT mode. If games need that security issue to work properly, then the game code is broken, and needs fixing.
     
    FreshJR, sm00thpapa and john9527 like this.
  13. sm00thpapa

    sm00thpapa Very Senior Member

    Joined:
    Nov 24, 2012
    Messages:
    1,667
    Merlin has a good pint. Security is most important. I think there are more important things in life than having an Open NAT. :)
     
    BiggShooter likes this.
  14. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Unless our PS is directly connected to the ISP Modem, you won't see NAT1 while behind a router...

     
  15. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    I agree security is important. However NAT is import for gaming as well. This is about gaming and when it comes to multiple game consoles playing online and using game game, it's very important for OPEN NAT to be achieved. Yes Moderate NAT may work ok for some, however I have personally had bad experiences when Moderate NAT is seen in game with group chat and connecting to gaming lobbies. I see much less issues with both consoles are getting OPEN NAT.

    I maybe putting some emphasis on NAT however I'm trying to narrow down where the problem is coming from. And this is what I'm seeing in my testing. Both old and newer generation routers and these games. I do hope that even if the problem isn't actual NAT, I want to bring this to light and get everyone involved to get it fixed. Regardless of where the problem is. Its not just about getting what we have currently fixed right now, however coming up with some work rounds for those effected would be nice.

    We call know theres more to life then OPEN NAT and all this other stuff. However non the less, nothing wrong in OPEN NAT either for those who want it.

    Some of this points to testing I believe with the gaming services, that may or may not have done any mutltiple game environments. I presume maybe if this had been tested years ago, possible that all of this wouldn't be a factor. However since MS has mentioned that a new network PORT feature is being added to the Xbox1, I presume maybe MS has finally started some multiple gaming console test. We'll see.
     
    Last edited: Aug 11, 2017
  16. RamGuy

    RamGuy Regular Contributor

    Joined:
    Aug 6, 2008
    Messages:
    186
    The problem here is people not fully understanding what these reports actually mean. Having NAT2/Moderate is not a bad thing, it's actually what you should be having. Getting NAT1/Open means your gaming console is not being NAT'ed at all, which is a bad thing, your router/firewall is essentially exposing your consoles IP directly on the WAN interface without any kind of security at all.

    Why on earth would you ever need to have your gaming consoles IP fully exposed on the Internet? Online gaming has been going on for years, and pretty much all home networks due to the limitation of IPv4 have always used NAT translation to translate your single public IP address into several local IP addresses. Regular port forwarding is perfectly fine for all other online gaming, why should it be any different for a gaming console?

    And it should be completely impossible to have two Xbox One's reporting Open NAT on the same network. As you most likely only have one public IP going into your home network, how would you be able to give two consoles their own fully exposed IP when your entire network only has one public IP to begin with?
     
    FreshJR likes this.
  17. sm00thpapa

    sm00thpapa Very Senior Member

    Joined:
    Nov 24, 2012
    Messages:
    1,667
    I have 4 consoles going on in my house constantly and we all have Open NAT.
     
  18. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Users need to remember there are different meanings on gaming NAT types. SONY and MS differs.

    However history, at least for me and others say that it is possible to have two or more game consoles online and at least, on the networking dashboard of xboes, we see OPEN NAT. Symmetric or FULL CONE. I have tested two and three consoles where we get OPEN NAT IN GAME on all consoles when using FULL CONE NAT routers. So this has been possible and I believe it is still possible if those that be take a closer look at Symmetric NAT, Game code , uPnP and all thats involved for gamers with two or more game consoles running, especially for same game being played on all of them at the same time.

    I presume if that what MS/Sony and game dev's intended, and of course this is what we have been experiencing on those routers that seem to give this support to more than just one console, then I presume all consoles should be OPEN NAT, even with same game running. This is what I've been testing and put in that badmodems post with all the various routers i've tested and also find differences in NAT kinds on each model tested..seems to play a role in all of this. I presume gaming standards are what needs to be really looked at and those that be, need to figure this out....

    Did you not see the MS new feature post that maybe coming out?
     
    Last edited: Aug 12, 2017
  19. strangeluck

    strangeluck Occasional Visitor

    Joined:
    Aug 11, 2015
    Messages:
    15
    It's not maybe, the feature is already available to members of the insider program. I have the feature on my console right this moment, however I only have one console so I can't test its effectiveness.
     
  20. e38BimmerFN

    e38BimmerFN Senior Member

    Joined:
    May 25, 2012
    Messages:
    279
    Location:
    USA
    Reason why I said maybe is that its not been released and ya, only to the preview program. I have one console that got an update the other day however I didn't see the feature in there. :oops:


    Ya single game consoles are really effected.

     

Share This Page