UPnP - Multiple Xbox One Gaming Consoles & NAT

e38BimmerFN

Very Senior Member
Ok, was just wondering if the Miniupnp implementation/IPTable change was on your fork as it is for Merlin is all. I presumed there would be differences seen on OEM and other 3rd party FW. I tested a RT-3100 with Merlin and OEM and this OPEN NAT issue isn't a problem on Merlin with two consoles running same game. It is on OEM FW.
 

jrmwvu04

Very Senior Member
According to some of the references previously posted, my take away is that it's defining characteristic is that it will accept UNSOLICITED packets, just like defining a manual port forward. Do you really want an application to have the ability to open a random port fully to the internet?
Isn’t some version of that why, many years ago (Windows XP days), conventional wisdom was that upnp was a security risk? I for sure remember tech websites in the early 00s suggesting upnp was dangerous.
 

e38BimmerFN

Very Senior Member
Most of that code was corrected in recent versions of uPnP core. Ive been using uPnp for a while now. No issues aside this multiple same game console issue seen in various Mfr routers and FW.
 

Vexira

Part of the Furniture
Yes

EDIT: AFAIK, there are three things that can affect how the port forwarding will work....
- The SDK (and therfore the netfilter modules) for the router. In this case, each router that uses a different SDK MAY behave differently....an N66 may be different from an AC68 which may be different from an AC3200....
- The miniupnpd implementation. This should be the same across all of Merlin (and my fork), but may be different for ASUS firmware vs DD-WRT vs Tomato...
- The creation and ordering of the firewall rules, which again will be different depending on the firmware stream being used. In this case, even my fork is different from the latest Merlin.

EDIT2: Something to think about with respect to Full Cone NAT. According to some of the references previously posted, my take away is that it's defining characteristic is that it will accept UNSOLICITED packets, just like defining a manual port forward. Do you really want an application to have the ability to open a random port fully to the internet? In my mind, that's why game manufacturers need to move away from that as a requirement, and why most routers have already restricted that capability.
i personally wouldn't mind an option to choose between symmetric and full cone to see the difference, if only I could get it working. The only way to stop the problem is for game devs to have dedicated servers and get rid of the p2p system they use or give the games the ability to chose a different port if the first port doesn't work, but I guess they leave that up to router manufacturers to do, then again I don't understand why, manufactures of routers don't, by default enable some port redirection capabilities, like merlins fix, to solve the issue.
 

e38BimmerFN

Very Senior Member
I presume that most router mfrs design and decisions are based on the average home users. Users was quick and easy install and setup. Also there is no need for two different NAT kinds on routers in that regard. Putting something in that may not be used frequently may not be beneficial. The main issue is that if the console and game MFrs can make it work with any kind of NAT, then this would negate having different NAT kinds on routers as the console, upnp and port functions, we hope, will and should work with any kind of NAT that router Mfrs put in there HW.

As time goes on, I presume more and more router Mfrs will move away from Full cone to Symmetric as it's more secure than Full Cone and Port Address Restricted.

I'm very curious to see what this new MS port feature does with two or more consoles running same game.
 

Jack Yaz

Part of the Furniture
I presume that most router mfrs design and decisions are based on the average home users. Users was quick and easy install and setup. Also there is no need for two different NAT kinds on routers in that regard. Putting something in that may not be used frequently may not be beneficial. The main issue is that if the console and game MFrs can make it work with any kind of NAT, then this would negate having different NAT kinds on routers as the console, upnp and port functions, we hope, will and should work with any kind of NAT that router Mfrs put in there HW.

As time goes on, I presume more and more router Mfrs will move away from Full cone to Symmetric as it's more secure than Full Cone and Port Address Restricted.

I'm very curious to see what this new MS port feature does with two or more consoles running same game.
Or once IPv6 is the default NAT will die at long last.
 

e38BimmerFN

Very Senior Member
Yes, that too. Once all ISPs support IPv6 natively with there customers. :oops:
 

Vexira

Part of the Furniture
so if nat is gone in ipv6 how will games that use p2p networking handle eg cod, id assume they would still work aslong as their port is open?, i assume thats why ms is pushing for ipv6 on xbox since theres a medsage avout swtiching to ipv6 in the network test section, also the mention of a 4 to 6 tunnel.
 

e38BimmerFN

Very Senior Member
Not sure if Port usage is the same with IPv6...
 

Vexira

Part of the Furniture
Good news Ip6 is the solution to nat issues.
 

ColinTaylor

Part of the Furniture
Good news Ip6 is the solution to nat issues.
Err, yes. Tell us something we didn't already know. :confused:

Have you done some sort of test that you're not telling us about?
 

Vexira

Part of the Furniture
in all serousness I was have a conversation with some one who has ipv6, he was telling me about getting open nat across 2 Xboxes, not all I need is to wait for my isp to seceded to switch or change isps to one that has it so I can verify it works, and he wasn't just confused, also I was trying to point it out to those who don't know.
 

e38BimmerFN

Very Senior Member
Well it will be achievable when ALL ISPs support native IPv6. Some of us don't have that luxury yet. :oops:
 

e38BimmerFN

Very Senior Member
two consoles and two same games?

in all serousness I was have a conversation with some one who has ipv6, he was telling me about getting open nat across 2 Xboxes, not all I need is to wait for my isp to seceded to switch or change isps to one that has it so I can verify it works, and he wasn't just confused, also I was trying to point it out to those who don't know.
 

RMerlin

Asuswrt-Merlin dev
With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.
 

e38BimmerFN

Very Senior Member
That will be nice when it arrives to my house. ;)

With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.
 

Vexira

Part of the Furniture
With IPv6, every device on your network gets its own public Internet IP address. So yes, you'd be able to even have hundreds of consoles, and all would get complete open access provided everyone involved has IPv6.

In fact, there isn't even any NAT there, with IPv6, it's all pure, direct routing.
so would upnp still be needed, even on ipv 6?
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top