UPnP - Multiple Xbox One Gaming Consoles & NAT

RMerlin

Asuswrt-Merlin dev
so would upnp still be needed, even on ipv 6?

UPnP/NAT-PMP, no. PCP, perhaps. PCP provides IPv6 support to open pinholes in your firewall when requested by clients, to allow traffic in.
 

Vexira

Part of the Furniture
UPnP/NAT-PMP, no. PCP, perhaps. PCP provides IPv6 support to open pinholes in your firewall when requested by clients, to allow traffic in.
so how does the router then handle devices and applications that rely on upnp?
 

RMerlin

Asuswrt-Merlin dev
so how does the router then handle devices and applications that rely on upnp?

Rely on UPnP to do what? If they have their own unique public IP, then they don't rely on UPnP - they simply don't need it.
 

Vexira

Part of the Furniture
Rely on UPnP to do what? If they have their own unique public IP, then they don't rely on UPnP - they simply don't need it.
ahh so its equivalent to dmz, sorry eas trying to wrap my head around it in the absence of nat, because its a straigh public ip its no longer need a puch though method.
 

e38BimmerFN

Very Senior Member
Wanted to update everyone. My roommates xbox one received an system update day before yesterday. He noticed the dash board had some changes on it. Of course, not to his liking. I asked him to show me the networking section. Low and behold under Advanced Networking is the new Port feature. We only saw virtual ports listed here and not any 3074 ranged ports. I presumed my xbox was not going to see an update however I checked to be sure. Not updated. As soon as I get some time, I'll test to see if this new feature helps with Moderate NAT with some Port Address Restricted NAT kind routers that I have. Not sure if this feature needs to be on just one console or two or more. Will see.
 

strangeluck

Regular Contributor
Wanted to update everyone. My roommates xbox one received an system update day before yesterday. He noticed the dash board had some changes on it. Of course, not to his liking. I asked him to show me the networking section. Low and behold under Advanced Networking is the new Port feature. We only saw virtual ports listed here and not any 3074 ranged ports. I presumed my xbox was not going to see an update however I checked to be sure. Not updated. As soon as I get some time, I'll test to see if this new feature helps with Moderate NAT with some Port Address Restricted NAT kind routers that I have. Not sure if this feature needs to be on just one console or two or more. Will see.

In theory it should only have to be on the second console, not both. The console running the older os version will use the default port, while consoles with the update can select an alternate port from the new dropdown in settings.
 

e38BimmerFN

Very Senior Member
Lets hope so. I presume since this feature is coming to all next month that they will some how be handling two or more consoles and port detection when two or more consoles are online with Port Address Restricted or Symmetric NAT kind routers. I have a full cone NAT router online now however will be putting on a Port Address Restricted NAT router for this test.
 

jrmwvu04

Very Senior Member
The benefit to this change is being able to specify the alternate port in the 50000-60000 range that Xbox live will use. That would be useful for manual port forwarding. Hopefully they also change the current behavior where the Xbox doesn’t properly renegotiate the upnp leases. If you have and are using functional upnp on your router (as in johns fork), this change isn’t going to make much of a difference. If you use manual port forwarding, it’ll certainly help. This change only affects system level Xbox live connections, though, not specific games that do their own port manipulation.
 

e38BimmerFN

Very Senior Member
This also effects non ASUS routers and ASUS routers whom some users might not be using Merlin Or Johns FW and rather OEM FW. Merlin and Johns FW have already been modified to handle NAT issues on ASUS routers.

We are hoping that with what MS mentioned about on a reddit forum that there was supposed to be some under the hood changes to uPnP so we are hoping that with this new feature and upnp that the new changes are coming into effect and thus port forwarding will not be needed as in most cases, PF is not needed when using uPnP. My testing is all based on uPnP and NAT handling of two or more game consoles running same game and achieving OPEN NAT across the board and behaviro results seen with Port Address Restricted and Symmetric NAT kind routers.
 

jrmwvu04

Very Senior Member
This also effects non ASUS routers and ASUS routers whom some users might not be using Merlin Or Johns FW and rather OEM FW. Merlin and Johns FW have already been modified to handle NAT issues on ASUS routers.
That’s true, but this thread is on an Asuswrt-Merlin board.
We are hoping that with what MS mentioned about on a reddit forum that there was supposed to be some under the hood changes to uPnP so we are hoping that with this new feature and upnp that the new changes are coming into effect and thus port forwarding will not be needed as in most cases, PF is not needed when using uPnP. My testing is all based on uPnP and NAT handling of two or more game consoles running same game and achieving OPEN NAT across the board and behaviro results seen with Port Address Restricted and Symmetric NAT kind routers.
I can’t imagine any of that will change just because you can choose the Xbox live port. I’d be happy to be wrong, but if you’re hoping for this update to be a magic bullet fix, all I’m saying is don’t hold your breath.
 

e38BimmerFN

Very Senior Member
True however the thread topic is about OPEN NAT on multiple consoles. So it does effect more than just ASUS routers. Also since Merlin FW has fixed and is a alternative solution, it's not a big issue for that FW or Johns Fork FW. Where OEM FW it is.

With what MS purports in the under the hood changes, we would presume that maybe they are now allowing ports to be changed on two or more game consoles to work with uPnP and XBL. Before this was not available. We do have hopes of this helping, however we will see if this helps with two or more game consoles running same game on routers with Port Restricted or Symmetric NAT. If there PORT feature helps with IPv4 and uPnP with routers handling Port Address Restricted or Symmetric NAT, then this might close this chapter. Again this is only for these configurations. IPv6 we hope will not appear to have any of these issue as others have already mentioned.

Again, this is only for these NAT kinds on any router using it. This isn't an issue with routers deployed with FULL CONE NAT.

Test results will be posted here:
http://badmodems.com/Forum/viewtopic.php?f=6&t=21
 

e38BimmerFN

Very Senior Member

Vexira

Part of the Furniture
odd try enabling the multicast settings under iptv leave proxy at 0.
 

e38BimmerFN

Very Senior Member
This would be on a non Merlin ASUS router. Should have mentioned that. Sorry. :(
 

e38BimmerFN

Very Senior Member
Last Merlin FW was 380.68 if I remember. Wasn't any of the _# versions
 

e38BimmerFN

Very Senior Member
As far as I'm concerned, this isn't a problem any more for ASUS routers as along as you use Merlin FW. From what I'm seeing with other router Mfrs, on some older and newer routers, if NAT Filtering UI is a option, i.e. older model routers, and you can set OPEN or Endpoint Independent in the OEM FW UI, this will change the NAT kind from Port Address Restrict NAT to FULL CONE NAT which will and should help attain OPEN NAT for two or more same game consoles. I have older D-Link routers and a newer NetGear R7800. These have NAT Filter features which seem to help. However going forward, for D-Link, they removed the NAT Filter feature in more recent versions of FW thus limiting the NAT kind to only Port Address Restricted. Newer generation routers don't even have NAT Filters features anymore and are not hard coded PAR or Symmetric NAT. From what I'm told, router MFrs are wanting to go to and maintain PAR or Symmetric NAT kinds since they are more secure than FULL CONE NAT. I presume it would be up to router Mfrs to allow end users to switch between them which I see that NG OEM FW still seems to do. D-Link as removed this UI feature in all of there newer generation routers. So until IPv6 becomes more come place, users with two or more same game consoles should look into Mfr routers that support either FULL CONE NAT or have the flexibility with NAT FILTER UI Features that can configure the router for FULL CONE NAT when two or more same game consoles/PC are being used and connected. And again, all of this doesn't apply for single game console/PC users.

Hopefully maybe going forward, that game Mfrs will be more aware of this issue and help out in there development as well. :rolleyes: Seems that some Multi-Player games when two or more game consoles are running the same game need FULL CONE NAT routers to be able to achieve OPEN NAT across the board.

I suggest that anyone with two or more review tested models over on badmodems.com.
http://badmodems.com/Forum/viewtopic.php?f=6&t=21
Yes ALL ASUS routers that support and are loaded with Merlin FW will be good ones to use. Be careful, some ASUS routers don't support Merlin, yet. o_O
 
Last edited:

Vexira

Part of the Furniture
The problem here is people not fully understanding what these reports actually mean. Having NAT2/Moderate is not a bad thing, it's actually what you should be having. Getting NAT1/Open means your gaming console is not being NAT'ed at all, which is a bad thing, your router/firewall is essentially exposing your consoles IP directly on the WAN interface without any kind of security at all.

Why on earth would you ever need to have your gaming consoles IP fully exposed on the Internet? Online gaming has been going on for years, and pretty much all home networks due to the limitation of IPv4 have always used NAT translation to translate your single public IP address into several local IP addresses. Regular port forwarding is perfectly fine for all other online gaming, why should it be any different for a gaming console?

And it should be completely impossible to have two Xbox One's reporting Open NAT on the same network. As you most likely only have one public IP going into your home network, how would you be able to give two consoles their own fully exposed IP when your entire network only has one public IP to begin with?
its not impossible all that needed to be fixed was a port conflict, where both consoles requested the same port number, one got it the other got mistranslated to the wrong external port not one in the correct port range but merlin fixed that I do wish the fix will be ported to stock firmware.
 

e38BimmerFN

Very Senior Member
Also believe that the game mfrs need to step up and help fix there part of the problem. MS has stepped up and since router mfrs are moving away from FULL CONE NAT support and going to more secure Port Address Restricted and Symmetric NAT kinds and not going backwards, the game Mfrs needs to start testing there games with these NAT kinds with two or more same games running. Were seeing more and more house holds with two or more same games being played under one roof. Would be nice of the intended game was better designed for these multiple game configurations and port handling abilities.

Hopefully with the advent of IPv6 and it becoming more prominent, this gaming NAT issue will go away. Time will tell.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top