UPnP - Multiple Xbox One Gaming Consoles & NAT

e38BimmerFN

Very Senior Member
Well I presume there is some differences in design and handling between the router Mfrs and FW. I know that at least with older D-Link routers, I can get OPEN NAT across the board with 3 XB1s. I had a hard time getting a Linksys configured with two XB1s. Of course. I can't re-test as I'm the only xbox users now. :( Got a R7800 now and works well for single gamer. :)
 

Vexira

Part of the Furniture
There's very little the router can do to influence the behaviour of a game. It's more or less limited to accepting or rejecting port mapping requests, and providing status updates. The only things UPnP can be configured for is allowed port ranges, secure mode and timeout values. Of course, all this assumes that there aren't any bugs in the software.;)
Upnp can redirect another port to the client, my issue is that upnp keeps trying to do port translation, by giving the game an internal port of 27017 and a different external port, I've seen it in the logs. I don't know why it doent throw a different port number in the 27014-27050 range. Both internal and external or try to use a port in that range for the external I'm sure it will work
 

Vexira

Part of the Furniture
Would see to be a Merlin FW issue maybe reviewing your linked thread. Bonez is using OEM FW I believe. uPnP is enabled by default. Though how it's designed and implemented in OEM fw is another issue. Most of the issue is the handling of two or more gaming consoles connected to the router and how uPnP is handling the ports needed since the gamin gaming port can only be used for one console, a virtual port needs to be set up. This is one issue that uPnP may have problems with along with how game consoles are handling the ports and uPnP as well. We see it where if we disconnect the networking adapter on the console then re-enable it, the NAT status seems to go from Strict or Moderate to Open. So there seems to be some various factors here between the router and consoles that play a role in attaining OPEN nat correctly. Regardless of OEM FW or 3rd Party
The issue exists in the Asus - with as well I asked them about a fix a few firmwares back and they said they would look into it.
 

RMerlin

Asuswrt-Merlin dev
The issue exists in the Asus - with as well I asked them about a fix a few firmwares back and they said they would look into it.

If the issue is with miniupnpd, then this is something that its author will have to look into. Asuswrt merely sets up the daemon, the actual work is done by it.
 

Vexira

Part of the Furniture
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1707
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1823&start=45
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820
What i could find on the matter the third link is intresting there may be a possible fix in that link on the last post by andy f, mini upnp dev belives the fix is in the last link worth a read.
it seems that a rule needs to be applied.
It also seems that port triggering is not working in my 88u or I'm not doing it proper
 
Last edited:

e38BimmerFN

Very Senior Member
As a suggestion, if you wanting PC and game console operation to work well and while you will seem to be waiting on this issue to be fixed. You might check out a used DIR-857, DIR-827, DIR-655 Rev B or a DGL-4500 and you'll get OPEN NAT on more than just one game console. Not trying to take away from Asus, just while your waiting on a fix for ASUS FW and Merlin FW. I've tested on DIR-655 with 3 XB1s and everything was OPEN NAT. You can find these cheap on amazon or fleabay. ;) I hope this can and will be fixed. Yes this seems to be a uPnP issue and the core devs will to review this. I hope they can review it keeping in mind that users needs are with more than just one game console or PC. More and more, households have more than just one game device on XBL or PSN. o_O
 

Vexira

Part of the Furniture
As a suggestion, if you wanting PC and game console operation to work well and while you will seem to be waiting on this issue to be fixed. You might check out a used DIR-857, DIR-827, DIR-655 Rev B or a DGL-4500 and you'll get OPEN NAT on more than just one game console. Not trying to take away from Asus, just while your waiting on a fix for ASUS FW and Merlin FW. I've tested on DIR-655 with 3 XB1s and everything was OPEN NAT. You can find these cheap on amazon or fleabay. ;) I hope this can and will be fixed. Yes this seems to be a uPnP issue and the core devs will to review this. I hope they can review it keeping in mind that users needs are with more than just one game console or PC. More and more, households have more than just one game device on XBL or PSN. o_O
The issue lies in miniupnp, the third link I posted has a possible fix, the miniupnp development is aware of the issue but hasn't fixed we need to create a thread on his/her forum, the only other fix is a different upnp daemon, but I've read in a different thread that multicast snooping mabye be causing the issue. Even though it's gui disabled it's enabled still.
 

tmac

New Around Here
In case this helps any... I experience this issue as well with a rt-ac68u (stock, merlin & tomato), 1 xb1 and 2 xb360s. Not promoting one FW over another, I've found DD-WRT's (v3.0-r31899) implementation of UPnP to be working: All three consoles constantly have Open NAT.
 

RMerlin

Asuswrt-Merlin dev
Note that I do not enable IGD2 support, as it was causing issues (can't remember the details, it's been a few years already, I think it was Windows no longer recognizing the router as being an Internet Gateway device).
 

RMerlin

Asuswrt-Merlin dev
One interesting thing I noticed tho is that Asuswrt doesn't compile miniupnpd with --portinuse enabled. I can't find any documentation on this particular option.
 

Vexira

Part of the Furniture
Is
Note that I do not enable IGD2 support, as it was causing issues (can't remember the details, it's been a few years already, I think it was Windows no longer recognizing the router as being an Internet Gateway device).
It possible to add it and the portinuse option to unsupported tweaks, so we can test it to see if that fixes the issue with upnp.

This might explain the portinuse feature
http://miniupnp.tuxfamily.org/forum/viewtopic.php
http://ftp.twaren.net/Gentoo/gentoo-portage/profiles/use.local.desc

Second link:
"net-misc/miniupnpd-portinuse - Check if a port is in use before allowing a NAT-PMP client to map it."
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Is

It possible to add it and the portinuse option to unsupported tweaks, so we can test it to see if that fixes the issue with upnp.

This might explain the portinuse feature
http://miniupnp.tuxfamily.org/forum/viewtopic.php
http://ftp.twaren.net/Gentoo/gentoo-portage/profiles/use.local.desc

Second link:
"net-misc/miniupnpd-portinuse - Check if a port is in use before allowing a NAT-PMP client to map it."

If I enable IGD2, it breaks Windows's ability to handle the router as an IGD. I tested it last night and the issue is still there under Windows 10. I find Windows more important than gaming consoles, as it's far more common, so this would have to be fixed first.

Note that this problem isn't unique to Asuswrt, Ubiquity also has the same issue since they decided to enable IGDv2 in their own firmware, and no one from their community seem to have picked up on the problem.


I enabled portinuse (after fixing it so it looks at the correct chain). It won't help with game consoles, only if you have a port already in use by the router, or manually forwarded through the webui.
 

Vexira

Part of the Furniture
If I enable IGD2, it breaks Windows's ability to handle the router as an IGD. I tested it last night and the issue is still there under Windows 10. I find Windows more important than gaming consoles, as it's far more common, so this would have to be fixed first.

Note that this problem isn't unique to Asuswrt, Ubiquity also has the same issue since they decided to enable IGDv2 in their own firmware, and no one from their community seem to have picked up on the problem.


I enabled portinuse (after fixing it so it looks at the correct chain). It won't help with game consoles, only if you have a port already in use by the router, or manually forwarded through the webui.
Portinuse would be helpful in general in terms of pc applications, might help with consoles, I still hope it can be added in the next version of the firmware, also may I ask as to which UDA version did you use
According to this thread
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1823&postdays=0&postorder=asc&start=30

http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1840
The problem seems to be UdA 2.0 not being fully supported
By windows

According to the miniupnpd dev
"IGD2 can be implemented from UPnP Device Architecture (UDA) V2.0 onward
Anyway UDA v1.1 was the current version when IDGv2 spec was released, but not UDA v2.0"

I hope that some how helps.
 

Vexira

Part of the Furniture
I use 1.1. In fact, I'm the one who originally reported that 2.0 didn't work almost two years ago:

https://github.com/miniupnp/miniupnp/issues/167
So igd 2.0 and UdA 2.0 and igd 2.0 and UdA 1.1 yield the same failure to function correctly? If soo links like I Ned to send Microsoft a support ticket from both my xbox and windows, although least portinuse works, it might fix the issue I have trying to get 2 copies of black ops 3 running on my pcs, or te times where the router is not as responsive at clearing unused ports, after turning my xbox one off with a full shut down, the router some times clears the port quickly other times it stagnates and takes a while before the port clears from upnp table it's strange.
 

RMerlin

Asuswrt-Merlin dev
So igd 2.0 and UdA 2.0 and igd 2.0 and UdA 1.1 yield the same failure to function correctly?

No, different issues. IGD2 causes Windows to fail to recognize the device as an IGD, and UDA 2.0 causes BITS to fail starting/configuring itself.

Thomas already contacted Microsoft regarding the UDA issue as per the Github ticket, and as usual, Microsoft has been showing their usual "don't care, doesn't affect our big corporate customers" attitude.

If you contact the XBox tech support, their first response will probably be "Uh, dunno what you're talking about, but here's a list of ports you need to open or forward".

Port cleaning must be done either by the client, or when there's been an inactivity timer that has been reached. The latter can be configured in miniupnpd's config file (don't recall off hand the name of the parameter, shouldn't be too hard to find it tho). Port cleaning is based on when was the last time the packet counter has increased for said forward, if I remember what I read in Thomas's posts.


And no, the portinuse option won't help you. If a port is already forwarded by miniupnpd, then it doesn't need any special logic to check if the same port is requested a second time. In fact, the portinuse code doesn't even check the existing UPNP forwards, it only ckecks local ports, and forwards configured in a user-specific chain (in Asuswrt's case, it's the VSERVER chain).

I suspect the real solution would be having a properly working IGDv2 daemon. Maybe someone can ask Thomas about this one, I don't think this specific issue was ever raised with him. I didn't raise it because I wasn't sure if the issue was on my end, but now that Ubiquity also shows the same problem, the problem must be either with miniupnpd's code, or with Windows.
 

Vexira

Part of the Furniture
i was going to lodge it as an issue though the feedback app, since im in the preview program, from what ive been reading it belive that your right, the issue lies with in minupnp, most likely due to a setting or an option that hasen't been enabled correclty. Ive seen a rule sytem being implimented by some on in the mini upnp forum

http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820

So if IGD 2 and UDA 2 were working correctly theres a possiblity that it might fix the issue.
it would good if there was a way to set rules for upnp as in how it handles deamonware portmapping or the port mapper xbox one uses so that upnp could re direct the port reqest, if the devices requests a port all ready in use to one based of a specified range, which is based off the first port request eg, if the first client requests port 27017 and the port is 27014-27050 the second client would get 27018 instead of 3000 range port.

Would you like me to put a bug request in his git hub or on his forum to ask him about the daemon?
 

RMerlin

Asuswrt-Merlin dev
Would you like me to put a bug request in his git hub or on his forum to ask him about the daemon?

Actually nevermind, he's already aware of the IGDv2 issues:

http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1840

Microsoft never answered him when he asked about it, but so far it looks like Microsoft does not support IGDv2. Since the XBox One is based on Windows 10, that means it probably doesn't support IGDv2 either, therefore that's a dead en there - you won't find any fix to your issues with IGDv2.
 

Vexira

Part of the Furniture
i wonder if its not that windows doesnt support it, and its more an issue with the daemon its self, because miniupnp fails to forward ports, if i change the bandwith values in adaptive qos, also i have to either run the wipe jfs partition at next boot, or change the internal port range starting value in order to get it to respond again, im not sure if the issue is to do with the fact that ctf is enabled or miniupnp is just buggy and conflicting with adaptive qos. I i did read your post about an alternative deamons possible issues in regards to compatablity with closed sourse components. Which complicates the situation further.
is there no compatibilty settings in igd and uda 2, im sure i read somewhere that i was supposed to be backwards compatible with the older versions, i might have to ask miniupnp dev if he could check if theres a configuration issue, i do recall reading some one got igd 2 working, by tweaking, i do belive he posted what he did, but its beyond me.
 
Last edited:

Vexira

Part of the Furniture
Posted: Sat Jan 23, 2016 4:11 am BoHiCa

These are the compile CONFIG_OPTS I use when building the daemon:

for igd V2:

Code:
--portinuse --vendorcfg --leasefile --pcp-peer --uda-version=1.1 --igd2


for igd V1:

Code:
--portinuse --vendorcfg --leasefile --pcp-peer --uda-version=1.1


I have had the Xbone network type reported back as "Moderate" once during the last week of running the IGD v2 build, but 99% of the time when checking the network status (I check 2-3X daily), it reports back as "Open NAT" (cone). I restarted the Xbone (hard-restart) once right after the "Moderate" status came back, which was about a week ago. I have not had the IGD V1 builds, through several recent iterations of the code, so far report back anything but "Open NAT".

I'm currently running the latest release: 1.9.20160113 and have been since 16-Jan-2016.

I would try to get an IGD V1 build and check again.

Lastly, if you don't need IPV6, I would also remove that from the compile time options. IPV6 is a "poop-show" everywhere right now...

You also might want to make sure that the firewall rules are properly set up for miniupnpd. I'm on a linux firewall distro (SmoothWall Express v 3.1 pre update 7) that uses iptables.

From this link
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1823&postdays=0&postorder=asc&start=45

though im not sure what it all means.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top