Sign in with
Sign up | Sign in
Your question

Double port forwarding - port within range rule unreachable

Last response: in Networking
Share
August 3, 2013 5:28:02 AM

Hi everyone. I've been trying to get a game to work on my machine (Warframe) and it seems like it uses peer to peer connections, so I had to open ports on my routers. Now, from what I saw, people seem to be extremely frustrated because of all the trouble you have to go through to go on-line to be able to play this game since it seems to be co-op), aswell as being in beta or something, which means warning messages don't always mean what they say about network issues.

Anyway, I got this tool from solariz.de, which consists of a program that sends packets from a server and the results are confusing me.

After a bunch of attempts messing with both my 2 home routers, this is the best output I managed to get:

Quote:
Welcome to solariz.de Port Forwarding Tester, please find additional Information in the README.txt file.
Testing...
UDP 3960: PASS
UDP 3961: FAIL (timeout)
UDP 3962: PASS
ICMP_WAN_PING: PASS


From what I saw while running this, it seems to open a listener on the ports its trying to reach for each port and then uses a remote server to send a UDP packet to it, so I'm trusting this is reliable.

I can't seem to receive packets from the Internet on that specific port 3961, even though it's within range of 3960 - 3962, so I don't understand what could be causing this.

So here's how I set up my routers to get at least those 2 PASSes:

#R1 is connected to the Internet with 1 public IP address
#R2 is connected to #R1, with the following IP address: 192.168.1.80 and its local IP address is: 192.168.2.1
#PC1 is connected to #R2 with the following IP address: 192.168.2.118

After reading a bit on double forwarding, this is what I did on #R1:
Created a new game/service named "Warframe" with protocol UDP on ports ranging from 3960 - 3962 and assigned it to #R2.

Then I went on #R2 and created a new rule, assigning it to #PC1 (it's a different router, so the way it's presented is different):
Local IP
192.168.2.118
Protocol
UDP
Port Range
3960-3962

I wasn't being successful at first, for either port, but after rebooting #R1, 2 of the ports started showing PASS. I rechecked the #R1 and #R2 port forwarding rules and they were still there. I disabled both #R1, #R2, and #PC1 firewalls for the sake of debugging connectivity.

As for logging, somehow #R2 isn't telling me much about connections, since 99% is only wlan0 client connect/disconnect. As for my #R1, it seems to be reporting everything, and here's what he sais:

Quote:
Aug 3 13:15:19 FIREWALL rule : Protocol: UDP Src ip: 109.239.49.12 Src port: 44308 Dst ip: 192.168.1.80 Dst port: 3962 Chain: forward_host_service Rule Id: 7 Action: accept


Aug 3 13:15:11 FIREWALL rule : Protocol: UDP Src ip: 109.239.49.12 Src port: 31630 Dst ip: 192.168.1.80 Dst port: 3961 Chain: forward_host_service Rule Id: 7 Action: accept


Aug 3 13:15:09 FIREWALL rule : Protocol: UDP Src ip: 109.239.49.12 Src port: 37204 Dst ip: 192.168.1.80 Dst port: 3960 Chain: forward_host_service Rule Id: 7 Action: accept


So, all three ports 3960, 3961 and 3962 are being properly forwarded to #R2, and #R2 is properly forwarding 3960 and 3962 to my #PC1. Can't seem to figure what what's wrong on 3961.

Any ideas for troubleshooting? Think I'm becoming a bit saturated with the work I'm putting just to try this game on-line.

Thanks for reading, guys.

Edit:

I assume that the forward from #R1 must be done to #R2. Can someone confirm if this is true? Other option would be to provide the #PC1 IP address and leave #R2 out of the forwarding process, since #PC1 and #R2 are inside the LAN. I'm confused, now...
August 3, 2013 7:43:24 AM

This issue has been solved using trial and error.

I have never taken so much time to "prepare" a game to play. Kind of disappointing. The game (Warframe) is pretty decent, but this is a show stopper for many out there that are not sure how to access their router setup/configuration.

I guess something is wrong with Warframe's UPnP. In order to get it to work I had to disable UPnP inside Warframe, then log into my #R1 and disable UPnP there, and use the port forwarding rules. From my conclusion ,the game will try to use UPnP by default to solve peer to peer connection issues working over NAT, but due to a bug/whaveter (speculation here, of course) it's simply not working. You have to manually set port forwarding. This router is using StrictNAT, so it could be something else with other routers.

What makes this a bit trickier is that the game is in open beta stage and while some of the messages were just random, others were simple warnings that led me to do unnecessary tests. Got to a point where even by having all possible firewalls disabled, it was telling me to make sure my firewall would allow connections on those ports over a UDP protocol.

I don't think this is very elegant and I'm not sure if it will affect other games/services that make good use of UPnP, so I'll have to keep an eye out for it.

As for the 3961 port not being able to recieve data, I found a rule in the "Network Services Filter" of my ASUS router (#R2) excluding everything from 3960 to 3962 (stupid, right? probably ended up being there as a frustrated attempt to open "everything", since it was 3 am at the time - still unsure how it blocked only 1 port, when a total of 3 ports where defined to be blocked - moving on)

Hope this helps anyone to avoid all the stress of thinking that something is wrong with "me", when in fact, it's the damned game.

Cheers.
!