Test Request: UPnP Fix for Multiple Consoles playing the same game / static port outbound NAT

hansaya

Like others have mentioned this is what helped me: https://redmine.pfsense.org/issues/7727#note-35

And I got both of the PCs to show open NAT. In my case I was trying to get COD to work so port "3074" works and this is what UPNP should have been doing automatically for us.

For what it's worth, I did have both PC's showing "Open" NAT types, and both were able to join each other's lobby, without upnp. I manually created port forwards and outbound mappings.

For outbound, I had:

192.168.1.48:3074 => WAN:13074
192.168.1.49:3074 => WAN:23074

For port forwards:

ANY:13074 => 192.168.1.48:3074
ANY:23074 => 192.168.1.49:3074

Marc05

@hansaya It'd be nice to have this tested on the latest dev snapshot. There seems to have been a lot of fixes with NAT.

aniel

@chrcoluk said in Test Request: UPnP Fix for Multiple Consoles playing the same game / static port outbound NAT:

How are you even getting one peron on open nat on the pc, how are you testing it?

do u still this question to be answered ? btw: i don't check this forum that often or at all

aniel

@marc05 said in Test Request: UPnP Fix for Multiple Consoles playing the same game / static port outbound NAT:

@hansaya It'd be nice to have this tested on the latest dev snapshot. There seems to have been a lot of fixes with NAT.

do u know if this is fixed in the latest dev builds ?

Mkayze

@hansaya Can you post a screenshot of your outbound and port forward rule? Thanks

hansaya

@mkayze sure
Outbound

Port forwarding

Port Aliases

Some of you ask to test on a dev branch and I might try that this weekend. I just need to make sure my vm backed-up etc.. before I attempt it.

Mkayze

@hansaya Thank you for that! I was finally able to get both PC's to not have strict NAT. Although one PC is still showing Moderate no matter what I do, not sure why. But this is way better than having it at strict.

Tested it on both PFsense and OPNsense and both work with this method.

hansaya

@mkayze My guess is you are not covering all the ports needed for the game(check both TCP and UDP). I do not have UPNP enabled and both machines are showing Open NAT for all call of duty games. Vanguard, Cold war, Warzone etc...

@aniel @Marc05 I tested the latest 2.6.0_devel and UPNP acts the same way. Both computers was on static NAT on outbound and UPNP turned on. First one to get online will get moderate NAT and the other gets strict. Without the static outbound rule both game shows strict as expected. UPNP seems to work as well since I can see the requests pop up on the upnp status page. However I only can see the requests from one of the computers(whoever makes the request first).

Marc05

@hansaya If this works, that means that static ports aren't actually necessary which goes against the general consensus. This is what pfSense does by default, and the only thing that would really be needed is for UPnP and NAT Reflection to be enabled. It would be really helpful if you could retest on latest dev again but skip setting any additional outbound rules with static ports (edit) unless there's specific ones that are known to need the option like with the switch.

vMAC

Unfortunately, this gives me moderate for both of my PS5s. I really wish we had a working solution to this..... 3 years later.

Marc05

@vmac That's exactly what you're supposed to get. The only way to get open NAT would be for the consoles to have a public IP themselves.

vMAC

@marc05 If a proper UPnP was working then they would both get Open NAT. When I just had one PS5, it received an Open NAT with no issues. I'm not following why moderate is correct or would be considered "working."

Marc05

@vmac said in Test Request: UPnP Fix for Multiple Consoles playing the same game / static port outbound NAT:

@marc05 If a proper UPnP was working then they would both get Open NAT. When I just had one PS5, it received an Open NAT with no issues. I'm not following why moderate is correct or would be considered "working."

See here: https://portforward.com/nat-types/

winger46146

See here: https://portforward.com/nat-types/

From your link and UPnP doesn't work.

NAT Type Open
NAT Type Open is the goal when setting up an Xbox. In order to get NAT Type Open on your Xbox you need to do one of the following:

Forward the Xbox Live ports in your router to your Xbox, or
Setup a DMZ in your router pointing at your Xbox, or
Have a fully UPnP compliant network. Usually, this means having a router that supports UPnP and is enabled.
Any of the above methods should net you a NAT Type Open on your Xbox. Our site recommends a port forward as the best option to get NAT Type Open. DMZ is the easiest choice, but it's a bit overkill and best reserved as a testing tool for network problems. UPnP is a really dangerous protocol and it allows any piece of malware on your network to forward a port to any device inside your home without you knowing it. We keep UPnP turned off on our routers for increased security.

NAT Type Open means the following:

Your Xbox may or may not be behind a router.
If your Xbox is behind a router, then your router is aware of your Xbox and is forwarding incoming packets on predefined ports to your Xbox, usually 3074.
Your Xbox is able to receive incoming packets from the internet including connection requests from other players.
You are able to be the host of multiplayer lobbies.
You should have no limits on chat, video.
If you have NAT Type Open on your Xbox then you are done. There is nothing more for you to do.

iculookn

PFSENSE Team, What if we raise some funding so you can buy a few XBOX's and PS5's so you can test and fix all the gaming challenges including this upnp issue and make PFSENSE the perfect "Gaming Router".

Marc05

@winger46146 You missed the context that this was for PS5, not Xbox.

vMAC

@marc05 said in Test Request: UPnP Fix for Multiple Consoles playing the same game / static port outbound NAT:

https://portforward.com/nat-types/

That again confirms that this is not working. My connections are being limited in a moderate NAT. As I stated before when using UPnP with just one system connected I get an Open NAT, not Type 1 NAT, but Type 2 Open NAT.

When using the same config that you list above, I get a Type 3 Moderate NAT. While that is marginally better than a Type 3 Strict NAT, neither are ideal or show a "solution" to the issue that has brought many to this thread.

Marc05

@vmac I don't know what "Type 2 Open NAT" is. Every platform seems to define its own terms so it's difficult to say what should or shouldn't be. I'm not saying there isn't an issue as I've run into it before, but it's difficult to diagnose.

Having multiple consoles with static port outbound rules will inevitably lead to port conflicts. Depending on how those conflicts are treated (unclear), this can lead to different NAT Type results.

For example, this was posted previously (which is ultimately what you want):

nat quick on em0 inet proto udp from 192.168.1.31 port = 3074 to any keep state label "DemonwarePortMapping" rtable 0 -> 24.255.xxx.xxx port 3074
nat quick on em0 inet proto udp from 192.168.1.30 port = 3074 to any keep state label "DemonwarePortMapping" rtable 0 -> 24.255.xxx.xxx port 3108
[...]
rdr pass quick on em0 inet proto udp from any to any port = 3074 keep state label "DemonwarePortMapping" rtable 0 -> 192.168.1.31 port 3074
rdr pass quick on em0 inet proto udp from any to any port = 3108 keep state label "DemonwarePortMapping" rtable 0 -> 192.168.1.30 port 3074

Does this mean that static ports were used for both 192.168.1.31 and 192.168.1.30, and the consoles automatically try opening a different port (in this case 3108) through UPnP? If so, will every game always do this, or is it up to each game to decide on the implementation?

Jon8RFC

@jimp I re-read everything on redmine and see that you mentioned not having two consoles for testing...
The issue is reproducible on a Windows 10 PC with Call of Duty Warzone, with a PS5 console playing Warzone on the same network.

I assume it's reproducible with two PCs as well. It's a free game, so you can download this on multiple PCs or consoles for testing since you're familiar with what's going on with the networking side of things, unlike me:
https://www.callofduty.com/content/atvi/callofduty/warzone/web/en/download.html

Thanks for everything you and everyone are doing to get this resolved!

aniel

i just dont understand why or how they cant fix this, given that many household usually have 1 or more gamer in the same house. this issue have been reported for many years now.