Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple Public IPs and Port Forwarding for Gaming Center

    Scheduled Pinned Locked Moved NAT
    3 Posts 3 Posters 962 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      arainero
      last edited by

      Hello,

      I wanted to make sure my thought process was accurate in this scenario. I currently have 50 computers and 5 consoles in an internet gaming facility. I have been running into several problems with NAT rules when trying to host games and online gameplay in general.

      I am able to purchase a range of 60 static public IPs from my ISP for pretty cheap and I was going to do a 1:1 NAT rule per public IP to local computers and consoles and then make individual port forwards per machine per public IP.

      I realize this would be a lot of tedious work making all of the rules per game and when a new game needs to be added. But the end result would be as if each computer wasn't NATed in a sense because each computer would have its own public IP, right?

      I have played around with UPnP and static ports but each time I enable one for a certain program/game another program/game would stop working in its place. I feel like this would be the most straight forward and least problematic solution that offers the most flexibility.

      Please let me know if this solution would work the way I think it will.

      Thank you!

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        If your doing a 1:1 nat - why would you need individual port forwards?  A 1:1 NAT by definition sends all ports inbound to that IP as long as firewall rules allow for it.  You would use port forwards to negate this – for example if you wanted to actually hit the wan IP on a port for say remote access to pfsense or something.

        Do these computers and consoles and such want to play games together. if so your prob going to want to have the segment routed to you so you could put it on the inside of pfsense this way you wouldn't have to do any sort of natting and wouldn't have to worry about nat reflection when devices connecting to each others IPs

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.7.2, 24.11

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Why not just put the public subnet on an inside interface and ditch NAT altogether?

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.