Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Double NAT, online gaming (Blizzard) and pfSense

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 619 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      n3mmr
      last edited by

      We're a condominium doing our own internet access delivery: we have a business style subscription for 1Gb/s, we share that to all our tenants, using private IPs in the 10.0.0.0/16 range. This sharing is currently done using an old ZyWall usg2000 as a condo-wide NAT router.
      Each tenant is supposed to connect a private NAT router to the condo intranet, and they're not supposed to use bridging or UPnP or PMP in the private router.

      Online gaming to Blizzard games and any game using STEAM services are plagued by short fails at irregular intervals: at intervals of anything from ½ hour to a day or so, mostly centered around a few hours, return traffic from the game server goes silent, like something drops all those packets, fir 5-10 seconds.
      Different players behind different private NAT routers experience this quite independently: one player may have interruptions 5-6 times in a single day while others get the problem only once, and there's no obvious interdependence.
      However, if the player uses, say,Teamspeak or Discord conferencing to talk to other team members, that connection breaks in perfect sync with the gaming break.

      Suppose we replace our current condo-wide main router with a modern pfSense router, what could we do to improve the gaming experience for our tenants?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Get an IP address allocation, a layer 3 switch, and give each of your tenants a /30 (or more) and let them worry about their own firewalls.

        Kind of like a real ISP.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.