matrixman92
Member
i swear mine changes from open to moderate every other day.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Xbox One NAT/UPnP issues - one year in and they're still not fixed.
- Thread starter dwells
- Start date
Darryl M R
Member
I just bought my Xbox One yesterday and I'm having a problem with my NAT. I have been working on it all day and I have nothing fixed. Right now my NAT is strict and my Verizon Fios router doesn't allow me to manually set one port because it is being used by something else. I have no clue how to get around this but it is horrible.
hikarutilmitt
Member
This, this, a thousand times THIS.
UPnP has a bunch of security flaws that are easily exploited. Not to mention using UPnP on a weak router with little RAM can cause it to have performance issues.
You don't necessarilly need a $160+ router (though it can help our entire network) but getting a cheapassed $30 Netgear or D-Link or some other piece of crap certainly won't do it any favors.
TL;DR
Get a decent router within your budget.
Set it up correctly.
Turn off UPnP because it's a security hole and makes your router run worse anyway.
Multiple devices needing access to the same ports makes your "solution" a nightmare.
EDIT: NETGEAR R6250 seems to be free of this issue. 2.8 and 2.2 are the Xbox Ones. Both set to "Instant-On"
Any gurus feel like explaining Advertisement Period and Adversisement Time to Live in layman's terms?
Darryl M R
Member
I think this is my problem right now, I can't connect my xbox static ip to the 3500 port because it's being used.
DarthWalden
Banned
Interesting, I've had a few problems with connecting to online games that a hard reboot always fixes. I'm glad to know what's causing it and hopeful that it's something that can get fixed.
The Real Napsta
Member
I always have it on PS3 and PS4 (type 2) no idea why.
MrBenchmark
Member
NAT type 2 means you are using a router and everything is running fine
The Real Napsta
Member
Really? I thought the types were the nat settings
MrBenchmark
Member
Yes Nat type 2 indicates you are behind a router Nat type 3 would be bad. It does not indicate if your Nat is strict or not that is different. Xbox one can actually give you a detailed network stats not sure if the PS4 can I haven't dug to far into it.
The trick is getting a good router don't cheap out it only runs all your stuff
Type 1 - Connected directly to the internet (no router/firewall). Should have no issues.
Type 2 - Connected through a router properly. Should have no issues.
Type 3 - Connected through a router without open ports or DMZ setup for PS3. Everything should function properly, but you may have connection, voice chat or other issues.
hikarutilmitt
Member
Multiple devices needing access to the same ports makes your "solution" a nightmare.
EDIT: NETGEAR R6250 seems to be free of this issue. 2.8 and 2.2 are the Xbox Ones. Both set to "Instant-On"
Any gurus feel like explaining Advertisement Period and Adversisement Time to Live in layman's terms?
Not really, since you can still map the same open ports to different IPs.
Advertisement Period is how long the router tells the device it's open, usually from the last time traffic used that port. You shouldn't leave it too long as setting it too high can cause your network to slow down from the constant advertisements.
Advertisement TTL, in this case, is how many hops from device node to device node the connection request goes through before being dropped by the router.
Oh snap - I've never once gotten a game of DA:I multiplayer going on Xbox One. I've tried every night since the game launched, and NEVER gotten into a game - it can't connect me with anyone. I assumed it was because of shitty EA Origin servers, but I have Instant On on... wonder if it's a NAT issue after all. Off to try!
FYI this worked for me. After 2+ weeks of not being able to connect to one Dragon Age multiplayer map, I got into a game right away.
Conflict NZ
Member
Just posted in the MCC thread but I'm betting this is the issue that they are having with matchmaking. It seems so similar to playing back in the halo 2 and halo 3 days on a router that had strict NAT.
This is the stupidest shit on a console ever. I'm experiencing this now, and I keep trying to do the "fixes" in here, but to no avail.
To add to this my PS4 has zero issues being open 24/7. This is probably why 90% of the Halo MCC userbase is being fucked over right now to get into games together.
Shoulda bought a Wii U on Black Friday...sigh...
To add to this my PS4 has zero issues being open 24/7. This is probably why 90% of the Halo MCC userbase is being fucked over right now to get into games together.
Shoulda bought a Wii U on Black Friday...sigh...
I decided to do further research and had the assistance of some knowledgeable people in networking - one is the author of a custom router firmware, and the other the developer of the mini UPnP daemon. With the data captured and logged, we've been able to conclude that the issue does in fact reside with the Xbox One, and is a bug that Microsoft needs to address. Technical details below for those interested:
Here's part of the UPnP negotiations from the Xbox One booting out a full power-off state ("energy saver"). Note the AddPortMapping request, where the Xbox One asks for port 3074 to be redirected/forwarded to it. To simplify things, this is what gives you an open NAT.
Here's the Xbox One shutting down into standby ("instant on") mode. It relinquishes its hold on port 3074 now that it's done with it.
Here's the Xbox One booting up out of its stanby ("instant off") state. Nothing like the full boot, just a simple "hey I'm here" without any of the port mapping. Note that the port mapping is absolutely necessary since it released it during shut down. Without it, we're stuck in moderate NAT land again.
If anyone has advice for getting this to the right people at Microsoft, it would be appreciated. I have more detailed logs available. It's time for this to get fixed.
Here's part of the UPnP negotiations from the Xbox One booting out a full power-off state ("energy saver"). Note the AddPortMapping request, where the Xbox One asks for port 3074 to be redirected/forwarded to it. To simplify things, this is what gives you an open NAT.
Code:
miniupnpd[521]: HTTP connection from 192.168.1.106:49164
miniupnpd[521]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[521]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetConnectionTypeInfo
miniupnpd[521]: HTTP connection from 192.168.1.106:49165
miniupnpd[521]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[521]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#GetNATRSIPStatus
miniupnpd[521]: HTTP connection from 192.168.1.106:49166
miniupnpd[521]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[521]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#[B]AddPortMapping[/B]
miniupnpd[521]: [B]AddPortMapping: ext port 3074 to 192.168.1.106:3074[/B] protocol UDP for: Teredo leaseduration=0 rhost=
miniupnpd[521]: [B]UPnP permission rule 0 matched : port mapping accepted[/B]
miniupnpd[521]: [B]redirecting port 3074 to 192.168.1.106[/B]:3074 protocol UDP for: Teredo
miniupnpd[521]: upnpevents_selectfds: 0x43b3f8 1 10
miniupnpd[521]: upnp_event_notify_connect: '192.168.1.106' 2869 '/upnp/eventing/rtkfsdxeim'
miniupnpd[521]: upnpevents_processfds: 0x43b3f8 2 10 0 1
miniupnpd[521]: upnp_event_send: sending event notify message to 192.168.1.106:2869
miniupnpd[521]: upnp_event_send: msg: NOTIFY /upnp/eventing/rtkfsdxeim HTTP/1.1
Host: 192.168.1.106:2869
Content-Type: text/xml
Content-Length: 389
NT: upnp:event
NTS: upnp:propchange
SID: uuid:4e59862d-6fc0-4e8b-8575-62a4454a095b
SEQ: 1
Connection: close
Cache-Control: no-cacheHere's the Xbox One shutting down into standby ("instant on") mode. It relinquishes its hold on port 3074 now that it's done with it.
Code:
miniupnpd[521]: HTTP connection from 192.168.1.106:49524
miniupnpd[521]: HTTP REQUEST : UNSUBSCRIBE /evt/L3F (HTTP/1.1)
miniupnpd[521]: ProcessHTTPUnSubscribe /evt/L3F
miniupnpd[521]: SID 'uuid:4e59862d-6fc0-4e8b-8575-62a4454aa048'
miniupnpd[521]: HTTP connection from 192.168.1.106:49525
miniupnpd[521]: HTTP REQUEST : POST /ctl/IPConn (HTTP/1.1)
miniupnpd[521]: SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#[B]DeletePortMapping[/B]
miniupnpd[521]: [B]DeletePortMapping: external port: 3074[/B], protocol: UDP
miniupnpd[521]: [B]removing redirect rule port 3074 UDP[/B]
miniupnpd[521]: Trying to delete nat rule at index 0
miniupnpd[521]: Trying to delete filter rule at index 0
miniupnpd[521]: upnpevents_selectfds: 0x43b098 1 10
miniupnpd[521]: upnp_event_notify_connect: '192.168.1.106' 2869 '/upnp/eventing/wlofnqblfn'
miniupnpd[521]: upnpevents_processfds: 0x43b098 2 10 0 1
miniupnpd[521]: upnp_event_send: sending event notify message to 192.168.1.106:2869
miniupnpd[521]: upnp_event_send: msg: NOTIFY /upnp/eventing/wlofnqblfn HTTP/1.1
Host: 192.168.1.106:2869
Content-Type: text/xml
Content-Length: 389
NT: upnp:event
NTS: upnp:propchange
SID: uuid:4e59862d-6fc0-4e8b-8575-62a4454a959e
SEQ: 1
Connection: close
Cache-Control: no-cacheHere's the Xbox One booting up out of its stanby ("instant off") state. Nothing like the full boot, just a simple "hey I'm here" without any of the port mapping. Note that the port mapping is absolutely necessary since it released it during shut down. Without it, we're stuck in moderate NAT land again.
Code:
miniupnpd[521]: ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1 (ver=1)
miniupnpd[521]: SSDP M-SEARCH from 192.168.1.106:50249 ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
miniupnpd[521]: Single search found
miniupnpd[521]: SendSSDPResponse(): 0 bytes to 192.168.1.106:50249 ST: HTTP/1.1 200 OK
CACHE-CONTROL: max-age=120
ST: urn:schemas-upnp-org:device:InternetGatewayDevice:1
USN: uuid:4e59862d-6fc0-4e8b-8575-62a4454a01e1::urn:schemas-upnp-org:device:InternetGatewayDevice:1
EXT:
SERVER: UPnP/AsusWRT UPnP/1.1 MiniUPnPd/1.9
LOCATION: http://192.168.1.1:42856/rootDesc.xml
OPT: "http://schemas.upnp.org/upnp/1/0/"; ns=01
01-NLS: 1
BOOTID.UPNP.ORG: 1
CONFIGID.UPNP.ORG: 1337If anyone has advice for getting this to the right people at Microsoft, it would be appreciated. I have more detailed logs available. It's time for this to get fixed.
lifeexpectancy
Member
QFT.
Although it should be said that for the first time ever tonight, I ran into a strict, followed by a moderate NAT on my XB1, and I do not use instant-on (never have).
SMFH. MS needs to fix this shit.
Glad at least one person saw that post. No luck so far trying to figure who to send this to or how to contact them. Official Xbox support channels will likely go nowhere since this has been brought up repeatedly on their support forums for over a year now.
MightyHedgehog
Member
Why don't you just tweet visible Xbox people?
No twitter account, unfortunately. Also, I think the only way this will actually get fixed is if it goes straight to the engineers.
Digital Limit
Member
Then make a twitter account. Find the twitter accounts of relevant engineers. If you care about this problem, try and solve it.
You seem to be implying that I'm being lazy about this issue, which is a little odd given that I've done more research and gathered more evidence than anyone else. As for the Twitter thing, I've been looking and haven't found anything. If I knew the handles of the engineers, I'd have tweeted them by now.
Tweeting the official support channels seems pointless, as the official support channels and forums have been repeatedly informed of the issue for over a year and nothing has happened.
There's a good chance it won't stay that way, or it will report that it's okay and it actually isn't.
ViolentP
Member
That would certainly indicate a device issue. I tend to set static ips to all my devices as well as proper port forwarding. This has allowed me to set all my relevant devices to NAT 2 in the past. If that changes, sadly I will know it is currently out of my hands.
If you're manually port forwarding you should be fine - the issue only affects UPnP automatic port mapping.
There is an MS employee that posts in the XB1 update threads, his user name is Kampfheld. Send him a PM and give him your information and I bet he can get it to the right people.
While he was verified, it wasn't clear who he worked for, originally it certainly wasn't MS.
He then went on to state (obtusely) he was working on Crackdown 3 and left the boards, so Im not sure that'd get you anywhere.
Deputy Moonman
Member
I don't use instant-on either and my xbox is regularly at moderate NAT. However, I've never had any online issues, so I don't know what that means, at least in my case.
Who the heck still uses uPnP and NAT-PMP?
So many articles advise against that method for security reasons. If you really know your networking, you should immediately turn it off.
Set a static IP on the Xbox or set a set MAC address on the router to bind to a local IP+ forward your ports correctly to that specific IP.
So many articles advise against that method for security reasons. If you really know your networking, you should immediately turn it off.
Set a static IP on the Xbox or set a set MAC address on the router to bind to a local IP+ forward your ports correctly to that specific IP.
I use Tomato firmware, so it's a feature it lets me set via MAC address.
For you, you can set a static IP on the Xbox and tell the router to forward ports to that IP.
ViolentP
Member
You forward your ports?
Was this ever fixed? Just added 2 Xbox Ones to my network and I'm getting constant disconnects in Destiny with the error on Destiny being Beatle/Weasal which is no help.
I have UPnP on as I have 3 Xbox One's so I can't port forward all the address or DMZ all 3
Temporary solution that seemed to have worked. Have someone else start the party/game that is not in your network.
I have UPnP on as I have 3 Xbox One's so I can't port forward all the address or DMZ all 3
Temporary solution that seemed to have worked. Have someone else start the party/game that is not in your network.
I would check for any firmware refreshes for your modem and your switch. From that point onward, twofold watch that your switch has UPnP empowered. In the event that that still doesn't work, I'd unplug everything for a couple of hours and afterward plug it back in once more. In the event that there's still issues, I'd call your ISP or Xbox backing and stroll through the investigating ventures with them.UPDATE: Evidence of the issue in the form of detailed system log files available in post 118. Confirms Xbox One is not properly re-negotiating port mapping after coming out of standby and confirms this is a Microsoft/Xbox bug.
For those of you not familiar with UPnP, think of it in this context as automatic port forwarding. The device communicates with the router and says "hey, I'm located here at [IP address] and [MAC address] and I need access to ports [port], [port], and [port] please!" This is great, as it allows for consoles to have an "open NAT" and communicate effectively with the internet, allowing players to connect to other players and servers and such without hassle. It's also great for situations where multiple consoles are being used on the same network where manual port forwarding would not be effective.
However, the Xbox One's implementation of UPnP is bugged. Since devices are requesting ports to be opened and held for them, it's obvious that these reservations can't be held forever for security and compatibility reasons. So routers will eventually expire these UPnP reservations after a period of time of inactivity. No big deal - when a device needs access again, it renegotiates the leases and they become active again.
The Xbox One, however, doesn't do this unless a full reboot of the console occurs. As a result, users with a secure UPnP setup and the Xbox One on the "Instant On" setting will have a moderate or closed NAT, impeding their ability to connect to other players and services. So for those of you with the console with "Instant On" enabled, there are three ways I've found so far to temporarily resolve the issue:
Here's the advanced screen in question:
- Hard reset the console by holding the power button on the console.
- Perform the "test multiplayer connection" test in the settings app. Once it finishes, hold LT + RT + LB + RB and an advanced screen will appear. During the advanced screen, the Xbox will attempt to renew its UPnP leases.
- Disable "Instant On" and switch to "Energy Saver" and deal with very long console boot times.
Don't be fooled by the short "NAT type" description, either, as this is cached and not accurate. As the above example shows, the NAT type is listed as Moderate, but the description from the advanced test is that of a "cone NAT" (open). The reverse happens as well - the console will show that your NAT is open, when in fact the UPnP leases are not active and you're not able to connect with some other players.
What's particularly frustrating about this issue is that it has existed and has been brought up since the console's launch. Refer to this article, this unacknowledged Xbox support forum post from August, and this unacknowledged thread spanning from November of last year to October.
So to those of you on here, if you're using UPnP and Instant On, chances are your NAT isn't as open as you think it is and you're not able to connect to everyone. For those of you who are more network savvy, you'll be able to verify this by looking at your port reservations and UPnP lease tables on your network.
To Microsoft: what's the deal, guys? It's been a year and a major system bug still exists and hasn't been acknowledged. Please get around to patching this for your customers.