{"id":1000,"date":"2009-01-06T23:00:21","date_gmt":"2009-01-07T04:00:21","guid":{"rendered":"http:\/\/nuxx.net\/blog\/?p=1000"},"modified":"2009-01-06T23:51:46","modified_gmt":"2009-01-07T04:51:46","slug":"xbox-live-open-nat-using-pf-on-openbsd","status":"publish","type":"post","link":"https:\/\/nuxx.net\/blog\/2009\/01\/06\/xbox-live-open-nat-using-pf-on-openbsd\/","title":{"rendered":"Xbox Live Open NAT Using pf on OpenBSD"},"content":{"rendered":"

<\/p>\n\n\n
\"Detailed<\/a><\/td>\n<\/tr>\n<\/table>\n

<\/center><\/p>\n

It’s done. My Xbox 360 is now working properly via NAT talking through the Trashwall<\/a> and using WOW!<\/a> service.<\/p>\n

After getting my previously mentioned pf<\/tt> problem<\/a> on Trashwall<\/a> sorted out I tested out the Xbox 360 to see if the network test for Xbox Live would pass. Guess what? It didn’t, continuing to insist that my NAT type is strict.<\/p>\n

A bit more research (and information which seems to come from this post at Russ’s Blog<\/a>) indicates that the Xbox Live uses the following classifications for NAT:<\/p>\n

Strict: Symmetric NAT.
\nModerate: Cone shaped NAT with port filtering or with UPnP turned off.
\nOpen: Cone shaped NAT with no port filtering or with UPnP turned on.<\/p><\/blockquote>\n

Cone and symmetric NAT descriptions are formalized in RFC3489<\/a>, and a bit more digging brought up this general how-to for using OpenBSD’s pf<\/a>, indicating that the static-port<\/tt> directive on a NAT rule (described here in the POOL OPTIONS section of the pf.conf(5)<\/tt> man page<\/a>) makes OpenBSD do cone-shaped NAT.<\/p>\n

So, overall, what did it take to fix it? Well, it was actually three things:<\/p>\n

· I switched to Wide Open West<\/a> for data service, which gave me three IPs.
\n· While the whole house was NATted through one of the IPs, the Xbox 360 alone has been bidirectionally NATted through another.
\n·The magic static-port<\/tt> option on the NAT line for the Xbox 360.<\/p><\/blockquote>\n

Without a second IP I wouldn’t have been able to forward all ports inbound, which without a UPnP<\/a> daemon (which didn’t go well before<\/a>) would have resulted only a NAT setting of Moderate.<\/p>\n

All of this has been documented in the updated version of the article on the Trashwall<\/a>, my home’s a firewall \/ NAT device \/ switch \/ whatever built out of an unwanted PowerMac G4.<\/p>\n

(In case you didn’t notice, this photo does a good job illustrating the wire in a aperture grill<\/a>, such as the one here on an Sony KD-34XBR970<\/a> CRT HDTV. If you’d like to see the original without the no sign, here’s the small version<\/a> and here it is at full res<\/a>.)<\/p>\n","protected":false},"excerpt":{"rendered":"

It’s done. My Xbox 360 is now working properly via NAT talking through the Trashwall and using WOW! service. After getting my previously mentioned pf…<\/p>\n

Continue readingXbox Live Open NAT Using pf on OpenBSD<\/span><\/a><\/div>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"class_list":["post-1000","post","type-post","status-publish","format-standard","hentry","category-computers","entry"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/posts\/1000","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/comments?post=1000"}],"version-history":[{"count":15,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/posts\/1000\/revisions"}],"predecessor-version":[{"id":1021,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/posts\/1000\/revisions\/1021"}],"wp:attachment":[{"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/media?parent=1000"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/categories?post=1000"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nuxx.net\/blog\/wp-json\/wp\/v2\/tags?post=1000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}