# How To See A Router's Forwarding Table?

This topic is 487 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

## Recommended Posts

Guys, as I already told you multiple times, I finished my primitive chat program using RakNet. It works perfectly fine, but only with laptops that are connected to my router, and it doesn't work when a friend who lives somewhere else tries to connect to me.

Then in the FAQ I see that it's because of NAT. From what I gather, IPv4 addresses are not so much, that's why some guys decided that instead of giving a different IP to every PC, they can just give a different IP to every modem and map the different ports of the modem to all the PCs connected to it.

And all the devices connected to that modem use the modem's IP, the difference is that everybody is connected to different port on the modem.

So my friend couldn't connect to me because when I googled "what's my ip", it actually shows my modem's IP, so I was giving him the public IP of my modem, not the IP of my PC. That's why I need to somehow access that NAT forwarding table on my router and figure out how to tell him the right destination. And I don't want NAT punchthrough, because I don't want to pay for server. I want to be the server. Is there some very simple way of doing this.

Can I somehow get a simple unique number from somewhere and shove it into my friend's Connect() function?

Edited by codeBoggs

##### Share on other sites
You need to set up port forwarding on your router, and how to do that should be in the manual for that hardware. Usually it involves finding the address in the manual, opening it up in your browser, entering the admin password, seeing which IP address it's assigned to you locally, then telling it to open an external port and forward that to your internal IP/port combination.

##### Share on other sites

Sounds pretty complicated. Will try it, but I don't give myself any chances.

EDIT: I know my PC's internal IP address and my modem's external IP. Trying to figure out how to get my pc's external IP now.

Edited by codeBoggs

##### Share on other sites
Your PC does not have an external IP. That's the entire point of NAT. To everything not on your local network, your PC and your router are indistinguishable.

##### Share on other sites

Guys, I found the options. I need to specify that packets coming to port 16000 (just random port I've chosen) of my router need to be sent to port 16000 of my PC. But in my router options, I have 2 slots for external ports, and 2 slots for internal ports, what to do?

EDIT: I will try writing the same port twice to fill the 2 slots, I hope I don't mess up something.

Edited by codeBoggs

##### Share on other sites

You look it up in the manual for the router.  If you don't have the manual, Google.

If the web form has two numbers it is probably for a range.  Many applications follow a range of ports such as 6881-6889 TCP.  In that case you'd probably enter the first and last port in the range.

##### Share on other sites

frob, you were right, it is indeed a range. I wrote a range of external ports from 59999 to 60001 and in the first slot for internal port I wrote 60000 and it automatically assigned 60002 to the second slot, so 2 external ports go to 2 internal. Now that I forwarded 2 ports, what do I write in RakNet's Connect() function?

peer->Connect(Should-I-Put-My-Router's-IP-Here?, Should-I-Put-External-Or-Internal-Port-Here?, 0,0);

EDIT: I still get CONNECTION_FAILED identifier. I'm tired of this sh*t. I stopped firewall, I forwarded external port 60000 to internal port 60000, I tried to connect to the router IP with the port number 60000 and it still doesn't work.

Edited by codeBoggs

##### Share on other sites
What are the two endpoints of the failing connection? NAT is usually set up to be one-way, ie. you don't connect to the public address and port if you're on the private side of the network.

##### Share on other sites
On the client, you should put the router's IP address, and the external port (being forwarded,) into the connect() function.
On the server, you do not use connect() at all.

So, let's assume your router's external address is 150.22.33.44, and that the external port is 5432.
Let's assume that your PC's internal address is 192.168.1.18, and that the internal port is 3800.

You should set up your router to port forward external port 5432 to internal address 192.168.1.18, port 3800.
You should then, in the client that connects to your router from the internet, put in the address 150.22.33.44 and the port 5432.

Now, if you try to connect to your PC from inside your network, your router may not support "hairpin NAT," and thus only when you are inside your network, you need to connect to 192.168.1.18 port 3800 for it to work.

##### Share on other sites

Ok guys,

First: I want to thank you for the answers, There was no way I could understand all this stuff without your help, thanks.

Apoch: It just sends identifier 17, which is CONNECTION_FAILED, I tried with one of my friends, too, he is far away, he's not in my private network.

Second: I kind of get it, I need to use the router's external port and IP in the client's connect() function. And then somehow the packets enter that router through the external port and come to my PC from the internal port, cool.

But what port should I specify on the server side to listen on:

This is the code. I guess I have to specify the internal port here?( because we are talking about my pc here, and the external port is on the router, right )

RakNet::SocketDescriptor sd(InternalPortHere?,0);
peer->Startup(MAX_CLIENTS, &sd, 1);
peer->SetMaximumIncomingConnections(MAX_CLIENTS);

And another question. I specified the external and internal ports both as 60000, is there a problem if I use the same number?

Third question. There are some websites that check if a port is open, but I tried with 60000 and it shows that the port is closed although I forwarded it. This means that port forwarding doesn't open the port, just gives directions to the packet if it has already entered the port, right? ( or it just opens the external port? )

Question No.4: How the hell am I supposed to open my internal port. I guess it is in the peer->Startup() function?

Question No.5 How to open my router's external port?
Edited by codeBoggs

##### Share on other sites
Your server should listen on whatever port you were listening to before. Nothing about NAT or port forwarding changes that. 60000 is fine.

There is no problem if the external and internal ports are the same number - one is a port on the router, one is a port on your computer, and each device has its own set of ports.

To 'open' a local port means 2 things: first, that you're listening on it (that's what a Raknet server presumably does), and second, that your firewall allows traffic in. If you're on Windows, you probably get prompted to allow this, the first time your program attempted to open that port.

You don't need to 'open' your router's port - the port forwarding tells it that traffic for that port is to be redirected to an internal computer, and that is enough.

It's probably worth noting that Raknet uses UDP, as far as I can tell - so if you're setting up port forwarding for TCP, that won't work. Do it for UDP and you should be ok. (Also, if the port scanning website you used isn't scanning UDP ports, it'll never know whether you're listening on that port or not.)

##### Share on other sites

Kylotan:

TCP/UDP chosen.

[attachment=32890:portForwarding.jpg]

Redirected to my PC- ludiqkomp. I guess this fills my internal IP.

[attachment=32891:portForwarding2.jpg]

Made an exception in my firewall.

[attachment=32892:firewallOn.jpg]

I'm doing a chatServer for my Paintball game, different names but the same thing, basically everything seems ok, I don't know what my pc wants anymore. And still when I check my router port 60000, it says that it is closed.

EDIT: Kylotan, you were right, all those websites I tried just check for TCP, I found an UDP checker, and it says my port is opened. Thanks, man.

Edited by codeBoggs

##### Share on other sites

GUYS, NOW IT WORKS. I JUST SENT A MESSAGE. Stupid firewall was the problem. Thanks very very much to everyone for the great help. Imagine I give you a big fat cookie.

I'm gonna code the shit out of this day  ^_^  and tomorrow too

Edited by codeBoggs

##### Share on other sites

Sometimes I miss the bad old days when network hubs were not switches, when computers didn't have firewalls, when all IP addresses were right there on the public internet.

Networking was so easy when I first learned it. You could just reach out to a dotted quad and a port and it would talk with you.

Of course, in the modern world, such systems would be attacked by random strangers on the internet within a few hundred seconds. Depending on the source the average time for an unpatched machine to be attacked with a raw connection like that is anywhere from two to five minutes. Sad.

Congratulations on getting through the configuration hurdles. Hopefully now everything will fall into place.  If you can implement raw communications, a basic chat with raw sockets, you can implement anything on top of it.

##### Share on other sites

when all IP addresses were right there on the public internet

IPv6 (now reaching about 10% of the internet!) gives you that again.
The IETF currently believes that IPv6 doesn't need any NAT.
The official recommendation is that "correct firewall configuration is the user's responsibility."
I think that's short-sighted, because one of the main benefits of NAT is that users by default have a reasonable stateful firewall preventing their Windows network shares from being accidentally exposed to the internet.

##### Share on other sites
//Made a post from my brother's acc by mistake.....

Edited by rusevMachka

##### Share on other sites

I thought the only reason someone came up with NAT is because IPs were not so much. Now that you added "security" to the equation, I started wondering: Ok, when you have a modem, all your devices connected to that modem are in a private network, because all of the modem's ports are closed and nobody from the outside can send a packet to any of your devices without your permission. Cool.

But when I tried connecting to my brother's laptop, I successfully connected using 192.168.something.something. So I actually sent that packet into the modem and the modem passed it into my brother's laptop, how does this works if all modem ports are closed? Why do I need to port forward to access the "outside", but not for PCs in my private net? Any ideas? :huh:

Edited by codeBoggs

##### Share on other sites
You're talking about sending messages across your internal network (the 192.168.x.x range is strictly for internal use). The ports that your modem (which is also a router) expose to the outside world are irrelevant for that.

Routers - in this case, your modem - are basically machines with 2 network interfaces. One for internal, one for external. Port forwarding is how it deals with taking unsolicited incoming traffic to the external interface and deciding who the internal interface will send it to (if anyone).

It does something very similar when you connect to a website and that website replies to your browser - except it's doing it automatically, remembering which of the internal computers asked for this data and passing it back to that computer when it arrives from the website. Edited by Kylotan

##### Share on other sites

So you say that passing packets between PCs in one internal/private network can happen even if all router ports are closed? :huh:

##### Share on other sites

When we talk about a 'router port' we usually mean a port on the external interface, one that is theoretically accessible by the rest of the internet.

On your internal LAN, you're not using that external interface at all. All your router does is forward the messages to where they need to go, via the internal interface.

Edited by Kylotan

##### Share on other sites
As already said above, the rules you specify in most consumer class modems/routers are for traffic from the external to the internal network interface. For simple consumer use-case it is usually explicitly wanted that any two devices on the internal network are allowed to communicate with each other freely.

##### Share on other sites

Ok. that's what I needed. Thanks, guys. ^_^

##### Share on other sites

This topic is 487 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

## Create an account

Register a new account

• ### Forum Statistics

• Total Topics
628645
• Total Posts
2984015

• 9
• 9
• 10
• 21
• 20