The Call of Duty games use 3074 for acquiring open NAT type to their games. However, when another instance of the game whether that's from a games console or PC, the second instance of the game won't be able to connect to the server on the same port as NAT is 1:1.
From reading on the internet Call of Duty uses the UDP ports range 3070-3080. This means that if UDP 3074 is already occupied on the first console, in theory the second instance of the game should be able to open up a port on the next available one in its range.
I have put this to the test but it's backfiring badly giving me strict NAT on one of my consoles.
These are steps I have taken and I can reproduce this every time:-
If I turn on my PlayStation 3 games console, load up a Call of Duty game and connect to multiplayer I have open NAT type
If I look at the Active UPnP Redirects list I can see my PS3's LAN IP address assigned to UDP 3074 under the Client Port and External Port
If I turn on my PlayStation 4 games console, load up a different Call of Duty game and connect to multiplayer I'm presented with strict NAT type
If I look at the Active UPnP Redirects list the second time round I can see my PS4's LAN IP address assigned UDP to 3074 under Client Port but under External Port it shows as UDP 307*
UPDATE
Here's the screenshot of the PS4 jumping to UDP 3191 but internally connected to UDP 3074
No surprise there, you cannot have 2 devices bound to the same external port. The first device to connect will get the port and the second will be bound to a different external port.
Yes that's exactly what happens except the second games console that initially opens 3074 can't so jumps to the next one which is showing as UDP 3191. However, I'm not getting open NAT and instead going to strict.
I statically assign most of my LAN devices and you can see from the posts above the PS3 and PS4 are next to each other. You said there a way to limit the ports the devices open. Would you mind sharing the iptable example please?
Could it then be applied to a specific IP address range? Obviously if the range of addresses migrated and I want a few IP that weren't in the IP range I could use ipset couldn't I?
In regards to original problem I have uncommented the iptables, clicked save an re-repeated my steps. Both devices are on open NAT type. Can you explain this odd behaviour of custom iptables? Basically turning the custom iptables off and back on has fixed it. However, my real question is will it stay fixed...
How can I simulate UDP port 3074 being in use so that my game redirects to another external port?
I've trying to block UDP port 3074 externally so that my game and games console will realise that the external port isn't reachable and will jump to the next available port.
Currently UPnP handles this well and I can replicate it each time by loading one game on one console and then loading the same game on a different console. I've tried blocking the port using LuCI traffic rules on port 3074. I have no idea if I'm doing it correctly and even if I am, I am quite certain that miniupnpd kicks in before my rules.
Unless you can configure the console directly, you cannot. The OS in the console will see port 3074 not utilized by any other application and bind to that.
I cannot comment as I don't know the fallback mechanism of the game.
Flows which use DNAT could be allowed before any drop rules you have configured.
You can check that with: iptables-save -t filter | grep wan_forward
Seen in a screenshot further up the thread which I've posted a cropped version below, you can see 192.168.1.18 being my PS4 redirects from UDP 3074 to 3191 as my PS3 on the IP address 192.168.1.17 is already using the port.
Both my PS3 and PS4 achieved Open NAT type. This has always been in possible in the past on ISP provided routers when a friend brought their games console over and both tried to play together on the same game. OpenWrt and miniupnpd seems to be handling this a lot better.
For a test I may disable the UPnP temporarily and try redirecting UDP port 3074 internally to one of the random ports miniupnpd opened up and see if I can still achieve open NAT.
I was just hoping that by either blocking UDP 3074 or manually mapping it to a LAN device one games console, when a second games console was introduced and has access to UPnP it would jump over to the next available on.
I have Open NAT on all consoles at the same time in Network Settings and Call of Duty.
I have MiniUPnP and MiniUPnP ACLs configured this way so that only Consoles can open ports and no one else, I use these static IP addresses "192.168.1.8" to "192.168.1.11" on the Consoles. (Network -> DHCP and DNS -> Static leases)
I didn't think of using CIDR set an IP address range
I have setup a mask of /29 and assigned two games consoles in the IP range with static IP addresses. Because the way DHCP works by assigning IP addresses to clients, is there a way I can ensure DHCP doesn't pick the extra IP addresses when there isn't a device assigned to it; something like a DHCP exclude list?
By default the DHCP in OpenWrt assigns an IP between 100 to 249, so you can use the IP addresses from 192.168.1.2 to 192.168.1.99 on your Consoles and in MiniUPnP ACLs, these IP addresses will never be used unless you write them manually on your devices or be used through Static leases in OpenWrt.
Network -> Interfaces -> LAN (Click in Edit) -> DHCP Server Tab -> General Setup Tab