Jump to content

NAT firewall on server


Rusty

Recommended Posts

I post this here cuz according to my subject line it belongs in this section, although I think it could also be put in Troubleshooting. Let me start from the beginning. I have no router. The modem Japan Telecom provided for my DSL service is a ComTrend 507. I have Windows XP SP2 with the corresponding Windows firewall and none other. My antivirus is AVG 7.1 (I used to have Norton AntiVirus 2005 but supposing that might be the problem even after turning off the internet worm protection and adding uTorrent to its exceptions, I completely uninstalled it and installed the highly-toted AVG). uTorrent is an exception in my Windows firewall. After that not helping I checked the box to make UPnP Framework an exception, and even added a port in the firewall for uTorrent using a friendly name such as BitTorrent, for TCP, and making sure that the scope covered any computer. I also checked off "allow outgoing destination unreachable" in my ICMP's. In my windows networking services I made sure that the UPnP User Interface and Internet Gateway Device Discovery and Control Client were components that were checked. (Later on even checked off the Peer-to-Peer component). I also made sure those 3 services (Plug and Play, SSDP Discovery Service, and Universal Plug and Play Device Host) were set to automatic under Performance and Maintenance-->Admin Tools-->Services. And I have set up a static IP. So, my modem is only a modem, not a router, nor both. After reading through the setup guides and FAQ's a million times, and reading hours and hours on these forums I've come to conclude I just might be screwed. I talked to my ISP and they said all ports should be open, that they don't throttle such services, and that other people are using bittorrent clients just fine. But I asked if they have a router somewhere since I read that since my IP addr starts with 10, it means such things. Then they told me they have a NAT firewall on the server - but that all ports should be open. All the ports I have tried appear to be closed - it shows me this through uTorrent's speed guide, and through a stealth test. I HAVE downloaded an 8GB file with my yellow triangle and red circles (if I restart uTorrent it starts yellow but seems to eventually turn red), but it certainly took time and it had a lot of seeders/leechers. Although my tracker status was always switching from "working" to "hostname not found" to "...target machine actively refused it" to "...unreachable network," etc. When things slowed down and seeders and leechers dropped off, I would alternate between having a static IP and not, to get things going again. But it seemed seeders always had me choked (found that's what the small "u" means), and I got most of my file from leechers only.

But so it seems I cannot download anything else. If I start the slackware torrent from the direct link for it, it starts right away, seeders stay on, and all. Download seems to peak at about 145kB/s. I have my settings set at uTorrent defaults for a 512k upload speed. If I try to add the torrent from where it gets stored in My Downloads and start it from there, it won't start - won't connect with others. I have not yet followed that mini-guide that guy posted for getting maximum results, as I figured that would be stupid seeing as I have yet to get the good 'ol green checkmark that has yet to be seen.

Is there anything you can do for me?

Link to comment
Share on other sites

What are the supposed maximum upload and download speeds for your connection? What have you set net.max_halfopen to, and what is your TCPIP.sys limit at?

And if you ever get the green checkmark, don't use the mini-guide. It's not recommended, and can screw things up instead.

Link to comment
Share on other sites

Really?-I thought you gave that guy props on his 9-pg guide to better speeds. Anyway, I have all my advanced settings at their defaults: net.max_halfopen to 8. And I'm sorry, how do I check what my TCPIP.sys limit is? My d/l speed is 1.5Mb/s best efforts but after 2 speed tests it was 1.165 and 1.38 and my u/l 359Kb/s. My ISP said typically for a 1.5Mb connection upload speeds are 512. (And in my post I mean the small "d," not the small "u" - all my seeders seems to choke me and get dropped and new ones are added then the same thing). Although right now I'm downloading a very highly seeded torrent and some are seeming to stay with me -(finally!).

Link to comment
Share on other sites

Indeed, I did think the guide was fine, but after a while, I/we realized a lot of the settings were a bit extreme. Were you running any other internet-enabled application while running the speed test? If so, stop them all and exit, and then run the test on its own. At this point, your connection looks more like a xx/384k than an xx/512k to me, but we need further tests to be sure. You can find out your TCPIP.sys limit by using the utility at http://www.lvllord.de

Anyway, back to the NAT issue... I asked the other stuff because it's always possible that you're overloading your connection, thus blocking connections, and making it seem like you're firewalled. That's very unlikely, though, so if your modem really isn't a modem+router combo, and you have no firewalls installed, then your ISP is likely lying to you, or there's something else between them and your modem that's blocking.

Link to comment
Share on other sites

I'm definitely no computer whiz - you want me to try to download the latest update of TCPIP.SYS? And no I wasn't running anything else when doing the speed test. Is it really possible that I'm overloading my connection having it at 512 instead of 384? - just seems like not too big of a difference to cause such a huge problem. But of course I will run another test and change it if needs be. But like I said, my ISP did tell me that they have a firewall on the server, but of course, once again, that all ports are open....

So am I really only going to be able to download recent torrents that are majorly popular (tons of seeders and peers)? Because how it typically works for me is I'll have 19 peers and 4 seeders that I've been able to connect to (even though there's way more possible that I SHOULD be able to connect to), yet I'm only being able to download from like 3 of them - thus causing my d/l speed to be horrible and taking forever (if ever getting there) to download it.

(10 min. later) Seems I need to edit this. I was reading thru the FAQ's on the lvllord website and it seems I shouldn't have upgraded to SP2. Oh well. Anyway, I checked my Event Viewer, and although I don't know what my TCPIP.Sys limit is (um, although I did read this: "Since XP SP2 there are only 10 concurrent TCP connection attempts possible, while in SP1 it has not been limited"), it doesn't indicate that it has been reached (I checked the last 2 wks). So it looks like I'm not reaching my limit. So that would mean I'm not overloading my connection right??

Link to comment
Share on other sites

Nah I wasn't trying to get you to patch TCPIP.sys, just telling you to use the patch to check the current limit, but since it's not overloaded, the problem likely doesn't lie with your configuration. I really suspect something outside your control is causing the NAT issue, be it your ISP, or something between you and them.

Link to comment
Share on other sites

It's so frustrating that with the amount of hours/days that I've spent on this I can't find resolution. I feel like if I wasn't in Japan and back in the states that all would be fine. So I really will have to just try my luck with all sorts of different torrents and will most of the time have to suffer from extremely poor d/l speeds? And when I pick up seeders and peers yet aren't downloading from them because it shows choked in the Flags column, it's because of some sort of blockage somewhere?? And why is it that when I have 30 seeders and 40 peers connected that 20 min later I only have 9 and 5? Because they no longer have what I need so the client gets rid of them?-or they get choked and dropped off? Are THEY choking me or am I them?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...