Comments on: The Saga of the Nintendo DS and the Linksys WRK54G, part 2 http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/ Thu, 04 Dec 2008 02:58:10 +0000 http://wordpress.org/?v=2.5.1 By: Ed http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/#comment-852 Ed Thu, 23 Feb 2006 22:06:05 +0000 http://www.thetlog.net/?p=228#comment-852 While I've neither a linksys wrk54g nor a nintendo ds, I do have an openbsd edge router and enjoy online gaming through an old netgear 11-mbit router that I essentially use as a bridge by connecting it to my openbsd machine via a regular port and not the internet port. One pf behavior worth noting is the way it "translates" the port numbers of packets originating from the internal network to different port numbers for packets meant for the internet. This can be disabled by adding "static-port" to the end of the nat line for your gaming network in your pf.conf. It's important that you don't static-port more than one nat line as it will result in a kernel panic should two internal hosts decide to use the same port to connect to an internet host. Using "static-port" in your pf.conf nat line resolves most issues with connecting to online games, as Jay P seems to have. As for having to periodically ping your router, this shouldn't be necessary at all. I would investigate this from the openbsd machine with tcpdump or ethereal (if you've got X11 handy) and pay particular attention to arp requests. While I’ve neither a linksys wrk54g nor a nintendo ds, I do have an openbsd edge router and enjoy online gaming through an old netgear 11-mbit router that I essentially use as a bridge by connecting it to my openbsd machine via a regular port and not the internet port. One pf behavior worth noting is the way it “translates” the port numbers of packets originating from the internal network to different port numbers for packets meant for the internet. This can be disabled by adding “static-port” to the end of the nat line for your gaming network in your pf.conf. It’s important that you don’t static-port more than one nat line as it will result in a kernel panic should two internal hosts decide to use the same port to connect to an internet host.
Using “static-port” in your pf.conf nat line resolves most issues with connecting to online games, as Jay P seems to have. As for having to periodically ping your router, this shouldn’t be necessary at all. I would investigate this from the openbsd machine with tcpdump or ethereal (if you’ve got X11 handy) and pay particular attention to arp requests.

]]> By: Pedro Timóteo http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/#comment-698 Pedro Timóteo Tue, 03 Jan 2006 14:21:38 +0000 http://www.thetlog.net/?p=228#comment-698 Let's see... I ended up not using static ARP; it gave me other problems. I still don't know whether the fault is with the router, or the DS. As for pf rules, there's nothing special there at the moment. The only rules that affect this are: <code>pass in all keep state queue(q_def, q_pri) pass out all keep state queue(q_def, q_pri)</code> (the <code>(q_def, q_pri)</code> are there because I prioritize acks, but that isn't relevant here) I'm also doing NAT for the wireless network: <code>nat on $ext_if from 192.168.1.0/24 -> ($ext_if)</code> and have a fixed IP on the DS. And now the dumb part: I have a cron to ping the router's internal IP every minute... it was the only way I could find; otherwise, it would only work, as Adam says, just after a configuration change - not a couple of hours later. This way, it works. As I said, I tried static ARP, and it didn't work then. Let’s see…

I ended up not using static ARP; it gave me other problems. I still don’t know whether the fault is with the router, or the DS.

As for pf rules, there’s nothing special there at the moment. The only rules that affect this are:

pass in all keep state queue(q_def, q_pri)
pass out all keep state queue(q_def, q_pri)

(the (q_def, q_pri) are there because I prioritize acks, but that isn’t relevant here)

I’m also doing NAT for the wireless network:

nat on $ext_if from 192.168.1.0/24 -> ($ext_if)

and have a fixed IP on the DS.

And now the dumb part: I have a cron to ping the router’s internal IP every minute… it was the only way I could find; otherwise, it would only work, as Adam says, just after a configuration change - not a couple of hours later. This way, it works. As I said, I tried static ARP, and it didn’t work then.

]]> By: Adam http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/#comment-695 Adam Mon, 02 Jan 2006 22:04:14 +0000 http://www.thetlog.net/?p=228#comment-695 I've just gotten one of these routers as well in the hope that it would work with my new DS (it's replacing an el-cheapo Edimax 802.11b AP which would the DS could only see if I forced it to 2Mb/s link speed...) The AP is hooked up to one side of a Linux box that's acting as a firewall to keep random wardrivers off my LAN. It seems to be behaving rather strangely, to say the least. If the router has just reset itself (after any config change), the DS will generally connect quite happily. On subsequent attempts it seems to sit there sending repeated ARP requests asking for the Linksys' MAC before finally giving up. (If I see one more packet trace today I swear my eyes will start to bleed.) Giving the DS a static IP address unsurprisingly doesn't help things. So far I'm 0 for 3 (I borrowed a different Edimax 11g AP too) in terms of AP compatibility with the DS. Everything else I have that talks WiFi has been perfectly happy on every occasion, of course. I’ve just gotten one of these routers as well in the hope that it would work with my new DS (it’s replacing an el-cheapo Edimax 802.11b AP which would the DS could only see if I forced it to 2Mb/s link speed…) The AP is hooked up to one side of a Linux box that’s acting as a firewall to keep random wardrivers off my LAN.

It seems to be behaving rather strangely, to say the least. If the router has just reset itself (after any config change), the DS will generally connect quite happily. On subsequent attempts it seems to sit there sending repeated ARP requests asking for the Linksys’ MAC before finally giving up. (If I see one more packet trace today I swear my eyes will start to bleed.) Giving the DS a static IP address unsurprisingly doesn’t help things.

So far I’m 0 for 3 (I borrowed a different Edimax 11g AP too) in terms of AP compatibility with the DS. Everything else I have that talks WiFi has been perfectly happy on every occasion, of course.

]]> By: Jay P http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/#comment-689 Jay P Fri, 30 Dec 2005 21:03:51 +0000 http://www.thetlog.net/?p=228#comment-689 Do you think you could post your pf.conf (or at least the relevant sections of it) that you're using? Also whatever you've done for the static ARP? I have a similar situation. I have an OpenBSD box running at the front, as my firewall. I have a D-Link wireless router essentially operating as a wireless switch (I have one NIC on the OpenBSD box plugged into port 1 on the D-Link, ie. one of the "normal" ports, and another NIC on the OpenBSD box connected to the "internet"). I'm having horrible connection problems with the DS. I can usually connect to the WFC, but getting it to match me up with players almost never works. I'm currently using the dhcpd on the OpenBSD machine to assign a static IP to the DS, and I'm letting everything pass, when it's destined for the DS. I've even tried rdr'ing all UDP traffic coming in to the DS. If I try taking the OpenBSD machine out of the equation, and plug my cable modem directly into the D-Link, things seem to work better. Any thoughts? Thus far, you're the only other person I know of that is using an OpenBSD firewall with a DS. Jay P. Do you think you could post your pf.conf (or at least the relevant sections of it) that you’re using? Also whatever you’ve done for the static ARP?

I have a similar situation. I have an OpenBSD box running at the front, as my firewall. I have a D-Link wireless router essentially operating as a wireless switch (I have one NIC on the OpenBSD box plugged into port 1 on the D-Link, ie. one of the “normal” ports, and another NIC on the OpenBSD box connected to the “internet”).

I’m having horrible connection problems with the DS. I can usually connect to the WFC, but getting it to match me up with players almost never works. I’m currently using the dhcpd on the OpenBSD machine to assign a static IP to the DS, and I’m letting everything pass, when it’s destined for the DS. I’ve even tried rdr’ing all UDP traffic coming in to the DS.

If I try taking the OpenBSD machine out of the equation, and plug my cable modem directly into the D-Link, things seem to work better.

Any thoughts? Thus far, you’re the only other person I know of that is using an OpenBSD firewall with a DS.

Jay P.

]]> By: Joe Anderson http://www.thetlog.net/2005/12/19/the-saga-of-the-nintendo-ds-and-the-linksys-wrk54g-part-2/#comment-637 Joe Anderson Mon, 19 Dec 2005 21:50:39 +0000 http://www.thetlog.net/?p=228#comment-637 I have a Linux model. Was quite cheap too. I have a Linux model. Was quite cheap too.

]]>