1
If you want more details about CGNAT/NAT444/LSN, you can look at
http://en.wikipedia.org/wiki/Carrier-grade_NAT
The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.
#1 Have them in their NAT router forward the ports to the WAN IP of your router..
#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan WAN IP Address.
For example if you are a Residential Service Plan, consider going to a Business Service Plan.
#3 Consider switching to another ISP that can give you you a non bogan WAN IP Address.
#4 For the long term future, get IPv6 working.
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.
user-name@pc-name:~$ tcpdump -p -n -i eth0 port 5154
tcpdump: eth0: You don't have permission to capture on that device
(socket: Operation not permitted)
user-name@pc-name:~$ sudo tcpdump -p -n -i eth0 port 5154
[sudo] password for user-name:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:40:24.169428 IP 192.168.2.138.50157 > 192.168.2.255.5154: UDP, length 6
08:42:15.839461 IP 4.79.142.206.37174 > 192.168.2.138.5154: Flags [S], seq 1464127243, win 8192, options [mss 1460], length 0
08:49:05.773987 IP 90.145.69.116.51145 > 192.168.2.138.5154: UDP, length 0
08:49:06.938818 IP 90.145.69.116.36530 > 192.168.2.138.5154: UDP, length 0
08:57:57.580814 IP 198.199.98.246.42092 > 192.168.2.138.5154: Flags [S], seq 3027635480, win 14600, options [mss 1460,sackOK,TS val 4240686068 ecr 0,nop,wscale 8], length 0
08:57:57.712334 IP 198.199.98.246.42093 > 192.168.2.138.5154: Flags [S], seq 1267700791, win 14600, options [mss 1460,sackOK,TS val 4240686102 ecr 0,nop,wscale 8], length 0
08:57:57.840328 IP 198.199.98.246.42095 > 192.168.2.138.5154: Flags [S], seq 1515263633, win 14600, options [mss 1460,sackOK,TS val 4240686134 ecr 0,nop,wscale 8], length 0
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
user-name@pc-name:~$
a) If you are on Windows I point you to http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/
b) If you are not on Windows (Mac, Unix/Linux), go look lookup listen on port and then your OS name using Google (or your other favorite search engine).
c) If nothing is listening any TCP ports that you check with a web based port checker, then TCP ports does not show up as open.
d) Be advised that you can not have two servers listening on the same the port on the same computer. So for example before you use an inbond-client side port checker you must make sure that uTorrent is not running - which explains on http://portforward.com/softwareguides/utorrent/utorrent.htm that they sayQuoteIf uTorrent is currently open, you will need to completely close it at this time. Make sure that the green uTorrent icon is not still hiding in your notification area (next to your clock). If it is, right click on it and choose "Exit". Before moving forward to things like selecting torrents, seeders, and leachers, we need to verify that your port is open. We recommend downloading our free Open Port Check Tool to test if incoming connections are being allowed through your router on your uTorrent Listening Port
e) And generally if the program/app is running that you are trying to forward for, then the server is listening.
QuoteWhile he tells people that responding to ping is dangerous, he replys to ping.
That's a pretty minor point. The reason some people prefer to not respond to ping, is to avoid demonstrating their presence on the net. Gibson has a public site whose presence on the net is well known, so that reason for not responding to ping simply does not apply.
While Steve Gibson does sometimes say some useful things, he mostly seems to be making mountains out of molehills
I know of a given domain name. What is their IP Address for that domain?
If you want more details about CGNAT/NAT444/LSN, you can look at
http://en.wikipedia.org/wiki/Carrier-grade_NAT
The possible fixes to fix your issue if CGNAT/NAT444/LSN is present.
#1 Have them in their NAT router forward the ports to the WAN IP of your router..
#2 Upgrading the type of plan that you are on with your ISP so that you get a non bogan WAN IP Address.
For example if you are a Residential Service Plan, consider going to a Business Service Plan.
#3 Consider switching to another ISP that can give you you a non bogan WAN IP Address.
#4 For the long term future, get IPv6 working.
Run tcpdump (`tcpdump -p -n -i <interface> port 5154` would be a good command to start with). If you see incoming TCP SYN packets (not SYN/ACK), or incoming UDP packets from an IP which did not have an outgoing packet first, then the port is open.
user-name@pc-name:~$ tcpdump -p -n -i eth0 port 5154
tcpdump: eth0: You don't have permission to capture on that device
(socket: Operation not permitted)
user-name@pc-name:~$ sudo tcpdump -p -n -i eth0 port 5154
[sudo] password for user-name:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
08:40:24.169428 IP 192.168.2.138.50157 > 192.168.2.255.5154: UDP, length 6
08:42:15.839461 IP 4.79.142.206.37174 > 192.168.2.138.5154: Flags [S], seq 1464127243, win 8192, options [mss 1460], length 0
08:49:05.773987 IP 90.145.69.116.51145 > 192.168.2.138.5154: UDP, length 0
08:49:06.938818 IP 90.145.69.116.36530 > 192.168.2.138.5154: UDP, length 0
08:57:57.580814 IP 198.199.98.246.42092 > 192.168.2.138.5154: Flags [S], seq 3027635480, win 14600, options [mss 1460,sackOK,TS val 4240686068 ecr 0,nop,wscale 8], length 0
08:57:57.712334 IP 198.199.98.246.42093 > 192.168.2.138.5154: Flags [S], seq 1267700791, win 14600, options [mss 1460,sackOK,TS val 4240686102 ecr 0,nop,wscale 8], length 0
08:57:57.840328 IP 198.199.98.246.42095 > 192.168.2.138.5154: Flags [S], seq 1515263633, win 14600, options [mss 1460,sackOK,TS val 4240686134 ecr 0,nop,wscale 8], length 0
^C
7 packets captured
7 packets received by filter
0 packets dropped by kernel
user-name@pc-name:~$
a) If you are on Windows I point you to http://www.howtogeek.com/howto/28609/how-can-i-tell-what-is-listening-on-a-tcpip-port-in-windows/
b) If you are not on Windows (Mac, Unix/Linux), go look lookup listen on port and then your OS name using Google (or your other favorite search engine).
c) If nothing is listening any TCP ports that you check with a web based port checker, then TCP ports does not show up as open.
d) Be advised that you can not have two servers listening on the same the port on the same computer. So for example before you use an inbond-client side port checker you must make sure that uTorrent is not running - which explains on http://portforward.com/softwareguides/utorrent/utorrent.htm that they sayQuoteIf uTorrent is currently open, you will need to completely close it at this time. Make sure that the green uTorrent icon is not still hiding in your notification area (next to your clock). If it is, right click on it and choose "Exit". Before moving forward to things like selecting torrents, seeders, and leachers, we need to verify that your port is open. We recommend downloading our free Open Port Check Tool to test if incoming connections are being allowed through your router on your uTorrent Listening Port
e) And generally if the program/app is running that you are trying to forward for, then the server is listening.
QuoteWhile he tells people that responding to ping is dangerous, he replys to ping.
That's a pretty minor point. The reason some people prefer to not respond to ping, is to avoid demonstrating their presence on the net. Gibson has a public site whose presence on the net is well known, so that reason for not responding to ping simply does not apply.
While Steve Gibson does sometimes say some useful things, he mostly seems to be making mountains out of molehills
I know of a given domain name. What is their IP Address for that domain?
Hello everybody;
I need help with the B68A-24 router.
how to forwarding ports to a fixed IP?
see file attachment
thank you very much