Own IP address for extra payment (for Playstation Network)

[athei 0]

I have the problem that I can't connect to my friends inside the playstation network because our provider employs a carrier grade NAT and only supplied a public routable IPv6 subnet. The IPv4 IP is shared. This somehow prevents connecting to users that use the same provider. Unfortunately the Playstation Network is IPv4 only (shame shame shame). 

 

If I would be using AirVPN it would not work either I guess because the Playstation Network uses fixed ports for incoming connections. IF only the Playstation4 would use UDP hole punching with dynamic ports. As far as I know this stupid thing just tries to establish a port forwarding using UPnP and that's it.

 

Do you have any idea how I can fix this with AirVPN? Getting an own IPv4 that is routed to my OpenVPN client only would certainly resolve the situation. 

 

 

 

 

[LZ1 663]

Hello!

 

Firstly, this sounds like something you should perhaps consider contacting the other relevant parties about; such as Sony or your ISP. Maybe they'll have a fix for you. This is good to do, even if Air has a solution for you, since the relevant parties might not know any better and so it might provoke a change. Who knows.

 

Secondly, I've never heard of Air giving any one their own private or personal whatever, so I think it's unlikely. But if they were to hand out private favours of any sort, they most certainly wouldn't do it publicly, like in this forum. It would likely cause a feeding frenzy. So if anything, I suggest you contact Air support instead, as they're very competent .

 

As a side note, I normally turn off UPnP. Feels uncomfortable with programs just opening ports when they please.

 

Sent to you from me with datalove

[go558a83nk 352]

I know some ISPs run IPv4 in this manner and usually they will forward ports for users.  You just have to ask them.  Is this not the case for your ISP?

[zhang888 1065]

There are about 10k users on Air while we speak and an issue like this comes for the first time, at least from what I saw until now.

Port forwarding is available if you choose to do so as well.

If this was some kind of a common issue I guess more threads would be opened about it - such as with Netflix.

 

Can you provide more details about the issues you are experiencing?

 

I can't connect to my friends inside the playstation network

 

From your description it is not very clear where the issue might be.

Normally, if your issue is technically same as this description, it means that your friends are behind NAT/Firewall and

this is why you cannot connect to them. This is why either they, or you, should have a forwarded port for a proper

communication where one of the parties is behind NAT.

[athei 0]

The problem is. I never get someone on the phone with my ISP who has a basic clue about networking. Typical call center monkeys that feed me generic answers like I should upgrade my OS and get angry when I tell them that it has nothing to do with that. I highly doubt that I get someone at the phone at Sony who has a clue about even the internet protocol. 

 

Some more details as requested:

Connection to the Playstation Network works fine. What is not working is everything that requires a direct connection between two players (party chat, playing coop). At least not when both me and the other player are using an ISP with a carrier grade NAT. This gets very common in Germany.

 

Sony does not provide any technical details about how the direct connection is established but my guess is that they do not have any NAT traversal strategy but opening ports in the typical home router. I see that these ports are opened in my router via UPnP when I do the network diagnostics on the PS4. The results of the tests are basically just depend on the fact if UPnP is enabled or not. Great job sony. 

 

I did not exactly test this with AirVPN but my guess is that it would not work for the same reason as it fails with the carrier grade NAT: The PS4 assumes that it's default gateway holds a public routable IP:

 

1. PS4 opens random port
2. Establish port forwarding at default gateway with UPnP
3. Tells peer the port and public IP (of the AirVPN server) 
4. Listens at the port for an incoming connections
5. ...... Nothing happens..... (of course)

 

The only thing from sony I can find is this: http://manuals.playstation.net/document/en/ps4/settings/nw_test.html

 

It just lists the ports for client/server communication (boring). For direct connections it states:

For online activities such as competing with other players while your system is connected directly to other PS4™ systems, a different port number is used each time you connect.

[zhang888 1065]

With the growing CG-NAT deployments of various ISPs, I doubt how long Sony can keep up with such policy, if it exists.

This is what "killed" home FTP servers and other home hosted services that were so popular 10+ years ago.

 

Most likely there is some kind of workaround for this (custom ports, beacon servers, etc).

[athei 0]

Custom ports would solve the problem at least when I route the traffic via AirVPN. But that solution is not available to the normal user. So I do not think Sony is prepared for that. Nevertheless I will contact them and ask about it. 

 

I personally know many people who have this problem. Basically every DOCSIS customer in Germany with a contract after 2013 has a CG-NAT. I think the shit storm did not happen so far because it is not so easy to reproduce because it works "some times". That means when you have someone in your party who has a sane ISP. Or when you just match make. But when you want to play with a specific friend it can be really frustrating. How would the normal user draw the correct conclusion from that?

[zhang888 1065]

For German ISPs policy and experience,  @giganerd might be the best person to ask.

Again, it seems very odd that all CG-NAT customers will be totally "banned" from Sony services.

 

I am not sure what is the main market of Sony, but the situation is almost the same in the US.

CG-NAT is a standard for various ISPs, like Verizon, AT&T and most probably also Comcast.

This would be very harsh move from Sony's side to block all users that don't have direct open ports.

I am sure there must be some solution for it, however only a Sony user can confirm which approach actually works.

[OpenSourcerer 1366]

I noticed CG-NAT approaches with almost all cable internet connections and mobile carriers in Germany. Cable providers here like to talk about routers being "part of their essential networking equipment", therefore a replacement by the customer is not tolerated. Maybe the same way of thinking let them to implementing CG-NAT. DSL connections always had a public IPv4 address so far, we've been spared from this for now. I tested DTAG (of course ), Vodafone, 1&1, O2 and some local ISPs like HTP so far.

 

Btw, I don't know if you heard it on the other side of the planet, but they argue with the Federal Network Agency about this "router enforcement". The FNA wants the customers to be able to freely choose which router they want to use, and some (untenable) arguments by cable internet providers to counter this are laughable

[zhang888 1065]

So if we summarize, the OP is currently on a CGN ISP

so routing PS traffic outside the tunnel isnt going to help much. From what giganerd says, only DSL providers have accessible IP adresses. Not very promising picture.

[NaDre 154]

I have the problem that I can't connect to my friends inside the playstation network because our provider employs a carrier grade NAT and only supplied a public routable IPv6 subnet. The IPv4 IP is shared. This somehow prevents connecting to users that use the same provider. Unfortunately the Playstation Network is IPv4 only (shame shame shame). 

 

If I would be using AirVPN it would not work either I guess because the Playstation Network uses fixed ports for incoming connections.

...

 

I am not sure AirVPN would encourage discussing how to set up OpenVPN as a server on a VPS. Since this could be seen as a competing alternative to AirVPN. But if you do this you will have your own IPv4 address on which you can forward any port.

 

I hasten to add that I would not advise using a VPS as an OpenVPN server with the idea in mind that it is as effective for privacy as using AirVPN. It is not. I use AirVPN from a VPS (as a client) for that reason.

 

If you require privacy, you will have to sort out how to bring AirVPN into the mix. Running either at home or on the VPS. And this would raise issues of how to use the non-VPN interface at the same time as the VPN interface. But this is something we could discuss in this forum with no worries.

 

If you have the technical skill, there are VPS providers like VULTR and DigitalOcean that allow you to pay by the hour (until you "destroy" the VPS), and cap the cost for the lowest price VPS at $5 US per month. So you could play with this for a day or two at little cost.

[athei 0]

As a matter of fact I already had this solution in place for some time and it worked (to some degree). I had a cheap VPS at OVH and the performance was very very bad + the tunnel was dead from time to time without being reconnected automatically. I put hours into that but I could not find the problem.

 

On the other hand the connection to AirVPN works with full line speed (100mbit) using the same ports and protocol (OpenVPN, UDP, 443) from the same machine. I even tested a direct OpenVPN connection between two computers on the same ISP (via IPv6 then ofc). I came to the conclusion that AirVPN just applies some superior tuning to their servers that makes it work fast since my client config was the same. I even had a posting at serverfault. If you are interested: http://serverfault.com/questions/754152/openvpn-low-performance-do-i-have-mtu-problems-dumps-inside

 

In the end I do not want to spend that amount of time into server administration just to fix a problem that is basically Sonys to fix. I do not want to switch ISPS though because in some sense I am lucky because I have true FTTH: Just a 1000Base-BX10 connection ending in my apartment. I can even plug it in my own switch using a appropriate SFP. They just use standard 6RD. It's beautiful.

[NaDre 154]

I did not attempt to fully understand your post on Server Fault. Some tools I was once familiar with. But not now. And I never was network guru.

But, by chance, I have several VPS right now because the one I had at VULTR is on wheezy, and since I feel I should move to jessie, I thought I would play a bit.

I just downloaded a 1GB file from one VULTR SSD VPS to another (on seemingly very different subnets, but both reputedly in London) and got an average speed of 49.5MB/s, as reported by sftp.

 

Downloading the same file from one VULTR VPS to an OVH VPS in Quebec, I got 4.6MB/s. I don't have an OVH server in France. And since I would have to pay for the full month, I am not going to try this. But I have to think this startling difference in speeds says something.

[athei 0]

I see but OVH does not seem to be the problem because outside of the tunnel I get full line speed. Also direct connections I did not get full speed. I think I will try again when I have some time at hand. Maybe with IPSEC. But the config will be even more complex.