422,946 Members | 1,099 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 422,946 IT Pros & Developers. It's quick & easy.

2 computers on same network connectnig to each other via internet

P: 18
I have written an application that runs in a kind of peer-to-peer framework. Servers connect to a masterserver, which a client then queries to receive a list of servers. The client selects a server and connects to that server directly and both the server and client sever their connections with the masterserver.

Problem: I have the masterserver set up at a location and it is not behind a router or firewall or anything, just directly connected to the internet. I have in a separate location (separate internet connection, too) a server and a client computer on the same network. Both can connect to the masterserver fine. A TCP connection is maintained with clients whilst UDP packets are sent out periodically to both clients and servers. The TCP connection is fine and the UDP packets are always received by the same computer, and always not received by the other one (regardless of which one is the server and which one is the client). When the direct (TCP) connection between the client and server is attempted, however, it doesn't work: "Connection forcefully refused" error message. The standard ports that the application uses are opened for both TCP and UDP on the router. My thoughts are that whilst these ports are set to forward to both computers in the router setup, only one computer receives the UDP packets sent out by the MS and so I'm wondering if the perhaps only one computer is receiving the TCP packets necessary to establish a connection as well.

Notes: If I run the masterserver on the network behind the router and try to connect to it (as either server or client) from the computer directly connected to the internet the connection is fine (I haven't tested the server-client connection from computers on different networks yet). When the masterserver is run on the same network as the server and client and a local address (192.168.x.x) is used for the masterserver everything works perfectly. In the same situation when a non-local IP is used neither computer can connect to the masterserver as either server or client.

I would really appreciate any help on this issue since the application is meant to support two computers on the same network connecting to each other via the external masterserver.

Regards,
AJ

P.S. The router is Open Networks in case that helps.
Apr 3 '09 #1
Share this Question
Share on Google+
24 Replies


NeoPa
Expert Mod 15k+
P: 30,867
It sounds like one of the machines is not accessible (the one that never receives any UDP packets).

Can you share which subnets the three machines are on. Please include the actual IP address subnets, as well as those which are needed to address them publicly across the internet. This is for working out whether the correct addresses are being shared with the other machines (client/ server etc).

If you are uncomfortable sharing these publicly then please feel free to PM me with the information.
Apr 13 '09 #2

P: 18
Thanks for your suggestion NeoPa.

OK, an update on the problem:
It turns out that you can't forward the same port to multiple computers.
I solved this problem by allowing the user to specify which port
their machine uses for communication and then forwarding the
appropriate ports.

So now all computers in all situations can communicate via TCP
and UDP correctly with the masterserver. When a client tries to
connect to a server behind the same router (even if the server is
running on the same computer as the client), however, I receive
the "Connection forcefully refused" message. So things have
progressed but are not quite there yet.

I have debugged the server application and can confirm that it
never receives any connection request from the client computer,
so I presume the problem is once again with the router setup.
Also, if I run "netstat -a" I can see the server listening for a
TCP connection on the correct port. When the router is not
present everything works as intended.

Also, if the masterserver is moved behind the router, computers
behind the same router cannot connect to it. Is it possible that
computers behind the same router cannot establish a connection to
each other using the external IP?

Thanks again for any help with this new issue,
AJ
Apr 16 '09 #3

NeoPa
Expert Mod 15k+
P: 30,867
Let's determine if it is all happening in the firewall (router), as I suspect.

Try setting it all up, then turning off the machine that normally reports the connection is forcefully closed (I mean one your client PC is trying to connect to).

If you get the same message when the machine is powered off, then you can be fairly sure the error message is originating from the firewall.
Apr 16 '09 #4

P: 18
I tried turning the machine off and I get the same message, so I guess the problem is with the firewall. Do you have any idea what could cause this problem or how to fix it?
Thanks,
AJ
Apr 17 '09 #5

NeoPa
Expert Mod 15k+
P: 30,867
I can only suggest that the port-forwarding is configured correctly.

This is not something I can help much with as I'm not familiar with the specific firewall, nor exactly what subnets are in use here.

How many firewalls do you have in total, for your three separate machines?
Apr 17 '09 #6

P: 18
The two machines that are behind the router just have the router (and the Windows firewall), the other machine just has the Windows firewall.

As far as the port forwarding configuration, I have set up rule for each computer for the relevant port and selected TCP/UDP. Since the computer uses the same number TCP port as UDP port and the UDP works, I don't understand why the TCP doesn't. Maybe I could try setting up separate rules for UDP and TCP.
Apr 18 '09 #7

NeoPa
Expert Mod 15k+
P: 30,867
@Asja
As I understand it you have three machines. A Master (controlling) Server, a Server and a Client. This answer doesn't make clear which of the machines are behind the firewall/router.

It may be worth turning off the Windows Firewall for those machines behind the firewall router anyway. At least during the development/testing stage.

As a general rule, I would advise configuring a single firewall properly, and not deploy multiple levels. This only says you don't have much confidence in either. Furthermore it makes working out exactly what's going on that much harder.
@Asja
I would certainly try that, if for no better reason than it will help you to determine where your problem lies. Finding solutions is often as much about finding what isn't the problem, as it is about finding what is.
Apr 18 '09 #8

P: 18
The Master Server is behind just the Windows firewall,
The Server and Client are behind the router and Windows firewall.

I will try disabling the Windows firewall for the server and client as you suggest.

I said UDP was working but TCP wasn't. My mistake, none were/are working.

Thanks again for all your help so far,
AJ
Apr 19 '09 #9

NeoPa
Expert Mod 15k+
P: 30,867
No worries Asja. Let me know how you get on.
Apr 20 '09 #10

P: 18
I tried disabling the Windows firewall for all computers, but it makes no difference.
Apr 23 '09 #11

P: 18
I just tried connecting to a server behind the router using an external computer and it works, so it only fails when the client is behind the same router as the server.
Apr 23 '09 #12

NeoPa
Expert Mod 15k+
P: 30,867
@NeoPa
That sounds very much like an answer to my post #2 (quoted) might be helpful. Please be very careful to get these details right, as they have been know to confuse people. If you need any help, just ask.
Apr 23 '09 #13

P: 18
------
Router
------
External IP: 118.208.x.x (the last two numbers change periodically)
Network IP: 192.168.1.254

I got these details by running ipconfig on each of the machines:
------
Server
------
Network IP: 192.168.1.101
Subnet Mask: 255.255.255.0

------
Client
------
Network IP: 192.168.1.103
Subnet Mask: 255.255.255.0
Apr 24 '09 #14

NeoPa
Expert Mod 15k+
P: 30,867
Are there not 3 machines involved in this situation? The master server details seem to be missing (quite important info).
Apr 24 '09 #15

P: 18
The master server IP is 114.76.x.x
Subnet mask: 255.255.240.0
It is just directly connected to the internet, no router/network.
Apr 27 '09 #16

NeoPa
Expert Mod 15k+
P: 30,867
This seems to be saying the Master Server is physically located at a different location from the other two machines. That's fine, but can you say which IP address/Port combinations are returned when the request is made of the Master Server by the Client?

Also, how does the Server that's selected, get the IP address/Port combination of the Client?

You do appreciate I presume that the 192.168.1.x addresses are never known to the Master Server, so will never be used for the Server/Client communications?

PS. To proceed I will need answers to all questions. Leaving out any of the answers will only prolong the process.
Apr 27 '09 #17

P: 18
The master server is located physically in a different location from the other two machines. I will explain again what takes place, by the time the error occurs, the master server is no longer part of the communication.

1) Master Server listens for TCP connections from clients and UDP packets from servers.

2) The server listens on a TCP port for a client connection and sends UDP packets to the Master Server. These packets contain information about which port the server is listening on that the client will need to connect to.

3) The client establishes a TCP connection to the Master Server.

4) The Master Server sends to the client a list of all the servers, including the server's IP and the port the server is listening on for a client connection.

5) The client selects from the list the server to which it wishes to connect.

6) The client terminates the connection to the Master Server.

7) The client extablishes a connection to the server using the IP/port combination received in step 4 from the Master Server.

8) The server accepts the connection and stops sending UDP packets to the Master Server.

The error occurs in step 7 if the client and server are behind the same router. It should be noted that the port on which the server is listening for a client TCP connection is forwarded by the router to the server.

@NeoPa
See step 4.

@NeoPa
The client connects to the server, so this is not explicitly needed, but is received when the connection is established.

@NeoPa
Yes, I am aware of this.
Apr 28 '09 #18

NeoPa
Expert Mod 15k+
P: 30,867
@Asja
This is true, but it is nevertheless an important part of the equation.

Consider that the Server machine is passing an IP Address / Port combination. If this is all within the data of the packet then the IP Address part will reflect the internal (192.168.1.x) address rather than any external one (118.208.x.x). The data portion of packets are not changed by the router. Only the header info can be. If however, the data passed is simply the Port address (more likely I would expect as otherwise only locally connected devices could be made to work), then the IP Address would be taken from the packet header, which would be adjusted by the router in line with NAT. Essentially the internal 192.168.1.x address replaced by the 118.208.x.x one. The port, within the data, would remain unchanged.

Assuming for the moment that the router has been set up correctly to convert any external TCP/IP messages addressed to that (external) address with that port, through to the original (internal) Server IP address on the same port, then communication should be possible from external locations.

Now consider the situation you are in.

Your Client machine has the same information that any other clients on the internet would have (118.208.x.x:Port#). In this specific case though, the proper way to address the Server from the Client would be to use the internal address (192.168.1.x:Port#). Using the external address instead, the Client traffic is transferred to the router to handle. The router recognises its own external IP Address, so knows to handle it itself, but when it checks its rules to see if there is a mapping for that port, it's not looking for a rule handling that port from the external interface. It must check rules for the internal interface.

The chances are that this rule has not been configured for the internal interface at all, but is set up explicitly for the external one only. In that case, the router would throw a wobbly and complain with a "Connection forcefully refused" message. After all, the router itself is trying to handle the traffic for that port in this case.

Does that sound like it may explain your situation?
Apr 28 '09 #19

P: 18
Yes, that sounds exactly like what's happening. I don't suppose you know how to set this up, I can't see anything resembling "internal interface" in my router's setup options and port forwarding only has a WAN connection option? Is it possible for a router not to have this functionality?
Apr 29 '09 #20

NeoPa
Expert Mod 15k+
P: 30,867
It depends on the router I think. My home routers have never had this facility.

For testing, it may be necessary (although possibly complicated depending on your setup) to set up an alternative route to the internet for the different machines. That way they would use separate routers and the problem would not occur.
Apr 29 '09 #21

P: 18
Thanks for all your help NeoPa.
Apr 29 '09 #22

NeoPa
Expert Mod 15k+
P: 30,867
No worries Asja.

Did you manage to find a way past this?
Apr 30 '09 #23

P: 18
No. But at least I know for sure now it's not a code problem. I guess whoever uses my software will just have to have their network set up appropriately if they wish to connect two computers behind the same router, and if this problem arises I may at least be able to point them in the right direction.
Apr 30 '09 #24

NeoPa
Expert Mod 15k+
P: 30,867
Ah 8-)

I'm glad it seems to have helped somewhat at least.
Apr 30 '09 #25

Post your reply

Sign in to post your reply or Sign up for a free account.