My Stealth Port Mystery...SOLVED!

[Dexdexter]

Hello everybody!

I installed Transmission a few days ago, and I'm looking for a little help in getting the port open in my set-up.

After scouring this forum for all relevant posts on the "stealth port" topic going back 3 months, and following the on-board Transmission Help advice to my (somewhat limited) newbie understanding, I have still somehow managed to fall short of success.

My gear:

-MacBook 2.0GHz (Leopard 10.5.2)
-Mac mini 1.83GHz (Leopard 10.5.2)

-AirPort Extreme (saucer-shaped previous gen, 802.11g)
-AirPort Express (previous gen, 802.11g)

-Belgacom ADSL modem (Thomson/Alcatel SpeedTouch 510)

My set-ups:

upstairs: modem>AirPort Extreme (via ethernet)>MacBook
downstairs: AirPort Express (WDS from AirPort Extreme)>Mac mini

Steps I have taken thus far:

1) assigned a static IP address for each computer
2) set-up port forwarding for the MacBook on both the AirPort Extreme and ADSL modem (Transmission will not be installed on the Mac mini)
3) enabled NAT port mapping protocol on the AirPort Extreme and configured the port mapping for my MacBook's static IP address
4) restarted/rebooted all computers, routers, and modem
5) selected and deselected "Automatically map port" in Transmission advanced preferences
6) re-read Transmission Help and relevant threads here

...and still no joy.

So here are the contents of a recent log for your perusal:

2008-04-25 14:32:42 +0200 fdlimit.c:494 [Debug] Transmission: 400 usable file descriptors
2008-04-25 14:32:42 +0200 fdlimit.c:489 [Debug] Transmission: setrlimit( RLIMIT_NOFILE, 912 )
2008-04-25 14:32:42 +0200 trevent.c:161 [Debug] Transmission: Starting libevent thread
2008-04-25 14:32:42 +0200 platform.c:128 [Debug] Transmission: Thread 'libeventThreadFunc' started
2008-04-25 14:32:42 +0200 transmission.c:178 [Info] Transmission: Transmission 1.11 (5504) started
2008-04-25 14:32:43 +0200 net.c:181 [Info] Transmission: Bound socket 10 to port 59152
2008-04-25 14:32:43 +0200 shared.c:119 [Info] Port Forwarding: Opened port 59152 to listen for incoming peer connections
2008-04-25 14:33:16 +0200 natpmp.c:70 [Info] Port Forwarding (NAT-PMP): initnatpmp succeeded (0)
2008-04-25 14:33:16 +0200 natpmp.c:70 [Info] Port Forwarding (NAT-PMP): sendpublicaddressrequest succeeded (2)
2008-04-25 14:33:16 +0200 shared.c:96 [Info] Port Forwarding: State changed from "Not forwarded" to "Starting"
2008-04-25 14:33:24 +0200 natpmp.c:139 [Info] Port Forwarding (NAT-PMP): Found public address "10.0.0.39"
2008-04-25 14:33:24 +0200 natpmp.c:112 [Info] Port Forwarding (NAT-PMP): If your router supports NAT-PMP, please make sure NAT-PMP is enabled!
2008-04-25 14:33:24 +0200 natpmp.c:113 [Info] Port Forwarding (NAT-PMP): NAT-PMP port forwarding unsuccessful, trying UPnP next
2008-04-25 14:33:24 +0200 natpmp.c:72 [Info] Port Forwarding (NAT-PMP): readnatpmpresponseorretry failed (-51): Resource temporarily unavailable (35)
2008-04-25 14:33:24 +0200 natpmp.c:68 [Debug] Port Forwarding (NAT-PMP): readnatpmpresponseorretry responded "try again"
2008-04-25 14:33:24 +0200 natpmp.c:70 [Info] Port Forwarding (NAT-PMP): readnatpmpresponseorretry succeeded (0)
2008-04-25 14:33:24 +0200 natpmp.c:70 [Info] Port Forwarding (NAT-PMP): sendnewportmappingrequest succeeded (12)
2008-04-25 14:33:32 +0200 upnp.c:102 [Info] Port Forwarding (UPnP): If your router supports UPnP, please make sure UPnP is enabled!
2008-04-25 14:33:32 +0200 shared.c:99 [Error] Port Forwarding: Port forwarding failed.
2008-04-25 14:33:32 +0200 shared.c:96 [Info] Port Forwarding: State changed from "Starting" to "???"
2008-04-25 14:33:32 +0200 upnp.c:101 [Info] Port Forwarding (UPnP): UPNP_GetValidIGD failed (errno 22 - Unknown error: 0)
2008-04-25 14:33:32 +0200 upnp.c:91 [Info] Port Forwarding (UPnP): upnpDiscover failed (errno 22 - Unknown error: 0)

Any insight will be most greatly appreciated!

Cheers, Dex

[xenedar]

It sounds like you have duplication in the roles your modem and AirPort are trying to play. Keep it simple - one of them should be "in control" of your network (ie: port forwarding, DHCP, etc), while the other sits there and simply passes data backwards and forwards, without getting involved in the operation of the network. Generally I find it best (and easiest) to have the modem "in control", since the modem needs to be configured for your ISP and other settings anyway, and AirPort base stations can be easily switched down to a more mundane role; effectively acting like an ethernet hub/switch, only wireless.

UPnP should be turned on on your modem, and your AirPort Extreme base station should be set to Bridge mode, which turns off DHCP, among other things. Port forwarding should only occur on your modem, not on both your modem and AirPort.

Make sure the IP addresses assigned to your computers (and base stations) are in the private range. eg: 192.168.x.x or 10.x.x.x. If in doubt about the addresses you're using, don't use manual addressing; let the modem sort it out for you, as it knows what addresses its allowed to use - turn on DHCP on your modem and set your computers/devices to be DHCP clients. Only one device on your network should be acting as DHCP server.

With UPnP turned on, you should not need to have any manual port forwarding set up anyway - UPnP allows the computer to configure the port forwarding on the modem for you, as needed, when applications like Transmission request it.

That is, in your Transmission preferences, Advanced panel, make sure there's a number entered, and the "Automatically map port" option is checked; if so, port forwarding will (should?) be done automatically.

If you're determined to utilize manual port forwarding, configure it on the modem, put the port number into Transmission's preferences, and turn off the "Automatically map port" option in Transmission. You can still use manual port forwarding even with DHCP, since, on private networks anyway, machines do not tend to change IP addresses with any real frequency. My laptop has had the same DHCP-supplied IP address for 2 years.

[Dexdexter]

Thanks very much, xenedar, for your very detailed reply. I'm struggling to understand it, though, since it appears to contradict the following passage from the Transmission Help guide:

Double NAT
Another possible reason your port remains closed could be because your router is not the only device on the network which needs to be configured...

...If you have multiple routers in your home network, you must forward Transmission's port on all of them, otherwise it will continue to show up as closed. Transmission can only automatically port map the router the computer is directly connected to. Any others in between this router and your modem will have to be forwarded manually. For detailed instructions, click here.

So if I set the AirPort Extreme to Bridge mode, does this then effectively make the modem the "direct" connection to my MacBook?

I must confess that I'm a little hesitant to try this, because I'm not entirely sure how to configure both computers as direct clients of the modem, since the AirPort utility configured everything automatically for me in the first place. I then had quite a struggle setting up the WDS network for the Mac mini when I added the AirPort Express into the equation about a month ago.

Furthermore, I'm planning to add a second AirPort Express shortly as a dedicated AirTunes server. Will placing the AirPort Extreme in Bridge mode be likely to impact its ability in this regard?

I guess I'm kinda scared of placing too much faith in a bare-bones 7 year-old modem as opposed to an homogenous Apple system that was designed to work harmoniously together.

Best, Dex

[xenedar]

So if I set the AirPort Extreme to Bridge mode, does this then effectively make the modem the "direct" connection to my MacBook?

Yes. Because of what it says in that text you mentioned, more routers makes everything more complicated; like it said, you have to configure port mapping on all of them, and Transmission can only automap on the one it's talking to directly. It's not necessary for a home network. If you K.I.S.S., it's one router, one direct connection, one place for forwarding to occur; everything else is just a node.

I must confess that I'm a little hesitant to try this, because I'm not entirely sure how to configure both computers as direct clients of the modem, since the AirPort utility configured everything automatically for me in the first place. I then had quite a struggle setting up the WDS network for the Mac mini when I added the AirPort Express into the equation about a month ago.

Furthermore, I'm planning to add a second AirPort Express shortly as a dedicated AirTunes server. Will placing the AirPort Extreme in Bridge mode be likely to impact its ability in this regard?

I guess I'm kinda scared of placing too much faith in a bare-bones 7 year-old modem as opposed to an homogenous Apple system that was designed to work harmoniously together.

Best, Dex

The AirPort will of course try to make its importance known. The Assistant in particular will assume you want your fancy new device to be the center of your world, but it's not necessarily the best way to run it.

There are other ways to run the arrangement you describe (the main alternative is to have the AirPort doing all the NAT/routing grunt work, and the modem just operating as a gateway - again, only one of them doing these functions - but it's my opinion the router should be as close to the exit point as possible), so this is just my experience. It does make things simpler and easier to manage if you only have a simple arrangement. Double NAT complicates things, because you're setting up several private networks within your network: one between your modem and your AirPort, and a second between your AirPort and your MacBook. I find a flatter approach to be more reliable, and requiring less configuration.

I run my own network this way:
* modem connected to phone line, downstairs, acting as router. It provides DHCP/NAT, etc to the rest of the network.
* AirPort Extreme connected via ethernet to one of the ethernet ports on the modem. It's in Bridge mode (no NAT, no DHCP).
* Second AirPort Extreme upstairs in "Remote"/WDS mode.
* A hub connected to the ethernet on the second AirPort Extreme.
* A G4 iMac (no AirPort card) and printer connected via ethernet to the hub.
* PowerBook G4 with AirPort Extreme card, I use throughout the house. Because of the WDS, it joins whichever base station is providing the best signal, wherever I happen to be.


To make your wireless computers a client of the modem, just join them to the AirPort network (when they're Bridges). To make your wired computers a client of the modem, just connect them to ethernet ports which are connected to base-stations that are members of the wireless network. It's like connecting them to an ethernet hub/switch, or even directly to the modem itself - the base station doesn't do much itself, just sends all the incoming/outgoing to the modem to pass to/from the Internet. As far as your computer is concerned, the modem and first base station are essentially the same thing, because the AirPort just becomes the modem's transmitter. When they're configured as "Bridge", they just pass data through.

In general, I only ever have to reboot the modem if I have a glitch of some sort, rather than trying to figure out whether it's the modem or one of the base stations and rebooting everything.

The reason you may have had problems with some of the setup, particularly the WDS, is because of some of these additional complications. Again, if it's kept simple it should just work.


Start with your modem, and make sure it's acting as a router. Plug a computer directly into one of its ethernet ports and confirm everything works over an ethernet cable. You can do this without changing anything on your base stations. Make sure you turn your AirPort card in your computer off so you know that what it's sending/receiving is going over the ethernet cable, not via the AirPort card.

If all okay, connect the AirPort base station to the modem, and switch it to Bridge mode (you might want to turn off your Express for this test). Unplug the MacBook from the ethernet on the modem, and join it onto the wireless network. Confirm you can connect to the internet. You can save your AirPort base station configuration to a file first, before you do this ("Save As" in AirPort Utility). That way, if it doesn't work, you can restore it from the config file.

http://i30.tinypic.com/14v0ebk.jpg

If all that's okay, configure the Express as a "WDS remote" of the main AirPort Extreme. Both base stations will "participate in a WDS network". Your main base station will be a "WDS main". Ditto with this: save your existing config to a file, and restore it if you have any problems.

http://i32.tinypic.com/ama7mh.jpg
http://i27.tinypic.com/jgt6vb.jpg

At that point, your two wireless base stations should just become one big wireless network. You won't really be able to tell which base station your MacBook is talking to. Which is a good thing.

From here, you should be able to plug your mini into the ethernet from the Express and it should work. Your modem is where all the internet magic will be happening, and your base stations will just be purely transmitters.


Check out Apple's "Designing AirPort Networks" document:
http://manuals.info.apple.com/en/Design ... indows.pdf
It's suitable for both Macs and Windows. In particular, see page 36 and 42.

Like I say, this is by no means definitive, just what I've found works for me. The main point is that you should avoid doing unnecessary routing and NATing, because it makes it harder to get Transmission to do its thing. Do it in one spot, wherever that is, and Transmission should be good to go.

[Dexdexter]

Ah, I do believe that I am beginning to understand!

Thanks once again for taking the time and effort to provide such thorough and clear explanations, as well as a smart strategy with which to move forward. I've already saved my current configurations to files (which, btw, I didn't know was possible ), so I feel much more confident in embarking on some experimentation.

It might take me a little while to implement, but I will report back and let you know how it all turns out.

Regards, Dex

[Waldorf]

xenedar, thank you for helping this guy out! You sure are thorough in your article .

Dexdexter, Hej, fellow Belgian! I had a quick question for you: Are you using the Dutch localization of T? If you are, I'd love the feedback (not here, just PM me).

A note about these so-called 'ADSL-Modem's: There do not exist (well, they do but are extremely rare). The problem is that ISP install/sell them as modems, so users tend to be VERY (just look at this forum) confused when they try to do even the smallest modification to their network. This is multiplied when users aren't granted access to their 'modem' by the ISP.
The biggest thing is to make people aware that that modem they've gotten is actually a router. Most issues are fairly easy to solve afterwards.

[Waldorf]

Now, if you are unwilling to rely on your 7-year old ADSL-router, and have access to its configuration, you could disable NAT, DHCP and UPnP (if available) on that ADSL-router and allow your Airport to do the manage your network.

[Dexdexter]

Success!

After some further reading into the AirPort pfd, I finally went with xenedar's recommendation and set up my Extreme in Bridge mode with port mapping automatically done through my "modem". Took all of 5 minutes in the end.

All hail xenedar!

Dexdexter, Hej, fellow Belgian! I had a quick question for you: Are you using the Dutch localization of T? If you are, I'd love the feedback (not here, just PM me).

Hello, Mr. Waldorf, thanks for weighing-in here with an alternative fall-back suggestion and the lesson on "modems"!

Unfortunately, I'm an American ex-pat, so I haven't needed to use the Dutch localization of Transmission.

Cheers, Dex

[Waldorf]

Unfortunately, I'm an American ex-pat, so I haven't needed to use the Dutch localization of Transmission.

Damit...

[itoumusashi]

I've tried to do this to my current setup and has failed.
When I change my Extreme (connected to the modem) as a "bridge", all other connections fail - including wireless computers and the WDS remote.

Every computer connected to the Extreme seems to work. Transmission works fine on it.
The Mac Pro I have connected to the Express (through WDS) isn't working.... what should I do?

-Itou