Jump to content
Comet Forums

How to Set up Portforwarding & Static IP Reply thread.


Recommended Posts

@ayeayre

You just enter the port that Bitcomet is using (49155 in your case) for both

and it is recommended that you set the max half-open connections to 8

@matspo

Yes those are normal private addresses, usually the 10.0.x.x range is for larger networks but it doesnt really matter

Those tests you did at shieldsup indicate that your router is properly blocking their exploit test

but these tests dont really help you at all with bitcomet

goto portforward.com and find your router and follow its guide for bitcomet

then, with bitcomet open, goto canyouseeme.org and use their test to see if Bitcomet's port is open

If you pass the test then you have set up your router correctly

If you dont pass then either your router isnt set up right or you have a software firewall blocking it.

Link to comment
Share on other sites

That means you still have a firewall blocking the port. Take the router out of the loop and connect directly to the modem (remembering that you will have to re-configure your network connection to do that) and test again. If your listen port now tests as open, then you know the router isn't configured correctly. If it still tests as closed, then you know you have at least one other firewall blocking it, which you will need to find and fix if possible. Check with your ISP to see if they have you behind a firewall, though most do not. If they don't, then you probably have a software firewall running that you don't know about, and will have to find.

Link to comment
Share on other sites

That's a lousy way to test, kinda like checking for gas leaks with a match. You don't turn firewalls off, unless you have a specific reason for it and know what you're doing. You make new rules for firewalls, to open the port you want.

Nothing specifically checks for firewalls in the sense of saying, "Hey, you, this is a firewall!". It's pretty much up to you to find them or find out about them.

Link to comment
Share on other sites

  • 2 weeks later...

Hi all,

I didn't really bother about this setting/setup until today (I upgraded my net to 5mbps to download and I want to make use of it of course).

So I followed the setup guide (very neat and very useful!!), setup my modem/router and VoIP router. They're connected as this "Internet -> Modem/Router -> VoIP router -> PC machine. (Coz that's how the VoIP router wants it to be connected).

Now a few questions:

1) Do I have to setup port forwarding to my modem as well? I tried various setups (modem portforwarding on with VoIP router portforwarding off; off and on; on and on), but all three setup, I can't help but notice that sometimes the port for BitComet is open, sometimes it isn't. Right now it is setup as both on, as this is the setup that seldom closes the port. But is it necessary? If the modem portforwarding is off while the voip router's on, will the modem-router block it, so I should open the port in both routers? Is it even right in doing so, no conflicts or negative effects?

2) I read in this thread and came to an understanding that "speed" is being affected by the port number? Or I misunderstood it?

3) I also read in this thread that modem-firewall and router-firewalls should be turned on? Coz I find the two very aggressive and decided I will rely on XP's (SP2) firewall, and my other security apps. Also I find it much of a hassle to open lots of ports, being a gamer myself, a downloader and uploader, as well as using the PC for work...

That's all I think, for now, thanks a lot!!

Regards

EDIT:

Question #4: Is the port open for any application to use? Or is it exclusive to BitComet? Coz, (as I mentioned with Q1 above), the port closes when BitComet is not running. How was this achieved? Isn't the portforward name "BitCom1" just a 'reference' or 'label' for that portforward setting?

Thanks again!

Link to comment
Share on other sites

Other peers in the swarm attempt to initiate a connection with you on the listening port that you specify.

When your client scrapes the tracker, it tells the tracker what your ID, IP address and listening port are. The tracker sends you a list of other peers, with their IP's and listening ports. It adds you to the list it sends out to those other peers. That's how they know which port to contact you on.

Firewalls are supposed to block unsolicited attempts to contact you. That's their purpose. In your setup, you have a firewall in the modem/router, another firewall in the VOIP router, and another software firewall on your computer. Each and any of these will, if active, block those unsolicited connections. It only takes one to block them, so if one of them is doing so, it doesn't matter if the others don't.

Port-forwarding allows those unsolicited connections to pass through a firewall. No firewall, nothing to forward through, the connections pass through unhindered. If you disabled the modem/router's firewall, you don't need to worry about port-forwarding for it. If you disabled the VOIP router's firewall, you don't need to worry about it either.

BitComet works with the XP firewall, tells it to open the listen port when BitComet's running, and close it when BitComet quits.

When a port is open in a firewall, traffic can come through it. Now the firewall is out of the picture, its job done. The firewall does not route that traffic, it just lets it through (or not). It is up to your machine's winsock implementation to actually route the traffic. When BitComet starts, it registers itself with winsock, and requests that all incoming traffic for your chosen listen port, be directed to BitComet. If some other application has already registered that port with winsock, BitComet's request will be refused, and it will complain to you that it can't listen on that port. This is just as it should be.

The port is open to any kind of traffic. But it will all be sent to BitComet, whatever it is. If it is in a form that BitComet recognizes (that is, an incoming connection request from another peer) then it will be handled appropriately. If it is in a form that BitComet does not recognize (say, an attempted probe for a malicious attack), then BitComet will reply with "What? Didn't understand that, try again." This effectively means that such attacks will get nowhere. They'll just run into BitComet saying, "what??" forever.

You can use whatever combination of firewalls you please. I personally prefer one external firmware firewall in a router, since it can't be subverted by any kind of malicious software, and can't fail to start during bootup.

Problems do arise when you use a firmware firewall. Routers are designed to have multiple machines connected to them (else why have a router?) but those machines are different. You don't want unsolicited traffic coming in to a machine that is not set up to expect it and handle it. Because of that, the router will open a port only for a particular machine, as identified by its IP address. That's the way the router's rule is constructed: block everything incoming, unless it's on this port, and then send that only to this address and no others.

That being so, the machine that does want and expect that traffic, had better be at the address specified in the router's rule. If it's not there, then it won't get the traffic. Worse, whatever machine DOES happen to be at that address, WILL get the traffic which it's not expecting and isn't prepared to handle. This is a security hole. Those Are Bad.

The way they are set up out of the box, computers ask for an IP address. They ask whatever they're connected to. If they're connected to a modem, they ask the modem, which forwards the request to the network, which replies with the IP address to be used. But if the computer's connected to a router, then it is the router that replies, and gives the computer its IP address. The address can be different each time the computer is turned on and can change while it is on.

As you can see, it would be bad if we have a router rule that insists on a specific IP, yet the computer's IP is wrong or changing all the time. Something like this is probably why your listen port seems to open and close unpredictably: sometimes you're given the right IP, some times you're not.

If you're going to do this successfully, you need to set up the computer so it does not ask for an IP address, but simply claims a specific one. Then it's up to you to make sure the claimed IP doesn't conflict with anything else on your network. The IP it claims must match the one in the router's rule. Then traffic goes where it's supposed to, and continues to go there. Everything good.

Recapping, if you don't have an external firewall (or it's turned off) then you don't need to make rules to forward stuff through it. If you don't need a rule, you don't need to specify an IP for that rule, or for your computer.

Link to comment
Share on other sites

  • 3 weeks later...

Hello everyone, I'm new and from recently I'm using BitTorrent, but I'm having a problems with a download speed. When I'm downloading a file the speed is rarley above 10 kB/s. So I read a guide about portforwarding & static IP and here is my problem:

I'm paying to providers (I don't have modem, I have router) (256Kbit/s download)/(64Kbit/s upload) with dinamic IP address. So I'm interested is legal for me to set static IP (price for static IP is almost two times bigger than for dinamic IP)?

Please answer me?

Link to comment
Share on other sites

Hi Sorayia

Been following your easy and clear instructions on "How to Set up Portforwarding" but I'm a newbie and I'm stuck. Could you please explain where to find my router brand and model? I figured it would be on the equipment itself but I'm living in Japan and all the equipment setup by my internet company is in Japanese which I don't speak

I have a PC w/Windows XP if it helps...

Thanks!

Link to comment
Share on other sites

@UMF, you have misunderstood

there is a private ip address which is given out by a persons router (LAN)

then there is a public ip address which is given out by the ISP (WAN)

For the purpose of portforwarding you need to make the private ip static (which is done in windows)

you do not need the public ip address to be static

@mviefrk, so there are no english words anywhere on the device (bottom or side)

Have you at least been able to get to the login screen for the router

by using the address you found with ipconfig

(if you can get to there we may be able to help if you provide us some screenshots)

(also try to find someone who can translate or help you, maybe call the ISP and see if they have any english support)

Link to comment
Share on other sites

I don't have have an IP Adress on my thing I have everthing but IP Adress in the DOS window, however I do appear to have an IPv4 Adress. Should I use that?

EDIT-

3 Questions -

1) Do I do this on my host computer or on the computer that I am using right now, because right now I am using Windows Vista and I do not know how to get to that screen where you can see your network connection, I can't seem to find it. But I find on the host computer because that one is Windows XP SP2, is this just because that screen is only on the host computer or because I can't find it on Vista, if it is on vista also, how do I get there.

2) If I do this on my host computer there are two connections, there is the LAN connection and the Gateway connection, which one should I choose to change the settings on.

3) When I am changing the stuff do I add the Subnet Mask and Default Gateway too?

Link to comment
Share on other sites

Hey you guys,

I'll explain my situation first as i have a few interrelated questions:

I am schooling over in China and the university dorms require all of the students to connect first through the LAN and then log on to the web through a VPN (LAN - connects through a "Broadcom NetLink Gigabit Ether" and the VPN through a "WAN miniport l2TP")

1. As i am required to use a VPN, are any of the steps different or need to be modified?

2. i took a screen shot of the of the "ipconfig\all" output, then followed the steps using my LAN connection. When i try modifying the TCP/IP Protocol, specifically inputing my DNS server addresses (By the way i have 2), the range is out of bounds, it defines the range to be 1-223 but, the second DNS server is 255. ... . ... . ...

3. On the ipconfig\all output, under the adapter LAN output, i have an additional table or rather another header, a PPP adapter internet. It is under this new header that my IP and default gateway are the same. The reason i bring this up is that in the directions for checking whether you have a router or a modem, you say that if the 2 or the same then you don't even need to perform port-forwarding. Is any of this relevant?

4. My dhcp is enabled .... should it be disabled?

Great step by step and thanks in advance!

Airboren

Link to comment
Share on other sites

Since you are at a school, there is no way that you can portforward.

So dont worry about settting up a static ip, just leave it as it was.

In Bitcomets settings you should set it to No Listening Mode

also change the Encryption to Forced

and you might change NAT Traversal via UDP to Always (though I think Auto Detect should work too)

This might help bump your speeds a little but dont expect too much.

Just a warning though,

if you're connecting in your dorm room or to get a connection you have to log in using something traceable to you (e.g. Student ID), then you may think twice before downloading a lot because all your traffic is easily traceable back to you. So if they have a strict policy on bittorrent, or p2p in general, then consider the consequences because your traffic may be logged and traceable back to you. Even if they don't know what's in your traffic (because of the encryption), it would still be easy to see that you are using p2p.

Link to comment
Share on other sites

Hi

Last nite I managed to configured my pc to static ip, forwarded the port and even get "open" port when I tested in Shields UP website. I left my bitcomet running and everything was fine with bottom right showing green for my listening port with my external ip.

Today after I returned from work, I saw the green has turned to orange. The port has also closed. My test at Shields UP also says my port is closed. I tried uninstalling my ZoneAlarm and run with no firewall.. now I get stealth status. I even forwarded tcp/utp port in windows firewall just in case... although it is not opened. How can this be?

Pls help.

Link to comment
Share on other sites

Hi guys, i really need some help.

I fallowed the WHOLE How to Set up Portforwarding & Static IP tutorial but no work <_< , unfortunatly. Tha little light continues yellow and downloads are at low speed. Also Shield Up test failed [Ping Reply: RECEIVED (FAILED)]

Im really lost now, dunno what to do, what can i do now? OMG

Thanks for patience.

Link to comment
Share on other sites

If you want to check whether your Port is open or not (in other words, checking if your portforward worked), head to: https://grc.com/x/ne.dll?bh0bkyd2

And click Proceed --> Type the Port you're using in BitComet, and click 'User Specified Custom Port Probe'. In the results, if it says that the port is Open, then you're all set!

Your BitComet should now be functioning properly.

I just have a question about this. I did this and it says my port is open, and yet the yellow light remains on in BitComet 0.86. Also, my download speeds seem to be fine, so really I have no issue. But could the yellow light be on because I am running PeerGuardian and blocking IP's through that? In which case, I should just ignore the yellow light? Please forgive stupid noob questions.

Link to comment
Share on other sites

The reason for doing any of this is so that remote peers can initiate connections with you.

Choose a running torrent, and look at your peers tab, under the INITIATION column. If any of them are REMOTE, then you're good no matter what anything else says. If they all say "LOCAL" or "NAT", on all the torrents, then your listen port is still blocked and your download speed is a lot slower than it could be.

All the tests are trying to determine whether a peer could establish a remote connection to you. If they've already done so, the whole thing is academic.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...