Results 1 to 5 of 5
  1. #1
    Newbie
    Join Date
    Feb 2012
    Posts
    4

    Default Two WAN links Breaks Games such as Modern Warfare

    Hi all. After replacing an existing router with Untangle I have had problems getting Call of Duty: Modern Warfare (MW) to run. It was working before the change but after installing Untangle it refused to connect. The TLDR is that with more than one WAN link enabled in Untangle, Modern Warfare is unable to make a connection. Reducing back to a single WAN link fixes the problem.

    As we have seen from multiple posts here and elsewhere on the internet, MW is a challenging game to get working through many routers and firewalls, including Untangle. I have recently returned to Untangle via the Home Pro license. I have two WAN connections (one HFC Cable and the other nbn Fibre to the Node) and a home network with about 70 devices with IP addresses. Before Untangle I was running a Synology RT2600AC router with both WAN links connected. Both WAN routers are in Bridge mode and Untangle is in Router mode.

    MW worked fine through the Synology router, but when I switched to Untangle it failed to connect, and gave the error "Unable to connect to online services". A couple of days of troubleshooting followed, during which I tried the following (separately and, where appropriate, in combination):

    UPnP with and without Secure Mode
    Port Forwarding
    Bypassing my PC
    Disabling WAN Balancer
    WAN balancing 100% to one link and 0% to the other
    Routing my PC to one WAN link within WAN Balancer
    Confirmed that the WAN links were being noted correctly in miniupnpd.conf
    Clean install of the V16 beta
    Clean install of V15
    Install on VMWare hypervisor
    Install on Citrix hypervisor using xcp-ng

    I ended up sticking with xcp-ng for ease of use and ability to run other workloads and that is what I am running today.

    My breakthrough moment came when I ran up a second instance of Untangle (confirmed on both version 15 and 16) and only configured one WAN link. All of a sudden, MW worked! To be clear, the second instance was running live in parallel with my primary instance of Untangle. By this, what I mean is that the primary instance has an address of 192.168.1.1 and I gave the second instance the address of 192.168.1.5. Only the primary instance is running DHCP so by changing the gateway address on my PC's IP stack my traffic was routed through the secondary instance. The secondary instance does have a different IP address on its WAN link, but that is allocated by the ISP using their DHCP server. Sorry that sounds convoluted but that's as best as I can describe it.

    When I switched back to the primary I was unable to connect to MW. When I added a second WAN link to the secondary I was also unable to connect to MW.

    So, I now have one (licensed) instance of Untangle acting as the primary gateway for my network and the secondary instance configured with a single WAN link acting as my gaming gateway. My PC is the only device on the network that uses the secondary instance but I'm OK with that. I have removed all packages except Firewall and Reporting on the secondary instance. As a bonus, if I turn on UPnP (with secure mode on, and I know UPnP creates its own security issues) the MW service sees my NAT status as Open, which is the best kind of NAT status to have with their service.

    I wrote this post in case anyone else runs into this, as it will save you the days of frustration and experimentation I had to go through to get to this point. It is definitely caused by something about either Debian or Untangle, as the problem didn't exist on my Synology router, which also runs a version of the Linux kernel, but I don't expect it is important enough for the Untangle team to hunt down and fix.

  2. #2
    Newbie
    Join Date
    Aug 2020
    Posts
    10

    Default

    I find it very hard to believe that forcing all traffic out one link 100% wasn't enough to fix the problem... That should be functionally identical to just having a single interface, I'd think?

    I would think you'd want to force game traffic out one link, and have UPnP enabled, and that should sort it.

    I'm testing out Untangle as a replacement for pfSense, primarily because their dual-WAN handling leaves a lot to be desired IMO. I have two Xboxes in the house and want them both to get the best experience, as well as occasionally play games with each other (but the main game is Diablo 3, not Modern Warfare).
    Last edited by ZPrime; 09-20-2020 at 12:34 PM.

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,543

    Default

    Yeah, something else is going on. Because Untangle's Multi-WAN is IP sticky.

    That is to say, everything from a given internal IP address goes out a specific WAN interface until something forces it to change. Which means under no circumstances will any given machine have in effect more than one WAN. This is done because you're never quite sure when traffic will multi-session on you. Games love to do this... control traffic on one port, with separate streams on others. SIP and RTP as well, same deal. You can't have SIP on one WAN IP and the RTP that goes with it on another... the call breaks.

    One of the problems with the HomePro subscription, is that it's used by those that aren't in the best head space to troubleshoot anything. They're mostly power users, they think they know what they're doing when they really don't. And even if they do, the best of us get tunnel vision sometimes. This is one of those cases, there's something fundamentally wrong with this configuration, and the OP is focusing on a game.

    There is a laundry list of tech listed in that post, most of which is very much a ton of rope with which to hang one's self too. But I can say with absolute certainty, Untangle's multi-wan functionality most certainly does NOT break Modern Warfare, nor any other game I'm aware of. I play a BUCKET of them myself, as my primary form of entertainment. And yes, I have had Modern Warfare working fine via Untangle in many circumstances. The only time it gets to be a challenge is when you want to host a game yourself. That requires some uPnP work, and that will cause issues with multi-wan if you're failing off the interface uPnP worked its magic on.
    Last edited by sky-knight; 09-20-2020 at 12:45 PM.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Newbie
    Join Date
    Feb 2012
    Posts
    4

    Default

    Hey Sky-knight, you've chosen an interesting way to respond to my post. If you take the time to cast your gaze lovingly over your own words above you may (I hope) be shocked to realize that your response to a newbie on the forums was arrogant, presumptuous and, most of all, churlish. You must have been aiming for that, as there was little room for any meaningful contribution between your well-informed observations.

    Based on your summary dismissal of me as a too-much-rope-holding, think-I-know-what-I'm-doing-when-I-really-don't, HomePro-subscription-loving, bad-head-space-occupying laundry-list-know-nothing, you must know far more about me than I thought possible. Somehow, with all of the forum lurking and not asking for help that I've been doing whilst being a paying customer since 2012 (before the Home Pro license was a thing) I must have been leaking information to you about my personal and professional life, which are both obviously disastrous.

    I can only assume then, that you've waited these eight years to finally strike, when I had the temerity - nay, the outright hubris - to post some findings on your otherwise-well-defended forums, in an attempt to help someone who may find themselves in a similar situation to mine. I do concede that I may have been wrong to think that there is someone else out there with an equally flawed personal and professional life, which would lead them to the same, laundry-list, newbie-know-nothing, HomePro, dark-arts-dabbling foolishness as me.

    For anyone other than Sky-knight, who has rightly identified me as a glitch in the matrix and is no longer reading, I have a further theory from my amateur sleuthing. I suspect that an interaction between the Intel H470 chipset on my motherboard and the Linux kernel 4.19, which is used in both Debian 10 (Untangle) and CentOS 7.5 (Xen Hypervisor) is causing the problem. The H470 chipset has only been in the market for about six months, so it is quite new.

    We should all keep in mind that, just like Sky-night, the Linux kernel doesn't like new things. It prefers older hardware that has been in the wild long enough for kinks to have been worked out of drivers.

    You will also observe that what I didn't do was criticize Untangle, which is a great company/product, or expect the team at Untangle to troubleshoot this problem for me as: a) I'm a home user, and; b) this is a problem that Untangle's target market is unlikely to run into.

    At my current rate of posting it will be between four and eight years before my next one. I look forward to Sky-night's vigorous defense of the sanctity of the forums at that time.

  5. #5
    Newbie
    Join Date
    Feb 2012
    Posts
    4

    Default

    One more post after all. I replaced Citrix Hypervisor with Proxmox, which uses version 5.4 of the Linux kernel, and everything works as it should. That provides enough confirmation for this weekend-warrior to conclude that Debian's use of the 4.19 kernel (which is the same kernel version that Untangle uses) was causing problems with the new hardware I'm using.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2