Getting an IP address
For the most part, if you’ve set up your router to provide IP addresses within your network using DHCP, your gaming PC or gaming console automatically connects to the router when the device is turned on and sends a Dynamic Host Configuration Protocol (DHCP) request to the router, asking for an IP address.Or, as we like to say about this kind of neat stuff, automagically. You may need to go into a program to select an access point and enter your WEP password, but otherwise it should just work without any intervention.
If you have a game console with a wireless Ethernet bridge, the process should be almost as smooth. The first time you use the bridge, you may need to use a Web browser interface on one of your PCs to set up WEP keys or WPA passphrases; otherwise, your router should automatically assign an IP address to your console.
Before you get all wrapped around the axle trying to get your game console connected to your router, check out the Web site of your console maker and your router manufacturer. We have no doubt that you can find lots of information about how to make this connection. In many cases, if you’re having trouble getting your router to assign an IP address to your console, you need to download a firmware upgrade for your router. Firmware is the software that lives inside your router and tells your router how to behave. Most router vendors have released updated firmware to help their older router models work with gaming consoles.
Some older router models simply don’t work with gaming consoles. If online gaming is an important part of your plans, check the Web sites we mention earlier in this topic before you choose a router.
In most cases, if your console doesn’t get assigned an IP address automatically, you need to go into your router’s setup program — most use a Web browser on a networked PC to adjust the configuration — and manually assign a fixed IP address to the console. Unlike DHCP-assigned IP addresses (which can change every time a computer logs on to the network), this fixed IP address is always assigned to your console.
Every router has a slightly different system for doing this, but typically you simply select an IP address that isn’t in the range of DHCP addresses that your router automatically assigns to devices connected to your network.
You need to assign an IP address that isn’t in the range of your router’s IP address pool but is within the same subnet. In other words, if your router assigns IP addresses in the 192.168.0.xxx range, you need to use an IP address beginning with 192.168.0 for your game console. For example, if your router uses the range of 192.168.0.0 to 192.168.0.32 for computers connected to the network, you want to choose an IP address such as 192.168.0.34 for your console. Every router’s configuration program is different, but you typically see a box that reads something like DHCP Server Start IP Address (with an IP address next to it) and another box that reads something like DHCP Server Finish IP Address with another box containing an IP address. (Some routers may just list the start address, followed by a count, which means that the finish address is the last number in the start address plus the count number.)
The key thing to remember is that you have to come up with only the last number in the IP address, the number after the third period in the IP address. The first three (which are usually 192.168.0) don’t change. All you need to do to assign this IP address is to choose a number between 1 and 254 that is not in the range your router uses for DHCP. (Most routers use the .1 address, so you should use a number between 2 and 254.)
Dealing with port forwarding
After you have assigned an IP address to your gaming PC or game console and are connected to the Internet, you may well be ready to start playing games. Our advice: Give it a try and see what happens. Depending on the games you play, any additional steps may not be needed.
The steps we’re about to discuss shouldn’t be required for a game console. And, although we haven’t checked out every single game out there, we haven’t run into any incidences where you need to get involved with the port forwarding, which we’re about to discuss, with a game console. If you have an older router that doesn’t work well with console games, you may consider putting your console on the router’s DMZ, as we discuss in the upcoming section "Setting Up a Demilitarized Zone (DMZ)."
If, however, your games don’t work, you may need to get involved in configuring the firewall and Network Address Translation (NAT). As we discuss in next topic, home network routers use a system called NAT to connect multiple devices to a single Internet connection. Basically, NAT translates between public Internet IP addresses and internal IP addresses on your home’s network. When a computer or other device is connected to your home network (wirelessly or even a wired network), the router assigns it an internal IP address. Similarly, when your router connects to the Internet, it’s assigned its own public IP address: that is, its own identifying location on the Internet. Traffic flowing to and from your house uses this public IP address to find its way. After the traffic (which can be gaming data, an e-mail, a Web page, whatever) gets to the router, the NAT function of the router figures out to which PC (or other device) in the house to send that data.
One important feature of NAT is that it provides firewall functionality for your network. NAT knows which computer to send data to on your network because that computer has typically sent a request over the Internet for that bit of data. For example, when a computer requests a Web page, your NAT router knows which computer made the request so that when the Web page is downloaded, it gets sent to the right PC. If no device on the network has made a request — meaning that an unrequested bit of data shows up at your public IP address — NAT doesn’t know where to send it. This process provides a security firewall function for your network because it keeps this unre-quested data (which could be some sort of security risk) off your network.
NAT is a cool thing because it lets multiple computers share a single public IP address and Internet connection and helps keep the bad guys off your network. NAT can, however, cause problems with some applications that may require this unrequested data to work properly. For example, if you have a Web server on your network, you would rightly expect that people would try to download and view Web pages without your PC sending them any kind of initial request. After all, your Web server isn’t clairvoyant. (At least ours isn’t!)
Gaming can also rely on unrequested connections to work properly. For example, you may want to host a game on your PC with your friends, which means that their PCs will try to get through your router and connect directly with your PC. Even if you’re not hosting the game, some games send chunks of unrequested data to your computer as part of the game play. Other applications that may do this include audio- and videoconferencing programs (such as Windows Messenger) and remote control programs (such as pcAnywhere).
To get these games (or other programs) to work properly over your wireless home network and through your router, you need to get into your router’s configuration program and punch some holes in your firewall by setting up NAT port forwarding.
Of the many routers out there, they don’t all call this process port forwarding. Read your manual. (Really, we mean it. Read the darn thing. We know it’s boring, but it can be your friend.) Look for terms such as special applications support or virtual servers.
Port forwarding effectively opens a hole in your firewall that not only allows legitimate game or other application data through but may also let the bad guys in. Set up port forwarding only when you have to, and keep an eye on the logs. (Your router should keep a log of whom it lets in — check the manual to see how to find and read this log.) We also recommend that you consider using personal firewall software on your networked PCs (we like ZoneAlarm, www.zonelabs.com) and keep your antivirus software up to date.
Some routers let you set up application-triggered port forwarding (sometimes just called port triggering), which basically allows your router to look for certain signals coming from an application on your computer (the triggers) and then enable port forwarding. This option is more secure because when the program that requires port forwarding (your game, in this case) isn’t running, your ports are closed. They open only when the game (or other application) requires them to be open.
When you set up port forwarding on your router, you’re selecting specific ports (ports are subsegments of an IP address — a computer with a specific IP address uses different numbered ports to connect different applications to the network) and sending all incoming requests using those ports to a specific computer or device on your network. When you get involved in setting up port forwarding, you notice two kinds of ports: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). These names relate to the two primary ways in which data is carried on the Internet, and you may have to set up port forwarding for both TCP and UDP ports, depending on the application.
Every router or access point will have its own unique system for configuring port forwarding. Generally speaking, you find the port forwarding section of the configuration program and simply type into a text box on the screen the port numbers you want to open. For example, Figure 11-2 shows port forwarding being configured on a NETGEAR WPN824 router/access point.
As we mention earlier in this topic, ports are assigned specific numbers. To get some gaming applications to work properly, you need to open (assign) port forwarding for a big range of port numbers. The best way to find out which ports need to be opened is to read the manual or search the Web page of the game software vendor. You can also find a relatively comprehensive list online at practicallynetworked.com/sharing/app_port_list.htm.
If your router is UPnP enabled (Universal Plug and Play, a system developed by Microsoft and others that, among other things, automatically configures port forwarding for you) and the PC game you’re using uses Microsoft DirectX gaming, the router and the game should be able to talk to each other and automatically set up the appropriate port forwarding. Just make sure that you enable UPnP in your router’s configuration system. Usually you simply click a check box in the router’s configuration program.
Figure 11-2:
Setting up port forwarding.
Setting Up a Demilitarized Zone (DMZ)
If you need to do some special port forwarding and router tweaking to get your games working, you may find that you’re spending entirely too much time getting it all up and running. Or you may find that you open what should be the right ports — according to the game developer — and that things still just don’t seem to be working correctly. It happens; not all routers are equally good at implementing port forwarding.
Here’s another approach you can take: Set up a demilitarized zone (DMZ). This term has been appropriated from the military (think the North and South Korean borders) by way of the business networking world, where DMZs are used for devices such as Web servers in corporate networks. In a home network, a DMZ is a virtual portion of your network that’s completely outside your firewall. In other words, a computer or device connected to your DMZ accepts all incoming connections — your NAT router forwards all incoming connections (on any port) to the computer connected to the DMZ. You don’t need to configure special ports for specific games because everything is forwarded to the computer or device you have placed on the DMZ.
Most home routers we know of set up a DMZ for only one of your networked devices, so this approach may not work if you have two gaming PCs connected to the Internet. However, for most people, a DMZ does the trick.
Although setting up a DMZ is perhaps easier to do than configuring port forwarding, it comes with bigger security risks. If you set up port forwarding, you lessen the security of the computer that the ports are being forwarded to — but if you put that computer on the DMZ, you’ve basically removed all the firewall features of your router from that computer. Be judicious when using a DMZ. If you have a computer dedicated only to gaming, a game console, or a kid’s computer that doesn’t have any important personal files configured to be on your DMZ, you’re probably okay — but you run a risk that even that computer can be used to attack the others on your network. DMZs are perfectly safe for a console, but they should be used for PCs and Macs only if you can’t make port forwarding work.
Depending on the individual router configuration program that comes with your preferred brand of router, setting up a DMZ is typically simple. Figure 11-3 shows a DMZ being set up on a Siemens SpeedStream router/access point. It’s a dead-simple process. In most cases, you need only mark a check box in the router configuration program to turn on the DMZ and then use a pull-down menu to select the computer you want on the DMZ.
Figure 11-3:
Setting up a DMZ.
