The Rather Quick And Mostly Painless Guide
To Getting Around Router Problems

Table of contents
IP Addresses
Port Forwarding
The DMZ
Port Numbers for FV Games
Apendix

If you are using Airport, you may be interested in this Airport related information.

If you have a high speed internet connection, chances are that you're behind a router or firewall. And if you're behind a router or firewall, you've probably seen this when you try to host a game on GameSmith:

A lot of people just ignore this dialog and hope that things will work. Most of the time, it won't. Luckily, you're here - and you're going to get a full understanding of what this means and how to fix it. What follows is a simple explanation of how internet connections work - those of you who know how to port forward can jump to the bottom for port numbers. But for those of you who don't know - and this all may look very complicated, but take it slow and it'll make sense - let me explain with a fun little analogy:

Every computer on the internet has an IP address. An IP address is made up of four numbers separated by periods (for example, 216.220.102.2). An IP address is like exact longitude and lattitude coordinates for your house - it's precise, but it's not the easiest thing to remember. We'll be referring to these as external IP addresses (sometimes also called the WAN IP Address).

To make access easier, many IP addresses also have names attached to them (to continue with the above example: 216.220.102.2 is associated with dev.freeverse.com). Consider this to be like a street address - so you don't have to know the exact coordinates of the place you're trying to go, you can look for 123 Fake St.

In addition to IP addresses, many applications use specific "ports". For example, most web traffic is done on port 80. Think of these as doors (and other openings) - if you want to deliver mail, you use the mail slot. If you want to move a piano, you go through the big window on the second floor.

Normally, if you want to load a web page, you just type in the address (download.freeverse.com), the web browser figures out the IP address (216.220.102.2), it knocks on the approrpiate virtual door (door 80 for the web) - and you go inside and have a nice time. Game hosting works similarly, where you say "I want to join Colin's Hearts game", the game server tells you the IP address, and then you knock on his appropriate door, and he'll let you inside and offer you cheese and wine and a nice game of cards.

But as we all know, more than one person can live at a particular street address. Likewise, many routers allow more than one computer to be associated with an IP address. These routers assign different IP addresses to the other computers on the network, creating a "house" that has one street address (as far as the world is concerned), but many addresses (Suzy's room, the game room, etc) within. These addresses are called internal IP addresses (sometimes called LAN IP Addresses) because they are not usable by the outside world.

While everyone can leave the house (i.e., join) just fine, getting other people into your house (i.e., hosting) can be a hassle. Why is this? Two reasons.

Fortunately, it is easy to tell the "house" to let gamers into the game you're playing in the game room. There are two ways to do this - one is trickier and more secure, the other is easier and less secure. You can go about this whichever way you want.

(Big important flashing disclaimer: Complicating things even further is that due to the number of different companies making routers and firewalls, I can't give generalized instructions that work for everyone. You should find your router's manual before we go much further, in case something is not quite as standardized as I'm going to be stepping through.)

Port Forwarding

The way that you let a door know who to have answer it is called port forwarding. In my analogy, you're telling your house that any time someone tries to come in on this door, let you (or someone else in your house) handle it. In computer talk, you're instructing the router to send all traffic on a specific port to an individual machine.

The first thing you'll need to do is to figure out two IP addresses - the internal IP of the machine you want to forward to, and your router's IP address. Get a pencil and paper ready, or open a text editor to write this information down in:

If you're on OS X 10.3:

  • Open System Preferences - it's under the Apple menu.
  • Click on Network.
  • Click on your method of connection (Airport, Built-in Ethernet, Modem) and click on "Assist Me"
  • Click on "TCP/IP" you will see many numbers, you will want to write down "IP Address" and "Router" If you're on OS X 10.2:

    1. Open System Preferences - it's under the Apple menu.
    2. Click on Network.
    3. Make sure the TCP/IP tab is the front most, and you're looking at the device that you use for your primary internet under the "Show" popup - something that says "Ethernet" or "Airport", depending on what you're using.
    4. You'll now see a bunch of numbers. The two you want to write down are "IP Address" and "Router".

    If you're in OS 9:

    1. Open the TCP/IP control panel.
    2. Make sure your selected device is Ethernet or Airport, depending on which you use.
    3. You'll now see a bunch of numbers. The two you want to write down are "IP Address" and "Router".

    Now you have two of the necessary pieces of information. The third you'll need is the port number for the game you want to be able to host for. All of the port numbers for GameSmith capable games are listed here. Jot down the ones you need.

    Now is when that manual will come in handy - check your manual to figure out where the interface is for configuring your router. Chances are you just need to type the address of your router into your web browser. Some routers use http://192.168.0.1, others use http://192.168.123.254 - chances are the address is the same as the number you wrote down for router, but it may be on a different port. You may also need a login and/or password. Thus, check the manual! (If you've lost your manual, many vendors have online documentation - check the bottom of this page for links.)

    Now, you'll be in your router's admin interface. Needless to say (as this is the case with most admin things), if you click the wrong thing, you could do some temporary or permenant damage to your hardware - so don't click randomly! You want to look for a link that says "Security" or "Port Forwarding" or "Access Controls". If you have your manual, you may be able to find exactly what you're looking for quicker than trying to decipher strange setting names.

    Once you're into the appropriate setting section, you need two main pieces of information to get the port forwarded appropriately. One of those is the port number - you wrote that down, didn't you? Some routers want a range of ports to open; if so, you could open a range of games all at once. The other piece of information you need is your internal IP address - which you also wrote down! Some times you need to enter the full address, other times just the last set of digits (thus, 192.168.0.42 -> 42). As is becoming my favorite phrase, "Please consult your manual for specifics".

    After you apply the new settings, you should be all set!

    DMZ, or How I Learned To Stop Worrying And Love Insecurity

    There's another option when it comes to port forwarding. Referred to as "DMZ" (yes, it's short for DeMilitarized Zone) or sometimes as "Exposed Computer" or "Gaming Mode", it allows ALL incoming traffic that isn't otherwise routed to be forwarded to one particular machine. This is a huge benefit if you like to host games - especially if you're the only person on your LAN who would host anything - because you never have to forward a port number ever again.

    Of course, this does carry a security risk - you are essentially disabling the firewall on your router and leaving your machine defenseless against anyone who may try to attack it. Granted, Mac OS X is an incredibly secure operating system (OS9 even more so!), but there may always be a new security hole that no one knows about that could be exploited. Thus, Freeverse Software is not responsible for any potential harm to your machine should you DMZ your machine as detailed in this article and then suffer an attack. I'm not fond of those sort of statements, but just in case!

    All legal boilerplating aside, there's one other small issue - some routers don't do DMZ. Check your manual and see if you do.

    If you do, chances are you can follow the steps above for port forwarding, all the way up until you click on Security - normally the DMZ settings are in the same area. You'll only need to punch in the IP address for the machine you want to DMZ, not any port numbers.

    Apply the settings (you will likely get bumped off the net for a split second while the router recovers from this, so make sure you're not downloading anything!), and you should be all set.

    Special Airport Easy Setup Guide
    By Trevor G

    1. Open up Applications/Utilities/AirPort Admin Utility.
    2. Select the Base Station you wish to configure and click the Configure Button (you will require the password for the base station, unless it is saved in keychain already).
    3. On the new network window click the "Show All Settings" button.
    4. Select the "Port Mapping" tab.
    5. Click the Add button and type in the ports you want to open and the IP address 10.0.1.2xx (10.0.1.221 will be one that works fine with any AirPort) where the xx is greater then 01 (Some people have had problems doing this with new airports. I would recommend to use xx greater then 21)
      If you're are set up to assign 172.16.1.xxx addressing or 192.168.1.xxx addressing you must use those IP's and not 10.0.1.201 as a fixed address but everything is the same. You can check this by opening airport admin utility and then show all settings, then the network tab. Just put down 172.16.1.201 or 192.168.1.201 instead of 10.0.1.201 for any forwarding.
    6. Click the Update button. This will interrupt all network traffic on your airport network as the base station takes 30 seconds to restart.
    7. Open System Preferences.
    8. Select Network.
    9. Open AirPort Settings.
    10. Click the TCP/IP tab (Copy down the numbers next to Subnet Mask and Router and DNS Servers and Search Domains).
    11. Under the Configure popup, select "Manually".
    12. Type in the subnet mask copied earlier as well as the router numbers .
    13. Set your IP Address to 10.0.1.2xx ( as in 10.0.1.221 ) make sure this is the same number that you forwarded the ports too before.
    14. Type in your DNS Servers as well as your search domains (usually given to you by your ISP also can be found in your AirPort Admin Utility when you go into configure and click Internet Connections).
    15. Click Apply Now (your internet will disconnect but should reconnect right after).

    I hope this has helped you make heads or tails of the crazy world of networking. If you have any additional tips, questions, praise, disagreements, theological debates, or anything else, find me on GameSmith (FV Remy) and let me know what you think!

    -Dan "Remy" Dickinson

    Updated by Bruce "Hippieman" Morrison on 2/1/05

    Appendix - Help Information for Specific Companies

    Here's some links I dug up that you may find useful. Some give you more direct answers, others may just take you to the support section of the company in question. Hope this helps!