I have a B One router (non cellular), and having issues with latency and speed for xbox.
Speed test came back 440 down and 21 up, 53 latency and 12 jitter. Results came back - Gaming - poor. Chatting - poor. Vid streaming - average.
What can I do to speed things up, for a smoother gaming experience?
Is this with UPnP on or off? On your router: Advanced → Port Forwarding → UPnP
UPnP is set to Off currently.
Try turning it on and retry your test.
I didn’t want to try it as I was told it is less secure with it on. I googled and read that if the inbound firewall rule is changed from the default allow all to deny all it could affect xbox gaming as some unsolicited traffic is used. With that said, what is the difference between just using the buil-in/out-of-box stateful firewall (with no changes to firewalls) vs. having the inbound firewall rule to deny all? Don’t they both do the same thing - deny all unsolicited? If that is true, I’m wondering why a lot of folks suggest having inbound set to deny all, if in fact, the router is stateful to begin with?
Saying UPnP is “insecure” is an oversimplification. It’s only insecure if you don’t trust all of the devices on your LAN. And that’s why leaving it off is a reasonable default.
But if you do trust all of your LAN devices, then UPnP is a feature.
UPnP is critical for gaming latency/performance because it allows for direction connections instead of proxy servers.
THank you. If I may also ask, what about the item I googled regarding stateful? would that affect gaming - having inbound rule to block all?
what is the difference between just using the buil-in/out-of-box stateful firewall (with no changes to firewalls) vs. having the inbound firewall rule to deny all? Don’t they both do the same thing - deny all unsolicited? If that is true, I’m wondering why a lot of folks suggest having inbound set to deny all, if in fact, the router is stateful to begin with?
“stateful” and “stateless” are programming terms. They respectively mean whether something requires “memory” or not (and maybe not literal RAM) to remember the “state” of something.
For homes and small businesses, all routers use stateful NAT because it has to track TCP/UDP sessions in order to rewrite the LAN IP addresses into the WAN IP address(es).
As for the firewall (which many conflate with terms like NAT or router), that is inherently stateful too because each deviation from the default policy is represents “state” that is being tracked.
I wouldn’t worry about the firewall unless you have a good reason. The default rules are fine, and what UPnP does it also fine (if you trust all of your LAN devices).
Thank you. I’ll try UPnP as you suggested and test again.
So the Peplink router, with NAT on WAN, and the default firewall inbound rule as set to allow all (the setting out of box) is satisfactorily secure for homes and small home offices? I wonder why it is suggested to edit the default to deny all inbound? Do you put any credence to that affecting gaming as well? (sorry for all the questions, i just want to be sure that the default settings are ok - i.e. - not changing any firewall rules - and leaving it as allow all)
At the risk of opening a can of worms, firewall settings are tricky and often backfire for people that aren’t deeply interested in networking technology.
Let me put it this way: your computer/router vendors aren’t foolish or reckless. They default the firewall settings to “allow” because they trust that the rest of the software is working correctly. When you start setting explicit firewall rules then you’re second guessing and/or trying to outsmart software and/or users.
Also for home router users, NAT is effectively the “firewall” because it doesn’t allow inbound connections unless port forwarding rules are setup or UPnP is used. That’s really all home and small businesses typically need.
When you start denying things in the firewall, you’re committing yourself to becoming good at debugging networking problems. Is that how you want to spend your time? Why is the implicit “firewall” that NAT provides not enough?
Good points, and thank you!
You shouldn’t need to turn on UPnP for this to work, like you say it’s a security hole. I’m seeing about a 12ms ping with a B One as a the gateway without UPnP. (300Mb cable connection.)
My question would be what’s a traceroute (to somewhere like 8.8.8.8) look like when the latency is bad.
Also what’s the connection, and what host are you pinging?
I debugged an issue at one of my nodes like this (young relative not getting gaming performance), and the trace routes showed it was being routed via Texas (from Washington State). We tracked the problem down to Norton Firewall inserting a VPN in the route. (This host was the only PC on the network, so only thing running Norton firewall.)
I think I’ve heard that Norton may only do that if it can’t get through the firewall using UPnP.