- Playstation Vita 3G model
- 8GB memory card
- PSN title to be named later
- 1 free month of AT&T 250MB data service
January 27, 2012
Playstation Vita 3G Launch Bundle
As reported by IGN today, Sony has created the Playstation Vita 3G Launch Bundle. This bundle scores you all of the following for the same $299 that was announced at E3 for just the 3G unit:
December 5, 2011
Editorial: Microsoft Misses the Boat
Tomorrow marks the launch of the latest update of the Xbox user interface, the first such makeover since the NXE was launched. Having been a member of the Preview Program, I can assure you it's worth updating to, especially if you own Kinect.
One of the features most touted during its announcement was the addition of live TV to the Xbox. With partners like ESPN, HBO, Verizon, and many more, Microsoft proclaimed themselves the herald of a new generation of TV. That may be what they said, but the reality is that they're simply propagating the current stranglehold of restrictions on video content that already exist.
You've seen it already. The ESPN app on the Xbox only works if you already have a cable/satellite subscription, and it's on a provider that supports watchespn.com. The new apps are no different. HBO Go? Gotta have a subscription. Verizon FIOS? Subscription. Maybe I'm missing something, but can someone please explain to me why the ability to watch the same channels you already pay for, on the same TV you already own, but via the Xbox instead of a cable/satellite box is a big deal? And before anyone says "You won't need to own a cable/satellite box now!" remember that A) You can't get all of your provider's channels, and B) There's no way in the world that you won't be charged a fee of some sort for this "privilege". There's no way the company will give up the box rental revenue.
Microsoft seriously missed the boat here. They could have changed video content distribution forever by making this offering "rogue". What do I mean? Give me the ability to say: "Hey ESPN, I'll buy your channel for $4.95/month. HBO, I'll pay for your channel too. Verizon FIOS offering? Sure, I'll take that as well. By the way, I'm a Time Warner Cable Internet subscriber, and you're going to stream your stuff to me on their network without me subscribing to their video offering."
Now THAT would have been revolutionary. To break free of the traditional mold and let the content live wherever someone wants it. I'm not trying to be a pirate about it, you still have to pay for the content. The idea that I can just pay the content provider directly rather than the middle man is the key. And Microsoft could have done this! Let's look at this objectively. The only value add for existing subscribers is that now they could pair Kinect with the video offering. While that's nice and all, it's nothing most people would pay extra for, as is rumored with the Verizon FIOS offering. Since the service Microsoft is offering isn't doing anything different, they could have approached content providers from the standpoint that Apple approached the music industry. This pitch could have went something like this:
"The times, they are a changin boys. You can either be in on the revolution or swept under by it. We're planning to begin a new service that will deliver subscription video content via the Xbox Live service and we want you in on it. This will give you access to an installed base of 55 million consoles worldwide, and 35 million current (as of June 3rd, 2011 according to Xbox Live's Larry Hyrb) Xbox Live subscribers. You win because subscription fees go directly to you, we do not control any price, and you get to eliminate the middle man and make more profit. Our subscribers win because they get access to the content they want, don't have to subsidize content they don't want, and aren't tied to a specific provider in order to get it. We win because we feel this will drive more desire to own an Xbox with a Live subscription. Whadda ya say guys?"
And I think at first, there would be resistance for sure among the big content providers. But what you would see immediately is the little guys JUMPING at this opportunity. Content providers such as G4 that recently got dealt a huge blow last year by not being renewed by DirecTV (the largest US Satellite provider) could give them the middle finger and get to far more households (35 million versus 18 million as of the research done for this article) than DirecTV could hope to give them. Content providers wanting to get in the game that could never hope to even get past negotiations with content delivery networks could ply their wares to millions without ever having to negotiate a contract. Then at some point, one of the big boys finally sees the market they're missing out on, and the rest fall like dominoes.
This will happen eventually. It's just a matter of time. It's unfortunate that Microsoft with both the power and opportunity to effect change wasted both. The new Xbox Live experience will certainly carry a lot of positives, but it sadly fell short of the revolutionary offering that it could have been.
One of the features most touted during its announcement was the addition of live TV to the Xbox. With partners like ESPN, HBO, Verizon, and many more, Microsoft proclaimed themselves the herald of a new generation of TV. That may be what they said, but the reality is that they're simply propagating the current stranglehold of restrictions on video content that already exist.
You've seen it already. The ESPN app on the Xbox only works if you already have a cable/satellite subscription, and it's on a provider that supports watchespn.com. The new apps are no different. HBO Go? Gotta have a subscription. Verizon FIOS? Subscription. Maybe I'm missing something, but can someone please explain to me why the ability to watch the same channels you already pay for, on the same TV you already own, but via the Xbox instead of a cable/satellite box is a big deal? And before anyone says "You won't need to own a cable/satellite box now!" remember that A) You can't get all of your provider's channels, and B) There's no way in the world that you won't be charged a fee of some sort for this "privilege". There's no way the company will give up the box rental revenue.
Microsoft seriously missed the boat here. They could have changed video content distribution forever by making this offering "rogue". What do I mean? Give me the ability to say: "Hey ESPN, I'll buy your channel for $4.95/month. HBO, I'll pay for your channel too. Verizon FIOS offering? Sure, I'll take that as well. By the way, I'm a Time Warner Cable Internet subscriber, and you're going to stream your stuff to me on their network without me subscribing to their video offering."
Now THAT would have been revolutionary. To break free of the traditional mold and let the content live wherever someone wants it. I'm not trying to be a pirate about it, you still have to pay for the content. The idea that I can just pay the content provider directly rather than the middle man is the key. And Microsoft could have done this! Let's look at this objectively. The only value add for existing subscribers is that now they could pair Kinect with the video offering. While that's nice and all, it's nothing most people would pay extra for, as is rumored with the Verizon FIOS offering. Since the service Microsoft is offering isn't doing anything different, they could have approached content providers from the standpoint that Apple approached the music industry. This pitch could have went something like this:
"The times, they are a changin boys. You can either be in on the revolution or swept under by it. We're planning to begin a new service that will deliver subscription video content via the Xbox Live service and we want you in on it. This will give you access to an installed base of 55 million consoles worldwide, and 35 million current (as of June 3rd, 2011 according to Xbox Live's Larry Hyrb) Xbox Live subscribers. You win because subscription fees go directly to you, we do not control any price, and you get to eliminate the middle man and make more profit. Our subscribers win because they get access to the content they want, don't have to subsidize content they don't want, and aren't tied to a specific provider in order to get it. We win because we feel this will drive more desire to own an Xbox with a Live subscription. Whadda ya say guys?"
And I think at first, there would be resistance for sure among the big content providers. But what you would see immediately is the little guys JUMPING at this opportunity. Content providers such as G4 that recently got dealt a huge blow last year by not being renewed by DirecTV (the largest US Satellite provider) could give them the middle finger and get to far more households (35 million versus 18 million as of the research done for this article) than DirecTV could hope to give them. Content providers wanting to get in the game that could never hope to even get past negotiations with content delivery networks could ply their wares to millions without ever having to negotiate a contract. Then at some point, one of the big boys finally sees the market they're missing out on, and the rest fall like dominoes.
This will happen eventually. It's just a matter of time. It's unfortunate that Microsoft with both the power and opportunity to effect change wasted both. The new Xbox Live experience will certainly carry a lot of positives, but it sadly fell short of the revolutionary offering that it could have been.
November 24, 2011
Review: Uncharted 3
The Uncharted series is probably most known for being absolutely gorgeous, as well as modernizing the Indiana Jones style exploration genre. Uncharted 3 is no exception. Come on in and let me tell you a tale of a game that could have been an absolute masterpiece.
The story:
The story gives us a peek at Drake's history with Sully, showing us their relationship at its genesis in Columbia. This is integral to the game's overall story, as it also introduces you to the game's main villain in the process. The filling in of the back story with Nate and Sully is awesome. As a fan of the series, it was really neat to see how they met and the tie between them.
Equally riveting is the story between Nate and Elena. You open the game in a mission with Sully, Chloe, and a new character, Cutter. Elena is nowhere to be found at the beginning of the game, and you're given a somewhat vague story of why throughout the game.
The main story this time around revolves around the cause of Sir Francis Drake spending way more time than he should have in one spot for one of his expeditions. You open trying to sell Nate's ring that he's had since the first game, sending us on this whole adventure to start with. The buyer tries to use use counterfeit money to get the ring, and in typical Drake and Sully fashion, it ends up in a brawl.
The game:
Nothing much has changed since the first two games here. Hand to hand combat is still mostly mashing square with a dash of triangle thrown in. Stealth kills haven't changed either, just get near the enemy undetected and tap square and finish them. The only thing really new is that we now have the ability to chuck grenades back at the enemy by timing a press of the triangle button just right. This isn't anything to knock the game for, as the system is certainly fun. What's frustrating to no end that also hasn't changed since the first game, is the clunky controls for controlling Nate during the platforming and climbing sections of the game. Many a time I jumped to my death while seemingly pointed exactly where I wanted to go. Also needing to go away are the all too frequent instant fail sections. Several times you're asked to pursue someone or run away from something and if you're not quick enough or go the wrong way, it's time to restart. This is compounded worse by the fact that on more than one occasion you're running toward the camera and cannot see ahead of you. Note to all developers: This is just cheap. It's annoying and completely luck based, and there's no need for it in the 21st century of gaming. Pile that on top of the sections of the game where you're not really gaming, and it just gets a bit old. I do realize they're using this for effect in the story, but in practice, it's just a cut scene that requires you to hold in a direction to advance it. They'd have been better off simply making it a true cut scene and being done with it, as there's no reason for the player to have control in these instances.
The verdict:
All that said, it's still a great game. It's beautiful, and tells an awesome story. Unfortunately, Uncharted 3 is a frustrating mix of this great story, beautiful scenery, and botched game mechanics. In the end, a game is just that, a game. If the game part is weak, you can't ignore this. It's very much worth playing, but in deciding the final score of this game, the weaknesses in the actual game prevent it from being a must own.
Pros:
The story:
The story gives us a peek at Drake's history with Sully, showing us their relationship at its genesis in Columbia. This is integral to the game's overall story, as it also introduces you to the game's main villain in the process. The filling in of the back story with Nate and Sully is awesome. As a fan of the series, it was really neat to see how they met and the tie between them.
Equally riveting is the story between Nate and Elena. You open the game in a mission with Sully, Chloe, and a new character, Cutter. Elena is nowhere to be found at the beginning of the game, and you're given a somewhat vague story of why throughout the game.
The main story this time around revolves around the cause of Sir Francis Drake spending way more time than he should have in one spot for one of his expeditions. You open trying to sell Nate's ring that he's had since the first game, sending us on this whole adventure to start with. The buyer tries to use use counterfeit money to get the ring, and in typical Drake and Sully fashion, it ends up in a brawl.
The game:
Nothing much has changed since the first two games here. Hand to hand combat is still mostly mashing square with a dash of triangle thrown in. Stealth kills haven't changed either, just get near the enemy undetected and tap square and finish them. The only thing really new is that we now have the ability to chuck grenades back at the enemy by timing a press of the triangle button just right. This isn't anything to knock the game for, as the system is certainly fun. What's frustrating to no end that also hasn't changed since the first game, is the clunky controls for controlling Nate during the platforming and climbing sections of the game. Many a time I jumped to my death while seemingly pointed exactly where I wanted to go. Also needing to go away are the all too frequent instant fail sections. Several times you're asked to pursue someone or run away from something and if you're not quick enough or go the wrong way, it's time to restart. This is compounded worse by the fact that on more than one occasion you're running toward the camera and cannot see ahead of you. Note to all developers: This is just cheap. It's annoying and completely luck based, and there's no need for it in the 21st century of gaming. Pile that on top of the sections of the game where you're not really gaming, and it just gets a bit old. I do realize they're using this for effect in the story, but in practice, it's just a cut scene that requires you to hold in a direction to advance it. They'd have been better off simply making it a true cut scene and being done with it, as there's no reason for the player to have control in these instances.
The verdict:
All that said, it's still a great game. It's beautiful, and tells an awesome story. Unfortunately, Uncharted 3 is a frustrating mix of this great story, beautiful scenery, and botched game mechanics. In the end, a game is just that, a game. If the game part is weak, you can't ignore this. It's very much worth playing, but in deciding the final score of this game, the weaknesses in the actual game prevent it from being a must own.
Pros:
- Probably the most beautiful game you'll see on a console
- Smart story, constantly keeps you guessing
Cons:
- Way too many instant fail sequences
- Controls just aren't that strong
Score: 4 out of 5 stars - Worth Owning
Review System - PS3
Time Played - 16 hours, all single player
Completion: Finished the single player game. Obtained 31 of 55 trophies
November 15, 2011
Want My SWTOR Beta Key? Just Ask!
I couldn't come up with anything creative to give away my Star Wars: The Old Republic beta key. So instead, the first of my Twitter followers to simply ASK will get it! I put this out yesterday and have yet to get a response...
November 14, 2011
SWTOR Beta Key to Give Away
So, I've got this shiny SWTOR beta key here in my hands. The problem for me, is that I don't own a PC to play this thing on. So how exactly should I give this thing away to you, my wonderful readers?
November 7, 2011
Want Some Free Battlefield 3 Custom Dogtags?
If so, easy task for you. A new movie scheduled for release in February next year called "Act of Valor" has partnered with EA to hook you up with some dogtags for watching their pretty BA trailer. Click here to see the preview of what looks to be a pretty awesome movie and score your loot.
November 4, 2011
Early Play - What's the Big Deal?
It appears that a few retailers have jumped the gun and began selling Modern Warfare 3 just a *tad* early. Those that have been able to take advantage of this, of course, started playing. Yesterday, Xbox Live Director of Policy and Enforcement Stephen Toulouse tweeted the following:
Stepto: clarification: dblchk'd with Activision. Mw3 pre-release play not authorized. So pls be patient. Playing early may impact your account! (link to tweet)
Two things are at question here. First, it has been Microsoft's policy in the past that if you've legitimately obtained a game prior to its official release, go nuts. This even came from Toulouse himself earlier in the day tweeting:
Stepto: For those asking about MW3 pre-release play: If your copy is legit and obtained legitly, have fun. It's a great game. (link to tweet)
So why the reversal? Is Activision now dictating to Microsoft what its policy should be? Moreover, if they're really that concerned about people playing it before release, here's a novel thought. Turn off the multiplayer servers until release. That'll teach those bastards to pay you money before they're supposed to!
And that brings me to point number two. Why does it really matter? These people are not pirates. They're paying customers. I could totally understand if these were leaked copies of the game being spread far and wide across the Internet. This is not the case. Here, you're punishing your most rabid fans for legitimately obtaining the game early. You want to take it out on someone? Find the retailer that sold it early and tell them they don't get the game next time. Or if it was really that severe in your eyes, blacklist them from getting other games published from your company. Don't punish the consumer, they're innocent in this scenario. Who of us *wouldn't* take that opportunity?
The conspiracy theorist in me isn't entirely sure this hasn't been orchestrated since Battlefield 3 is enjoying some pretty ridiculous sales numbers with no opposition and Activision can't have it. This could be the *wink wink, nudge nudge* "Now you're not supposed to be doing this yet guys!" in order to get some free publicity and to undercut the competition.
It's moderate level d-baggery at its worst, and crappy publicity stunt at its best. Either way, the consumer that did no wrong ends up standing to lose the most.
Update - Toulouse later went on to say that nobody would see retribution for early play but to "wait til Tuesday to play with everybody", whatever that meant.
Stepto: clarification: dblchk'd with Activision. Mw3 pre-release play not authorized. So pls be patient. Playing early may impact your account! (link to tweet)
Two things are at question here. First, it has been Microsoft's policy in the past that if you've legitimately obtained a game prior to its official release, go nuts. This even came from Toulouse himself earlier in the day tweeting:
Stepto: For those asking about MW3 pre-release play: If your copy is legit and obtained legitly, have fun. It's a great game. (link to tweet)
So why the reversal? Is Activision now dictating to Microsoft what its policy should be? Moreover, if they're really that concerned about people playing it before release, here's a novel thought. Turn off the multiplayer servers until release. That'll teach those bastards to pay you money before they're supposed to!
And that brings me to point number two. Why does it really matter? These people are not pirates. They're paying customers. I could totally understand if these were leaked copies of the game being spread far and wide across the Internet. This is not the case. Here, you're punishing your most rabid fans for legitimately obtaining the game early. You want to take it out on someone? Find the retailer that sold it early and tell them they don't get the game next time. Or if it was really that severe in your eyes, blacklist them from getting other games published from your company. Don't punish the consumer, they're innocent in this scenario. Who of us *wouldn't* take that opportunity?
The conspiracy theorist in me isn't entirely sure this hasn't been orchestrated since Battlefield 3 is enjoying some pretty ridiculous sales numbers with no opposition and Activision can't have it. This could be the *wink wink, nudge nudge* "Now you're not supposed to be doing this yet guys!" in order to get some free publicity and to undercut the competition.
It's moderate level d-baggery at its worst, and crappy publicity stunt at its best. Either way, the consumer that did no wrong ends up standing to lose the most.
Update - Toulouse later went on to say that nobody would see retribution for early play but to "wait til Tuesday to play with everybody", whatever that meant.
October 31, 2011
Games Journalism Isn't Objective
So I've come out from hiding (and basically insanely busy work and personal life schedules) to comment on this:
Any of you that follow games journalism should recognize Justin McElroy in the video above embracing his beloved copy of Skyrim. This video is certainly meant to be funny, and a bit serious as well since nobody honestly will be seeing Justin for probably 100+ hours now that he has the game.
But it has fueled the ire of those over at NeoGaf claiming "TEH BIAS!!!!11!1!". Here's the deal everyone, a game review is simply an opinion of the person playing it. And that person, no matter how much they want to admit it, will have a bias if they're already a fan of the game, its series, or its publisher even.
Now *normally* I wouldn't have a problem with a video of this type. The problem in this instance though is Joystiq's mantra that they are unbiased in their work. They have put themselves in this ivory tower over and over and over again. So when an editor is such an unabashed fan of something, and your site makes it a HUGE deal that its reviews and reviewers are unbiased, editorial has an easy fix for this. Don't let that person review that game. This of course is a problem if the person with the problem is the site's managing editor that refuses to give up the review.
On his personal blog Justin goes on to defend his video and the fact that he will still be reviewing the game for Joystiq. He says near the end:
This would be EXACTLY RIGHT except for the site's stated policy that everything is unbiased, and the lengths they go to in order to "provide unbiased coverage and criticism of the video game industry."
I know, it's easy for me to talk with a po-dunk personal blog that receives exactly squat for free. But here's the thing, if anyone anywhere ever wants to send me anything for free, I'm taking it, disclosing it to the public, and then publishing my thoughts on what I got. That's *my* stated policy. We'll see whether or not Joystiq's Editor-in-Chief Chris Grant sacks up and tells Justin he needs to stand down in order to preserve the site's ethics. Either way it goes, it's made for high comedy.
Any of you that follow games journalism should recognize Justin McElroy in the video above embracing his beloved copy of Skyrim. This video is certainly meant to be funny, and a bit serious as well since nobody honestly will be seeing Justin for probably 100+ hours now that he has the game.
But it has fueled the ire of those over at NeoGaf claiming "TEH BIAS!!!!11!1!". Here's the deal everyone, a game review is simply an opinion of the person playing it. And that person, no matter how much they want to admit it, will have a bias if they're already a fan of the game, its series, or its publisher even.
Now *normally* I wouldn't have a problem with a video of this type. The problem in this instance though is Joystiq's mantra that they are unbiased in their work. They have put themselves in this ivory tower over and over and over again. So when an editor is such an unabashed fan of something, and your site makes it a HUGE deal that its reviews and reviewers are unbiased, editorial has an easy fix for this. Don't let that person review that game. This of course is a problem if the person with the problem is the site's managing editor that refuses to give up the review.
On his personal blog Justin goes on to defend his video and the fact that he will still be reviewing the game for Joystiq. He says near the end:
"The trick, to crib a line from Pulitzer Prize and Tony Award-winning musical Rent, is finding a critic with baggage that goes with yours."
This would be EXACTLY RIGHT except for the site's stated policy that everything is unbiased, and the lengths they go to in order to "provide unbiased coverage and criticism of the video game industry."
I know, it's easy for me to talk with a po-dunk personal blog that receives exactly squat for free. But here's the thing, if anyone anywhere ever wants to send me anything for free, I'm taking it, disclosing it to the public, and then publishing my thoughts on what I got. That's *my* stated policy. We'll see whether or not Joystiq's Editor-in-Chief Chris Grant sacks up and tells Justin he needs to stand down in order to preserve the site's ethics. Either way it goes, it's made for high comedy.
September 12, 2011
Xbox Live, NAT, and You
I've always been a network geek. I've always heard of people with issues with NAT and Xbox Live and thought "They just must not know what they're doing" and dismissed it as an 1D10T error.
Until now.
Now that I'm in a job that requires me to understand Live and NAT, it seriously makes me wonder about the forethought put into the creation of the Live service. They admittedly do some really cool stuff to get around some of the NAT problems, but I can't help but think that it's actually over-engineered.
What follows will be a HIGHLY technical article. While I'm going to make every effort to make this as accessible as possible to Joe Everyman, it is without a doubt still very technical. If you're not curious about the technical nature of Live, have no understanding of networking and don't care, or otherwise don't feel the need to know what's under the hood of your 360, you can click off now, as this article isn't for you. It will, without a doubt, put you to sleep.
I'll give the uninterested people a few minutes to disperse.
Still with me?
Good.
Here comes more than you'll probably ever want to know about Xbox Live and NATs.
Let's begin with basics for the uninitiated few that did stick around. All devices connected to the internet get an IP (Internet Protocol) address. That address cannot be used by any other device. Years ago, when precious few IP addresses were available (we're actually out of IPv4 addresses now!) smart people long ago established NAT (Network Address Translation) as a way to share a single address to multiple devices. A NAT router is the piece of magic that allows all of your devices at home to harmoniously use the single IP address that nearly every ISP (Internet Service Provider) gives you. Most people will refer to this as a Linksys or Cisco router, but many manufacturers (D-Link, Belkin, Netgear, to name a few) make these devices. Some are better than others, but they all serve the same basic purpose. To everyone but gamers, these devices for the most part magically work and no thought should ever really be given to them. But in our case, we care greatly about their capabilities.
How Xbox Live works
There are five ports that Xbox Live uses:
TCP 80, 443, 3074
UDP 88, 3074
The critical port of the bunch though, is that UDP 3074 guy. You see, not only do the servers operated by Microsoft care about him, but every other Xbox on the planet does as well. Yes friends, Xbox Live is a peer-to-peer service as well as a client-server service. This fact is until recently where I was blissfully ignorant. I thought, "That's simple, just allow the ports through your firewall and you're done." Not so fast slick. Not only does the 360 phone home to Live and expect to carry on a conversation, but other 360s will want to talk to you as well. This is the part where NAT becomes a pain in the neck for many people.
How NAT works
First off, there are three types of NAT: Open (Full Cone), Moderate (Restricted Cone), and Strict (Symmetric). For your Xbox to work at its best, you want to have an Open NAT. Let's look at a little detail of what each of these types means in the real world.
To start with, all NAT types contain a state table. This is the computer's way of knowing what traffic coming in from the outside world is supposed to go to what address in the private, translated world. The table however, will be different depending on the NAT type. The second thing that should be kept in mind is that by default in all NAT types, a client on the inside must initiate traffic before an entry is created in the state table. Until that happens, no traffic from the outside can be forwarded to the inside. In all the examples that follow, assume the following:
Your own internal IP address is 192.168.1.10
The IP you've received from your ISP is 10.1.1.10
The IP of the Xbox Live service is 172.16.1.36
The IP "Remote Live Player A" received from their ISP is 10.2.2.20
The internal IP address of "Remote Live Player A" is 192.168.2.20
The IP "Remote Live Player B" received from their ISP is 10.3.3.30
The internal IP address of "Remote Live Player B" is 192.168.3.30
Open NAT:
Open NAT is the simplest form of NAT. It only cares about the internal client's information, and could care less about where the traffic from the outside world is coming from. An Open NAT's state table might look something like this:
192.168.1.10:3074 <-> 10.1.1.10:5000
This is the device saying "Hey, anything that comes in from the outside world to port 5000, it should go to 192.168.1.10 on port 3074."
Moderate NAT:
Moderate NAT goes a step further in that it not only cares about the translation of your internal address to a public one, but it will only allow that translation to work specifically with a given remote port. A Moderate NAT's state table might look something like this:
This is the device saying "Hey, anything that comes in from the outside world going to port 5000 AND is from source port 10000, it should go to 192.168.1.10 on port 3074."
This introduces our first wrinkle in how Xbox Live works in cooperation with a NAT. As you see in our examples, most NAT routers will take the port you're talking on, and use a completely random different port to talk to the outside world on. Because of this, we can't know what port a conversation will come in from when another 360 tries to talk to us. So when the following happens, we have a problem:
Remote Live Player A is able to talk with no issue because the connection is established and the 360 is aware of Player A. However, Remote Live Player B is a sad panda, because the NAT router is expecting all traffic to come in from port 10000 instead of 12000.
Strict NAT:
Strict NAT goes even further, and specifically restricts source port AND IP. A Strict NAT state table might look something like this:
This is the device saying "Hey, anything that comes in from the outside world going to port 5000 AND is from address 10.2.2.20 AND is coming from port 10000, it should go to 192.168.1.10 on port 3074. Also, anything that comes in from the outside world to port 6000 AND is from address 10.3.3.30 and is coming from port 12000, that also should go to 192.168.1.30 on port 3074"
Here is where it really gets fun. Here the NAT router, despite the fact that the communication is being made from the same port by the local client, creates another public facing port for the communication. This is vastly more secure on the part of the NAT router, and for everyday life, preferable. However, it's the Xbox Live service breaking equivalent of dumping Thermite into a steel furnace. It's broken and NOBODY gets to use it!
NAT Hole Punching:
However, Microsoft employs some pretty smart people, and they foresaw this. Even with an Open NAT type, the remote 360 needs a way to know which port to communicate with your 360. So when you sign into Live it records the port you're talking to it on. In the case of an Open NAT, this is pretty much the end of the story, because when you are matched with another player, their 360 is told what port to talk to you on, and everything works:
Gaming bliss is achieved.
In a Moderate NAT situation, we've got a problem. Since our NAT routers have determined a source port at random ahead of time, AND our router cares about the port traffic arriving to it is coming from, AND we can't change the port of other devices talking to us, we've got to employ some trickery to make things work. Let's look at the same conversation above and why it fails when the user's 360 attempts to talk to Remote Live Player A. We've got the same conversation, but I'm going to show you the NAT state table that is created in addition to the network conversation:
Again though, we have some smart people at Microsoft, so for Moderate NAT users, we have this instead:
Again, we have gaming bliss.
So far, we have ways around different NAT types. The problem comes when we get to the Strict type. Since every connection out from a Strict NAT results in a new public facing port being used, Xbox Live can't use the same tactic of hole punching since we have no way of knowing what port will be used as the public facing port. The whole process breaks down then when trying to hole punch:
In Ghostbusters speak, we have a crossing of the streams. We made our connections out, but because our source port changed, we aren't listening on the ports that the conversation is occurring on. As a result, those with Strict NAT types are pretty well up the creek when being matched. They have to rely on being matched with ONLY Open NAT types. Only an Open NAT will work with a Strict, because they don't care where the conversation is coming from, just as long as it's on the right port. Since Live can inform the Strict user of this, the Strict user initiates the connection to the Open user, and there is no problem. But since the local port randomization occurs, even a Moderate user cannot talk with a Strict user since they will be unable to know what port to talk to the Strict user on.
Oh no, that's terrible, how do you fix it?
Well, there's a couple ways to fix this for a home user. Newer NAT routers, the ones above that I mentioned are "better than others" contain a technology called Universal Plug and Play, or UPnP for short. UPnP, without giving you the highly technical explanation above, realizes what's happened here, and ensures that the traffic reaches the proper destination without any user intervention. This is by far the easiest method to fix this. It will also enable you to have more than one 360 using Live at a time in your household. It is also security stupidity as well. Allowing a device to create firewall rules simply by virtue of being behind the firewall is pretty foolish, and this is why nearly no enterprise firewall supports this behavior.
However, it can be fixed on some other NAT routers as well. They key is that UDP 3074 guy once again. Since this is the ONLY port that some random 360 will talk to you on, you can use this information to your advantage. One way of fixing this on a non-UPnP enabled router is to add the 360 to the DMZ, if the router has one. This will cause most NAT routers to forward any traffic not destined for a valid NAT state table entry to the DMZ. However, this isn't always the case. If your router behaves somewhat differently than some, and uses the local source port as the public facing source port, your easy solution here is to redirect UDP 3074 to the 360. This has the unfortunate side effect that only one 360 will be working AT ALL in your household, should you happen to have more than one.
That seems reasonable, what's your problem then?
Well, my problem, as a network admin is that beyond being an administrative nightmare to assign a reserved DHCP address and set up port redirecting from an external address to that reserved internal address for every 360 on my network, I simply don't have that many public IP addresses available. If I did, I wouldn't be using NAT, and I wouldn't be making this post. Now granted, my need to support Xbox Live as a service on my network is one that isn't terribly pervasive, but it is certainly one that Microsoft should care about. I'm sure that colleges, some small ISPs, even some home users with several 360s likely run into this problem quite frequently. With my specific network setup, I can make a single 360 absolutely sing without much effort. The problem is getting *all* of them in harmony. I can't fathom why when knowing that the NAT problem exists, and knowing that they require all users to fork over their $60 (only suckers pay full price for Live, by the way) each year, that all traffic isn't handled by either the Live servers, or a required dedicated server owned by the developer of the game. Granted that IPv6 should fix this problem, but we are some time off before it is widely implemented, and currently I'm unaware of any gaming device at all that even supports it.
So for now, we're stuck with NAT. But now you know what's going on if your 360 is complaining about a Strict or Moderate NAT type, and what you potentially can do about it!
Until now.
Now that I'm in a job that requires me to understand Live and NAT, it seriously makes me wonder about the forethought put into the creation of the Live service. They admittedly do some really cool stuff to get around some of the NAT problems, but I can't help but think that it's actually over-engineered.
What follows will be a HIGHLY technical article. While I'm going to make every effort to make this as accessible as possible to Joe Everyman, it is without a doubt still very technical. If you're not curious about the technical nature of Live, have no understanding of networking and don't care, or otherwise don't feel the need to know what's under the hood of your 360, you can click off now, as this article isn't for you. It will, without a doubt, put you to sleep.
I'll give the uninterested people a few minutes to disperse.
Still with me?
Good.
Here comes more than you'll probably ever want to know about Xbox Live and NATs.
Let's begin with basics for the uninitiated few that did stick around. All devices connected to the internet get an IP (Internet Protocol) address. That address cannot be used by any other device. Years ago, when precious few IP addresses were available (we're actually out of IPv4 addresses now!) smart people long ago established NAT (Network Address Translation) as a way to share a single address to multiple devices. A NAT router is the piece of magic that allows all of your devices at home to harmoniously use the single IP address that nearly every ISP (Internet Service Provider) gives you. Most people will refer to this as a Linksys or Cisco router, but many manufacturers (D-Link, Belkin, Netgear, to name a few) make these devices. Some are better than others, but they all serve the same basic purpose. To everyone but gamers, these devices for the most part magically work and no thought should ever really be given to them. But in our case, we care greatly about their capabilities.
How Xbox Live works
There are five ports that Xbox Live uses:
TCP 80, 443, 3074
UDP 88, 3074
The critical port of the bunch though, is that UDP 3074 guy. You see, not only do the servers operated by Microsoft care about him, but every other Xbox on the planet does as well. Yes friends, Xbox Live is a peer-to-peer service as well as a client-server service. This fact is until recently where I was blissfully ignorant. I thought, "That's simple, just allow the ports through your firewall and you're done." Not so fast slick. Not only does the 360 phone home to Live and expect to carry on a conversation, but other 360s will want to talk to you as well. This is the part where NAT becomes a pain in the neck for many people.
How NAT works
First off, there are three types of NAT: Open (Full Cone), Moderate (Restricted Cone), and Strict (Symmetric). For your Xbox to work at its best, you want to have an Open NAT. Let's look at a little detail of what each of these types means in the real world.
To start with, all NAT types contain a state table. This is the computer's way of knowing what traffic coming in from the outside world is supposed to go to what address in the private, translated world. The table however, will be different depending on the NAT type. The second thing that should be kept in mind is that by default in all NAT types, a client on the inside must initiate traffic before an entry is created in the state table. Until that happens, no traffic from the outside can be forwarded to the inside. In all the examples that follow, assume the following:
Your own internal IP address is 192.168.1.10
The IP you've received from your ISP is 10.1.1.10
The IP of the Xbox Live service is 172.16.1.36
The IP "Remote Live Player A" received from their ISP is 10.2.2.20
The internal IP address of "Remote Live Player A" is 192.168.2.20
The IP "Remote Live Player B" received from their ISP is 10.3.3.30
The internal IP address of "Remote Live Player B" is 192.168.3.30
Open NAT:
Open NAT is the simplest form of NAT. It only cares about the internal client's information, and could care less about where the traffic from the outside world is coming from. An Open NAT's state table might look something like this:
192.168.1.10:3074 <-> 10.1.1.10:5000
This is the device saying "Hey, anything that comes in from the outside world to port 5000, it should go to 192.168.1.10 on port 3074."
Moderate NAT:
Moderate NAT goes a step further in that it not only cares about the translation of your internal address to a public one, but it will only allow that translation to work specifically with a given remote port. A Moderate NAT's state table might look something like this:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> [Any IP]:10000
This is the device saying "Hey, anything that comes in from the outside world going to port 5000 AND is from source port 10000, it should go to 192.168.1.10 on port 3074."
This introduces our first wrinkle in how Xbox Live works in cooperation with a NAT. As you see in our examples, most NAT routers will take the port you're talking on, and use a completely random different port to talk to the outside world on. Because of this, we can't know what port a conversation will come in from when another 360 tries to talk to us. So when the following happens, we have a problem:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 10.2.2.20:10000 <-> 192.168.2.20:3074 = YAY!
192.168.1.10:3074 X-X 10.1.1.10:5000 <-> 10.3.3.30:12000 <-> 192.168.3.30:3074 = FAIL!
Remote Live Player A is able to talk with no issue because the connection is established and the 360 is aware of Player A. However, Remote Live Player B is a sad panda, because the NAT router is expecting all traffic to come in from port 10000 instead of 12000.
Strict NAT:
Strict NAT goes even further, and specifically restricts source port AND IP. A Strict NAT state table might look something like this:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 10.2.2.20:10000
192.168.1.10:3074 <-> 10.1.1.10:6000 <-> 10.3.3.30:12000
This is the device saying "Hey, anything that comes in from the outside world going to port 5000 AND is from address 10.2.2.20 AND is coming from port 10000, it should go to 192.168.1.10 on port 3074. Also, anything that comes in from the outside world to port 6000 AND is from address 10.3.3.30 and is coming from port 12000, that also should go to 192.168.1.30 on port 3074"
Here is where it really gets fun. Here the NAT router, despite the fact that the communication is being made from the same port by the local client, creates another public facing port for the communication. This is vastly more secure on the part of the NAT router, and for everyday life, preferable. However, it's the Xbox Live service breaking equivalent of dumping Thermite into a steel furnace. It's broken and NOBODY gets to use it!
NAT Hole Punching:
However, Microsoft employs some pretty smart people, and they foresaw this. Even with an Open NAT type, the remote 360 needs a way to know which port to communicate with your 360. So when you sign into Live it records the port you're talking to it on. In the case of an Open NAT, this is pretty much the end of the story, because when you are matched with another player, their 360 is told what port to talk to you on, and everything works:
You: Hey Live, I'm signing in!
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 172.16.1.36:3074
Live: Thanks User, I see you're on port 5000... I'll remember that for later.
Player A: Hey Live, I'm signing in!
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> 172.16.1.36:3074
Live: Thanks Player A, I see you're on port 10000... I'll remember that for later.
You and Player A then get matched in a game...
Live: Hey User, you're going to be matched with Player A. Talk to him on port 10000.
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 10.2.2.20:10000 <-> 192.168.2.20:3074
Gaming bliss is achieved.
In a Moderate NAT situation, we've got a problem. Since our NAT routers have determined a source port at random ahead of time, AND our router cares about the port traffic arriving to it is coming from, AND we can't change the port of other devices talking to us, we've got to employ some trickery to make things work. Let's look at the same conversation above and why it fails when the user's 360 attempts to talk to Remote Live Player A. We've got the same conversation, but I'm going to show you the NAT state table that is created in addition to the network conversation:
You: Hey Live, I'm signing in!
User's network conversation:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 172.16.1.36:3074
User's NAT state table:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> [Any IP]:3074
Live: Thanks User, I see you're on port 5000... I'll remember that for later.
Player A: Hey Live, I'm signing in!
Player A's network conversation:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> 172.16.1.36:3074
Player A's NAT state table:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> [Any IP]:3074
Live: Thanks Player A, I see you're on port 10000... I'll remember that for later.
You and Player A then get matched in a game...
Live: Hey User, you're going to be matched with Player A. Talk to him on port 10000.
Failed network conversation between User and Player A:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 10.2.2.20:10000 X-X 192.168.2.20:3074
Player A's NAT Router: Uh, some guy out there is trying to talk to me on port 10000 from port 5000... I don't have an entry for that. GO AWAY!
Again though, we have some smart people at Microsoft, so for Moderate NAT users, we have this instead:
You and Player A then get matched in a game...
Live: Hey User, you're going to be matched with Player A. Talk to him on port 10000. By the way, he's not an Open NAT type so before we can start playing, you need to speak to him first before the game begins.
Live: Hey Player A, you're going to be matched with User. Talk to him on port 5000. By the way, he's not an Open NAT type so before we can start playing, you need to speak to him first before the game begins.
User sends a packet to Player A:
192.168.1.10:3074 -> 10.1.1.10:5000 -> 10.2.2.20:10000
User's new NAT state table:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> [Any IP]:3074
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> [Any IP]:10000
Player A sends a packet to User:
192.168.2.20:3074 -> 10.2.2.20:10000 -> 10.1.1.10:5000
Player A's new NAT state table:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> [Any IP]:3074
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> [Any IP]:5000
Network conversation between User and Player A:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 10.2.2.20:10000 <-> 192.168.2.20:3074
Again, we have gaming bliss.
So far, we have ways around different NAT types. The problem comes when we get to the Strict type. Since every connection out from a Strict NAT results in a new public facing port being used, Xbox Live can't use the same tactic of hole punching since we have no way of knowing what port will be used as the public facing port. The whole process breaks down then when trying to hole punch:
You: Hey Live, I'm signing in!
User's network conversation:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 172.16.1.36:3074
User's NAT state table:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 172.16.1.36:3074
Live: Thanks User, I see you're on port 5000... I'll remember that for later.
Player A: Hey Live, I'm signing in!
Player A's network conversation:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> 172.16.1.36:3074
Player A's NAT state table:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> 172.16.1.36:3074
Live: Thanks Player A, I see you're on port 10000... I'll remember that for later.
You and Player A then get matched in a game...
Live: Hey User, you're going to be matched with Player A. Talk to him on port 10000. By the way, he's not an Open NAT type so before we can start playing, you need to speak to him first before the game begins.
Live: Hey Player A, you're going to be matched with User. Talk to him on port 5000. By the way, he's not an Open NAT type so before we can start playing, you need to speak to him first before the game begins.
User sends a packet to Player A:
192.168.1.10:3074 -> 10.1.1.10:6000 -> 10.2.2.20:10000
User's new NAT state table:
192.168.1.10:3074 <-> 10.1.1.10:5000 <-> 172.16.1.36:3074
192.168.1.10:3074 <-> 10.1.1.10:6000 <-> 10.2.2.20:10000
Player A sends a packet to User:
192.168.2.20:3074 -> 10.2.2.20:12000 -> 10.1.1.10:5000
Player A's new NAT state table:
192.168.2.20:3074 <-> 10.2.2.20:10000 <-> 172.16.1.36:3074
192.168.2.20:3074 <-> 10.2.2.20:12000 <-> 10.1.1.10:5000
Failed Network conversation between User and Player A:
192.168.1.10:3074 -> 10.1.1.10:6000 -X 10.2.2.20:10000
10.1.1.10:5000 X- 10.2.2.20:12000 <-> 192.168.2.20:3074
Player A's NAT Router: Uh, some guy out there is trying to talk to me on port 10000 from 10.1.1.10 port 6000... I don't have an entry for that. GO AWAY!
User's NAT Router: Uh, some guy out there is trying to talk to me on port 5000 from 10.2.2.20 port 12000... I don't have an entry for that. GO AWAY!
In Ghostbusters speak, we have a crossing of the streams. We made our connections out, but because our source port changed, we aren't listening on the ports that the conversation is occurring on. As a result, those with Strict NAT types are pretty well up the creek when being matched. They have to rely on being matched with ONLY Open NAT types. Only an Open NAT will work with a Strict, because they don't care where the conversation is coming from, just as long as it's on the right port. Since Live can inform the Strict user of this, the Strict user initiates the connection to the Open user, and there is no problem. But since the local port randomization occurs, even a Moderate user cannot talk with a Strict user since they will be unable to know what port to talk to the Strict user on.
Oh no, that's terrible, how do you fix it?
Well, there's a couple ways to fix this for a home user. Newer NAT routers, the ones above that I mentioned are "better than others" contain a technology called Universal Plug and Play, or UPnP for short. UPnP, without giving you the highly technical explanation above, realizes what's happened here, and ensures that the traffic reaches the proper destination without any user intervention. This is by far the easiest method to fix this. It will also enable you to have more than one 360 using Live at a time in your household. It is also security stupidity as well. Allowing a device to create firewall rules simply by virtue of being behind the firewall is pretty foolish, and this is why nearly no enterprise firewall supports this behavior.
However, it can be fixed on some other NAT routers as well. They key is that UDP 3074 guy once again. Since this is the ONLY port that some random 360 will talk to you on, you can use this information to your advantage. One way of fixing this on a non-UPnP enabled router is to add the 360 to the DMZ, if the router has one. This will cause most NAT routers to forward any traffic not destined for a valid NAT state table entry to the DMZ. However, this isn't always the case. If your router behaves somewhat differently than some, and uses the local source port as the public facing source port, your easy solution here is to redirect UDP 3074 to the 360. This has the unfortunate side effect that only one 360 will be working AT ALL in your household, should you happen to have more than one.
That seems reasonable, what's your problem then?
Well, my problem, as a network admin is that beyond being an administrative nightmare to assign a reserved DHCP address and set up port redirecting from an external address to that reserved internal address for every 360 on my network, I simply don't have that many public IP addresses available. If I did, I wouldn't be using NAT, and I wouldn't be making this post. Now granted, my need to support Xbox Live as a service on my network is one that isn't terribly pervasive, but it is certainly one that Microsoft should care about. I'm sure that colleges, some small ISPs, even some home users with several 360s likely run into this problem quite frequently. With my specific network setup, I can make a single 360 absolutely sing without much effort. The problem is getting *all* of them in harmony. I can't fathom why when knowing that the NAT problem exists, and knowing that they require all users to fork over their $60 (only suckers pay full price for Live, by the way) each year, that all traffic isn't handled by either the Live servers, or a required dedicated server owned by the developer of the game. Granted that IPv6 should fix this problem, but we are some time off before it is widely implemented, and currently I'm unaware of any gaming device at all that even supports it.
So for now, we're stuck with NAT. But now you know what's going on if your 360 is complaining about a Strict or Moderate NAT type, and what you potentially can do about it!
July 22, 2011
Subscribe to:
Posts (Atom)