Router Configuration Guide
YeOldeStonecat's Router Configuration Tips
2003-03-30 17:11 by YeOldeStonecat
Tags: subnet, router, gateway, DNS, WAN, LAN, IP Address, DHCP, NAT
One of the most common questions I see is how to run a game server behind a router, or how to make the network more stable when behind a router. This can also apply when you wish to run any other services from any computer on your network, and have them available from the public side of your router, such as an FTP server, PcAnywhere host, web server, mail server, etc etc. As for how it applies to making a network more stable, I've found that a router's DHCP service isn't the most reliable... sometimes a workstation will lose its IP information, and appear to fall off the network, or not be able to access the Internet. Users may find that rebooting the computer helps, or for those who know how to WINIPCFG (Win9X) or IPCONFIG (WinNT), and release/renew, find that is easier. This is a more common problem with Win9X users. What I find is more reliable for home and small offices where an NT Server is not available to manage IP, is to create static IP addresses on all your computers.
The idea behind running a server that can be seen from the public side of your router, is you need to open up ports on the router, and forward those to an internal LAN IP address on your network. Since you're going to be plugging in your internal LAN IP address on the port forwarding section of your router, once that's set, you want that IP address to always be the same. You don't want to keep trying to hit a moving target. If your workstation is set to "Obtain IP address automatically" thereís a chance that LAN IP address could change one day. Usually computers will pickup the same IP address from a DHCP server each time, however it is possible it can change at some point in time. So I recommend locking down that IP address manually.
For a computer to gain internet access out through your router, it will need three components specified in the TCP/IP properties of your workstations.
1) The same IP scope as the router
2) A gateway, and
3) DNS servers.
WINS is not used/needed on small networks, it's for larger networks where an NT Server is present running that WINS service. On most home networks, you'll be leaving WINS disabled if Win9X, or empty if WinNT.
IP address and subnet mask
First, we'll tackle the IP address of the computer(s). What you want to do first, is find out the IP scope that your router is running for its LAN side. This should be in your manual, and it's just about always what's called a Class C, private IP scope, such as 192.168.1.XXX, or 192.168.0.XXX, all with a subnet mask of 255.255.255.0. I'll use the 192.168.1.XXX in this article - it's how I'm setup at the office, and it's probably the most popular one out there (Linksys routers use them by default). I prefer to leave DHCP enabled on the router. This is good for a safety net, in case you mess something up, you can simply set your computers TCP/IP to obtain IP automatically and you're back in business. Also helps out for other computers to connect quickly and easily - a perk if you host LAN parties. I try to keep things a bit standardized. What's most commonly found in networks is the gateway will be a .1 address... For example, on a 192.168.1.XXX network the router, which is the gateway for the network, will be 192.168.1.1. Some makes of routers will use the opposite end and end in .254. Regardless, it's just something you will make a note of, and if you don't know, should be in the routers manual. That LAN IP address of the router is the gateway for your network, and also the address you will enter into your web browser to log onto the routers web based admin panel to configure it. Most routers DHCP services will hand out addresses starting at .100 such as 192.168.1.100, 192.168.1.101, etc etc. That will leave you with .2 to .99 unused... and those are the IP's I use for the static IP addresses. I feel it's better to use IP's outside the DHCP scope... since there are situations where you can end up with conflicts. Also note that each computer on your network must have a unique IP address... so if you're going down the row with static IPs be sure each is unique in that last octet, meaning 192.168.1.11, 192.168.1.12, 192.168.1.13, etc. So you choose a unique IP such as 192.168.1.11 for your server. The subnet mask of course will be the same as the router, and all computers on your network, 255.255.255.0 in my example here.
Now, in your network properties, you'll also enter the router itself as the gateway: 192.168.1.1. You will do this for all computers on your network (the router is the gateway for all of them).
Next youíll have DNS. You have two choices here, or you could combine the two. First, you can simply put the router itself here, since the router DNS forwards to whatever DNS servers your ISP hands out to the router when it connects. Second, you can check your routers web admin page when it's connected (the status section) and jot down the two DNS servers it obtains from your ISP. I enter those bypassing the router. I believe itís quicker that way, since it's one less job the router has to do (forward the request). I find this method works well and is much more reliable. Why not ask your ISP's DNS servers directly ? The only thing that can go wrong here is, once in a blue moon an ISP can change their DNS servers. It's rare, but sometimes ISPs get bought out, merge, etc. and some of their IPís can change. So what you can do is, add the router's IP as the 3rd DNS server - that way if the first two IPs ever disappear, you'll still get on the internet fine, since the computer will eventually go to the router for DNS if the first two don't answer, and the router will DNS forward to whatever the new DNS servers are it obtains on the WAN port. Another option is you may be running DNS locally on your own server on your LAN - in that case simply enter that IP alone.
Here's a screenshot of my network properties on a Windows 2000 machine.
Note: if you click on the Advanced button you get more properties, where you can add a 3rd DNS server if you wish under the DNS tab (as seen in the following screenshot). This is a good place to enter the router itself as your third DNS server, in case the ISP changes the IP address of the first two (again, very rare, but can happen).
Now you should be all set, and able to surf the net out through your router and access other computers on your network, whether those computers are setup static, or using the routers DHCP.
If you are running a server, or other service, and have forwarded the necessary ports to the IP of the computer running that application, when clients will connect from the outside world, the public, or "wild side" of the router, they will be connecting to the WAN IP address of your router in order to connect to your computer. Remember, Class C private IP addresses are what the LAN side of broadband NAT routers use, and these cannot be used on the public side - they are not routable outside the LAN.
Let's take Quake 3 for an example. Say you setup your Q3 server on the LAN, its IP address is 192.168.1.11. You have forwarded the necessary ports on your router, Q3 only uses 27,960... so you've forwarded that port to 192.168.1.11 in your router's web admin interface. And let's say your ISP has given your router a WAN IP address of 18.104.22.168... your buddies will be connecting to the router's 216. address, not your computer's 192. address. By the way, that 216. address is Google's... so donít try connecting for a Quake 3 game ;)