piasma
Posts: 2
Joined: Sat Jul 21, 2018 6:11 pm

Port Forwarding to Pi

Sat Jul 21, 2018 6:26 pm

I've been messing around with sockets in Python, and essentially want to run a virtual server on a Raspberry Pi that is accessible from outside the network. Here's where I'm at so far:

- I've set up port forwarding on my AT&T router, such that sockets 50000 - 50015 redirect to private ip 192.168.0.124
- I've set up a static ip on the pi at 192.168.0.124
- I've confirmed that I can connect locally to the pi (sshed fine at .0.124, also tested with nc at socket 50000)

Code: Select all

[email protected]: ~$ nc -vl 50000
[email protected]: ~$ nc -v 192.168.0.124 50000
I'm not able to connect with the following, with the IP found by Googling "my ip":

Code: Select all

[email protected]: ~$ nc -vl 50000
[email protected]: ~$ nc -v 107.77.205.53 50000
When I trace a packet, I don't see that public IP anywhere in the route, although it doesn't appear that there are any other private IP's in the way (suggesting my router isn't blocked by another router somewhere).

Code: Select all

[email protected]:~ $ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  192.168.0.1 (192.168.0.1)  1.634 ms  1.517 ms  1.443 ms
 2  172.26.96.169 (172.26.96.169)  72.798 ms  72.615 ms  72.530 ms
 3  172.18.84.60 (172.18.84.60)  73.563 ms  73.478 ms 172.18.84.36 (172.18.84.36)  73.389 ms
 4  12.249.2.25 (12.249.2.25)  73.307 ms  73.199 ms  73.106 ms
 5  12.83.180.2 (12.83.180.2)  86.908 ms  86.817 ms  86.737 ms
 6  sffca22crs.ip.att.net (12.122.1.78)  91.428 ms  78.218 ms  78.083 ms
 7  12.122.137.233 (12.122.137.233)  77.994 ms  79.447 ms  79.313 ms
 8  206.121.188.42 (206.121.188.42)  80.008 ms 206.121.188.62 (206.121.188.62)  79.928 ms  79.845 ms
 9  108.170.243.1 (108.170.243.1)  79.769 ms  79.690 ms 108.170.242.225 (108.170.242.225)  79.767 ms
10  209.85.240.175 (209.85.240.175)  79.684 ms 108.170.232.83 (108.170.232.83)  76.487 ms 108.170.232.69 (108.170.232.69)  76.360 ms
11  google-public-dns-a.google.com (8.8.8.8)  76.271 ms  77.075 ms  76.988 ms
I'm not sure how to continue troubleshooting. At this point I don't know whether I have set up port forwarding incorrectly, the requests are somehow being blocked by a firewall, or some other situation I'm not familiar with.

Thanks!

Ernst
Posts: 686
Joined: Sat Feb 04, 2017 9:39 am
Location: Germany

Re: Port Forwarding to Pi

Sat Jul 21, 2018 7:51 pm

You have to be outside to access your public IP address, you can not access the external public IP from your internal network.
My first computer was an ICT1500, my first "personal" computer was the Science of Cambridge Mk14, followed by a TRS-80 Model I later

drgeoff
Posts: 8520
Joined: Wed Jan 25, 2012 6:39 pm

Re: Port Forwarding to Pi

Sat Jul 21, 2018 8:05 pm

Your router's management interface should be able to show you what public IP address it has. Does that match what you think it is?

Web sites such as canyouseeme.org enable you to check from a browser on your LAN if a port is open from the WAN. It will also show you your public address.

Be aware that some ISPs are now using Carrier Grade NAT. If your router is showing a different address from what canyouseeme.org reports, then Port Forwarding on your router will never achieve what you desire.

klricks
Posts: 5838
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Port Forwarding to Pi

Sat Jul 21, 2018 8:22 pm

Code: Select all

 2  172.26.96.169 (172.26.96.169)  72.798 ms  72.615 ms  72.530 ms
 3  172.18.84.60 (172.18.84.60)  73.563 ms  73.478 ms 172.18.84.36 (172.18.84.36)  73.389 ms
Hop 2 and 3 in the traceroute are in private IP range.
If those originate at your ISP then they are using CGNAT and any attempt to port forward will be impossible.
This is a common setup used by wirelesss 3g/4g or microwave link ISP's
Unless specified otherwise my response is based on the latest and fully updated Raspbian Stretch w/ Desktop OS.

piasma
Posts: 2
Joined: Sat Jul 21, 2018 6:11 pm

Re: Port Forwarding to Pi

Sun Jul 22, 2018 3:41 am

klricks wrote:
Sat Jul 21, 2018 8:22 pm
Hop 2 and 3 in the traceroute are in private IP range.
Hm... thought most private IPs began with 10 or 192.168. That's unfortunate.
klricks wrote:
Sat Jul 21, 2018 8:22 pm
If those originate at your ISP then they are using CGNAT and any attempt to port forward will be impossible.
This is a common setup used by wirelesss 3g/4g or microwave link ISP's
Yeah, it is a 4G AT&T router. I thought there might be something weird with that situation that would mess up port forwarding. I did try canyouseeme.org, and wasn't able to get ports visible, so I'm guessing it's a problem with my ISP.

Thanks for the replies!

klricks
Posts: 5838
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Port Forwarding to Pi

Sun Jul 22, 2018 4:32 am

piasma wrote:
Sun Jul 22, 2018 3:41 am
klricks wrote:
Sat Jul 21, 2018 8:22 pm
Hop 2 and 3 in the traceroute are in private IP range.
Hm... thought most private IPs began with 10 or 192.168. That's unfortunate.
klricks wrote:
Sat Jul 21, 2018 8:22 pm
If those originate at your ISP then they are using CGNAT and any attempt to port forward will be impossible.
This is a common setup used by wirelesss 3g/4g or microwave link ISP's
Yeah, it is a 4G AT&T router. I thought there might be something weird with that situation that would mess up port forwarding. I did try canyouseeme.org, and wasn't able to get ports visible, so I'm guessing it's a problem with my ISP.

Thanks for the replies!
Private IP ranges: https://en.wikipedia.org/wiki/Private_network

I'm not sure but you may be able to purchase a fixed public IP with a business account?

The RealVNC cloud service (free) will allow you to connect to a RPi desktop session from anywhere without port forwarding.
Unless specified otherwise my response is based on the latest and fully updated Raspbian Stretch w/ Desktop OS.

mfa298
Posts: 1305
Joined: Tue Apr 22, 2014 11:18 am

Re: Port Forwarding to Pi

Sun Jul 22, 2018 9:31 am

piasma wrote:
Sun Jul 22, 2018 3:41 am
klricks wrote:
Sat Jul 21, 2018 8:22 pm
Hop 2 and 3 in the traceroute are in private IP range.
Hm... thought most private IPs began with 10 or 192.168. That's unfortunate.
Those two (10.0.0.0/8 and 192.168.0.0/16) are the most commonly used ranges, partly as they're easy to remember. The third private range (172.16.0.0/12) is less common as it's not always so obvious where the ends are (172.15.255.255 looks to be AT&T, 172.16.0.0-172.31.255.255 is private, 172.32.0.0 looks to be T-Mobile).

These are all defined in RFC1918 and their locations date back to when networks were defined as Class A, B or C so each private range falls into one of those classes.

User avatar
DougieLawson
Posts: 33850
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: Port Forwarding to Pi

Sun Jul 22, 2018 6:30 pm

The RFC1918 addresses are 10.xxx.xxx.xxx/8 172.[16-31].xxx.xxx/16 and 192.168.xxx.xxx/24

some ISPs will use those address ranges for CG-NAT.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

Return to “Troubleshooting”

Who is online

Users browsing this forum: Bing [Bot], Gene1934, HawaiianPi, mahjongg, paodal, RaTTuS and 57 guests