I use my Linux desktop, which has both wired and wireless network adapters, to connect my Xbox 360 to the wireless network. My wireless driver (rt73usb in 2.6.28) does not support source address spoofing, which is needed for bridging, so I used routing instead. This broke UPnP IGD port forwarding, which uses multicast and doesn’t normally traverse a router. My solution: static multicast routing with smcroute.
My local network is 192.168.1.0/24, with my Wireless router/DSL modem at 192.168.1.1 connected to the Linux box via wlan0, and my Xbox 360 at 192.168.1.120 connected to the Linux box via eth0. I use proxy arp and a static route for 192.168.1.120 to make the routing work – I’ll discuss this more in a later post. For now just assume that unicast traffic is routed correctly.
Note that running UPnP on your gateway has security implications; disabling UPnP and setting up static port forwarding is a better solution when available. My Verizon branded Actiontec gt701-wg has a crap port forwarding setup that only allows me to forward ports to computers that it has discovered, and it never seemed to discover the 360 behind my Linux box. Also with multiple machines on the network and multiple applications requiring port forwarding for full functionality, static port forwarding can get very tedius.
I messed around with xorp, which supports multicast routing, with no success. A much simpler solution when only a few computers are involved is to setup static multicast routes with smcroute:
# start the daemon smcroute -d # add some routes smcroute -a eth0 192.168.1.120 239.255.255.250 wlan0 smcroute -a wlan0 192.168.1.1 239.255.255.250 eth0 # If the packets have a TTL of 1, they will be dropped even when the multicast # routing rules are correct. This ensures that the TTL will be high enough. iptables -t mangle -A PREROUTING -i eth0 -d 239.255.255.250 -j TTL --ttl-inc 1 iptables -t mangle -A PREROUTING -i wlan0 -d 239.255.255.250 -j TTL --ttl-inc 1
UPnP port forwarding uses the 239.255.255.250 multicast group. The first smcroute -a command will forward any traffic coming in on eth0 from 192.168.1.120 to the multicast group 293.255.255.250 to the wlan0 interface. The second forwards traffic coming in on wlan0 from 192.168.1.1 to 239.255.255.250 to eth0. The second command probably isn’t required – the gateway does send out multicast announcements, but the 360 sends out a multicast query looking for a gateway regardless, and the response from the gateway is unicast, as is all remaining traffic. Note that you do not need to join the Linux box to any multicast groups for this to work.
I’m not sure if the iptables commands are necessary. I used the upnp client from miniupnp (upnpc) and my Linux laptop for the initial setup to make debugging easier, and upnpc sends packets with a TTL of 1 so the mangling was required. The Xbox 360 may use a higher TTL for the multicast packets. [upnpc can also be used to create port forwards for the 360, making multicast routing unnecessary, but that solution is less interesting.]
You can view the multicast routes, and how much they have been used, with the ip utility:
$ ip -s mroute (192.168.1.1, 239.255.255.250) Iif: wlan0 Oifs: eth0 345 packets, 133456 bytes (192.168.1.120, 239.255.255.250) Iif: eth0 Oifs: wlan0 27 packets, 8362 bytes
Note that if a packet is dropped because the TTL is too low, it will still be included in the mroute packet count .
If you want to access a UPnP media server from a 360, then you will need to forward additional groups for the relavent IPs. Try 224.0.0.22; if that doesn’t work you will find tcpdump/wireshark with an “ip multicast” filter is very useful.