Port Forwarding Guide
No matter what your provider might look like, common to all is the requirement of having certain provider ports forwarded to the device. These ports facilitate essential functions and your provider will not be able to do its job without them. It is for this reason CGNAT based networks are usually unusable, as they share an IP among several networks and port forwarding is typically not an option.
Since everyone’s local network looks a bit different, the specifics of this task will unfortunately vary by some amount for almost everyone. Still, the general steps should be very similar, and this guide should give you helpful material for this important process. Feel free to consult outside guides as well, such as this one.
This video may also be helpful for those looking to understand what port forwarding is, presented by the well known tech You Tube company Linus Tech Tips;
IMPORTANT – Do not put your provider into the router’s DMZ, this will open up the provider directly to the internet and basically any traffic sent from the internet to your public IP will be forwarded to the provider, exposing it to potential attacks. Also do not forward any other ports than the 2 required, 4282 and 4285 by default for Xa-Miners or 4282 and 4283 for DIY providers.
Setting IP Address Reservation
For most providers, this process will begin before even getting to the router, and involves setting a IP Address Reservation. Each platform will have a different way of doing this, and we recommend searching for how to perform this on your platform. It will most often be under network settings, such as this Synology menu.
Setting Static IP in Synology Menus
Disable DHCP reservation and specify the local IP you wish to designate for this device (most likely the one already in use). The format of your local IP will depend on your local subnet, but 192.168 and 10.0 are the most common for residential networks. Note that as the name suggests, local IPs are only valid on your local network, and every device on your network will have a unique local address.
Local IP List
Next you must log in to your router. This should be accessible via your local subnet, which by now you may have an idea of based on your local IP from the last step. The router is typically device one on these subnets, so try 192.168.0.1 or 10.0.0.1 in a web browser on the same network as your provider. Log in using either the default credentials or the ones you set.
If you have an Xa-Miner and don’t yet know the local IP for it, look around the router menus until you can find a list of all the devices on your network. This list should report the local IP of your provider device. Once you’ve found this, make a note of it, as it will be required for the next step. You should also look for an option to set a IP Address Reservation/DHCP reservation for your provider device. This will keep the Xa-Miner on the IP it currently has.
Now try and find the option to port forward in your router settings. This may be around firewall settings, but many routers may place it in an unintuitive location, so dig around and try a resource such as this if you’re stuck.
Once you’ve found this option, open it and the settings should yield something that looks like this.
Enter the IP Address Reservation of the provider as the LAN IP address. For the ports, providers need to use two for their essential function, which default to 4282 and 4285 for Xa-Miners and 4282 and 4283 for DIY providers on TCP . Creating a separate rule for each port on its own is recommend rather than trying to create a single range of ports to be forwarded. No matter what, make sure the External and Internal ports match each other (i.e. the start port and end ports are the same for internal and external). If prompted to name the service, make a descriptive one such as “SCP Provider” if you can.
Each provider on your network will need its own set of ports and cannot share or overlap with others. If you are setting up subsequent providers, consider using an offset range like 4292-4293. These non-default ports will need to be passed to the ScPrime software, which should be covered in the platform specific guides.
It would be ideal to now confirm that the port forward indeed worked before advancing much further. There are a lot of oddities that can cause issues around this. With ScPrime running (and using the port range), use a port checking tool such as this and scan your provider’s external IP address, and the port range. It is worth noting that though every device on your network has a unique local IP, they all share the same external IP, and this is the address used to interact with the internet. Ideally, all the ports look good.
If the ports display issues, look over your work up to this point. It is easy to have misconfigured a setting. If issues persist, this can be a challenge to resolve, as the problem could lie in several areas. You may begin by disabling UPNP for your services. Many providers have also reported their internet service provider (ISP) has blocked some port ranges by default, and they must call to have this fixed. If you are using an aftermarket router running off an ISP modem, it is possible that this “bridge” configuration needs further work to allow ports to be passed through properly. More complex networks with multiple routers working in tandem may suffer from a double-NAT issue, in which the provider is hiding behind two subnets, and the port traffic isn’t getting through to it.