Setting up BitTorrent to work behind your router... (.pdf version)
Note: I am no expert, so use this information at your own risk. I assume no responsibility for anything that comes from using this information! :)
This write-up is to help those of you struggling to get get optimal (or even useable) download speeds with your BitTorrent client. There are mentions in many FAQs of port forwarding and that you must enable port forwarding for ports 6881-6889 in your router, but there is no explanation. There are also some small how-to's that show step by step for specific routers, but off little to no explanation as to why this needs done. Thus, those with the exact same router can follow the tutorial, but those with different version have no real understanding of what is going on. In the case that one's router setup differs from that of the tutorial, they lack the knowledge to adapt the information to their own case. I will try to bridge the gap so that hopefully many more people can get their torrent clients running at full speed.
I will be showing the specifics of a D-Link DI-524 router, but the explanations accompanying the demonstration should provide an understanding of what needs done so that the information can be adapted to suit your particular router situation. A quick note on how to use the images provided: all important features of the image have been highlighted in yellow for your convenience. Also, the images are a bit bandwidth heavy, but since you're trying to use BitTorrent I assume that you have a sufficiently fast internet connection that can handle the images.
First thing's first
The first thing to do is bring up your router's web configuration tool. (Note: not all routers have web configuration tools, in which case I can't help you). For the DI-524, this is done by bringing up a web browser (ideally Mozilla Firefox) and enter http://192.168.0.1 into the address bar. You will now have a prompt that asks for your username and password. Unless you have changed your username and password previously, enter admin for the username and leave the password blank, click OK. For those not using a DI-524, please refer to your router documentation concerning the web configuration tool address, and default login information.
The what and why...
Now is where things vary wildly from router to router, but hopefully we can get you to understand what needs to be done so that you can set up your router even if you're not using the DI-524. If you're using a DI-524 and don't care to know what you're doing and why you're doing it, feel free to skip ahead to the next section, "DI-524 specifics". For those of you that have continued reading this portion, I will try to explain what and why we need to do this so called 'port forwarding' and how you can get it running correctly on your router. Unfortunately, all routers can work differently and may need set up in different ways to work with bit torrent. Even more unfortunate is that some routers don't even support the necessary configurations for bit torrent to function optimally. As I said, all routers may be set up differently and use different terminology, so let's discuss some terms that you may see.
NAT, Network Address Translation
As I said, different routers have different functionalities, so what needs done varies. To get an understanding of the general idea, let's look at an example concerning NAT, or Network Address Translation. Normally when running your computer behind a router, you are in turn running a private local network with private IP addresses that are unknown to the world (rest of the internet) and they are usually not unique (thus they can't be directly used by the internet). To be able to access the internet from any of the computers in your local private network, your gateway, or router, must be intelligent. This is where NAT comes in. Let's consider the NAT example below. Assuming the computers on the right of the diagram make up your local network, the purple disc with an X is the router, and the blue area on the left is the rest of the internet, we can step through a sequence of steps to help us better understand what is happening. First, the local computer with private IP address 10.0.0.1 sends a request to access host 220.127.116.11 (I see the typo in the diagram, but it's not my diagram so I didn't fix it) on port 80, which is the well-known port for accessing web sites (HTTP servers). To get to the internet, the request must pass through your router. The router will then look at the request, change the 'from' address to it's own address, and put a record in the NAT table so that it then knows where to send the response. The request is then sent into the internet. A response comes back from the server and is sent to the router's IP address. The router will then look in the NAT table and match the port number that the response what received on to a port number in the WAN side address portion. When a match is found, the response is then forwarded to the corresponding LAN side address from the record. This is an example of dynamic network address translation. If your router supports dynamic NAT, then you should be able to run a torrent client on multiple computers behind the router. For this to function correctly, you typically only need to unblock the specified ports (6881-6889) and it will function properly.
Port forwarding, virtual server.
A bit less flexible setup is to run static port forwarding. In this setup, you must not only unblock the specified ports, but you must also specify a local IP address to the machine that will be running the service that uses the specified port range. From this alone, you can see that trying to run torrent clients on multiple machines behind the router will not be as easy as with NAT. In this case, our router may not support fully dynamic NAT, so we will need to set up the static port forwarding. Any request that arrives at the router on the port we specify will be transferred to the corresponding machine in our local network. Below is an example I drew up demonstrating what your router does with port forwarding (and in the case of many routers, this can be listed under "virtual server") which essentially just forwards the requests based on the port. The packet comes into the router on port 6995. The router consults the port forwarding table and it sees a match in the range 6991-6999. It takes the local IP from that entry and then simply forwards the packet to the correct machine. Simple enough, right?
I have seen many people questioning if multiple machines can be run behind a router (especially one that utilizes plain port forwarding). The answer is yes, and the solution is quite simple. Let's think about how port forwarding worked for one machine. We entered a port range into the router and told it to forward all requests on that port to a specific machine. That's the key. It let's us specify the port range and the machine to which those requests are to be sent. We also know that the torrent clients allow us to run on different port ranges. Add these together, and that's all you need. As the forwarding table below shows, you need only specify different ranges for the torrent clients and adjust the settings on each machine to use the right ports. Again, it's quite simple.
Now continue on for an example of both NAT and port forwarding with a DI-524 and DI-704 respectively.
Now that you're in your logged into your configuration tool, we can make the necessary adjustments to allow bit torrent to work optimally. Click on the "advanced" tab at the top, then click on "Applications" on the left side. This is where we will open up the ports for BitTorrent to use. To add BitTorrent, enter the values from the image below into your settings and then press apply. This opens up the ports on the router and your Torrent client should now work as fast as it's capable. Wasn't that easy?! Notice that we did not have to specify our IP address anywhere. This is because this router utilizes NAT, and thus will allow us to directly use a torrent client on multiple machines behind the firewall. Nice!
For this, we will need to use regular port forwarding. As noted above, we need to tell the router where to send packets which arrive on a certain port range. We will need to know our IP address to do this. To find your ip address (this is windows specific, but the ipconfig command will work on *nix as well), click your start button and choose "Run...". If you don't see that option, try holding down the Win-key (has the Windows logo on it) and press 'R'. This should bring up the Run command prompt. In the prompt, enter "cmd" and press OK.
Now a command window will open, so enter the command "ipconfig" and press enter. You will get information about your IP address. Highlighted in yellow is my private IP information, this is the line we need.
To set up port forwarding on the DI-704, we need to go to "Advanced", and then "Virtual Server". Check enable, enter your port range (6881-6889) into the "Service Ports" box, and then enter the IP address into the "Service IP" box. Next select Always. Click Apply and then Restart and you're done. To allow another machine behind the router to run a torrent client, repeat the IP address steps on that machine to obtain it's address. Now add a new entry into the 704's virtual server with a different port range, say 6991-6999. Your torrent client(s) should now be running great!
As I said, this is meant to help everyone understand what is happening and how set up their router properly. If you find any mistakes in this document, have any comments, or have any questions, please email me:
I hope this helps!