Master servers, routers, firewalls and confusion
by Daniel Buckmaster · in General Discussion · 01/18/2010 (4:11 am) · 40 replies
I've just come to start testing my game over a network, and realised there's a lot I don't understand about how gaming works over a network.
Can anyone point me to some good guides on basic networking - ports, routers, firewalls, etc.?
And specifically - I've got a wireless router connected to my modem and desktop with cables. The laptop is connected to the wireless network. I can Host a game on either computer and access it via 'query LAN', but when I query the master server, I find nothing. On the connecting side, I get a console error about having the wrong protocol - but it does say one server was in the list (it just didn't show up in the GUI).
I really don't know if it's actually an issue with firewalls and such, or whether it's my code/script setup. But help in either area would be appreciated ;).
Can anyone point me to some good guides on basic networking - ports, routers, firewalls, etc.?
And specifically - I've got a wireless router connected to my modem and desktop with cables. The laptop is connected to the wireless network. I can Host a game on either computer and access it via 'query LAN', but when I query the master server, I find nothing. On the connecting side, I get a console error about having the wrong protocol - but it does say one server was in the list (it just didn't show up in the GUI).
I really don't know if it's actually an issue with firewalls and such, or whether it's my code/script setup. But help in either area would be appreciated ;).
About the author
Studying mechatronic engineering and computer science at the University of Sydney. Game development is probably my most time-consuming hobby!
#22
Computer1 running starter.fps as server and computer2 starter.fps as client. Only UDP port 28000 was forwarded to the internal IP address of computer1 --> it worked.
Make sure you're forwarding UDP and not TCP packets to your server.
01/19/2010 (5:43 pm)
I've just tested stock TGE 1.5.2 on 2 computers:Computer1 running starter.fps as server and computer2 starter.fps as client. Only UDP port 28000 was forwarded to the internal IP address of computer1 --> it worked.
Make sure you're forwarding UDP and not TCP packets to your server.
#23
EDIT: Swapped it to UDP only and no improvement - when hosting a dedicated server and a client on the same machine. I'll give it a go with two computers...
EDIT: Nope. LAN is fine but nothing on the master. (Three servers found, all timed out. I'm starting to think it might just be my slow net connection that's messing everything up...)
Dunsany - I do understand the purpose of the master server, just not how it works or what I need to do to get it to work for me!
01/19/2010 (6:40 pm)
Quote:Make sure you're forwarding UDP and not TCP packets to your server.Aha! I was forwarding both on the assumption that that's better...?
EDIT: Swapped it to UDP only and no improvement - when hosting a dedicated server and a client on the same machine. I'll give it a go with two computers...
EDIT: Nope. LAN is fine but nothing on the master. (Three servers found, all timed out. I'm starting to think it might just be my slow net connection that's messing everything up...)
Dunsany - I do understand the purpose of the master server, just not how it works or what I need to do to get it to work for me!
#24
Python Master Server
01/20/2010 (10:27 am)
Here's an example of a master server written in Python. Andy Rollins does a nice job of explaining how a master server works.Python Master Server
#25
As Dunsany mentioned I tried to cover a bit of how the stuff works in my master server resource and it especially in one of the comments where hopefully I explain a bit about what you're seeing in the log files.
From the posts mentioned your issue is to do with port forwarding as you appear to be getting the list of servers back from the master server but it's when the client pings the server that you get no response, if you read my resource & comments you'll see that's the common place that it fails.
Let me know if you're getting problems still and I'll see what I can do to help you out or understand more of what you're seeing
As for it just working when you give the game to others, I think the answer there lies in the realms of uPnP (Universal Plug and Play) which is how the xbox 360 works and automatically configures port forwarding. Somewhere I've got some code that does it and perhaps should see if I can dig it out and make a resource of it.
01/22/2010 (8:31 am)
Missed this topic, how are you getting on Daniel?As Dunsany mentioned I tried to cover a bit of how the stuff works in my master server resource and it especially in one of the comments where hopefully I explain a bit about what you're seeing in the log files.
From the posts mentioned your issue is to do with port forwarding as you appear to be getting the list of servers back from the master server but it's when the client pings the server that you get no response, if you read my resource & comments you'll see that's the common place that it fails.
Let me know if you're getting problems still and I'll see what I can do to help you out or understand more of what you're seeing
As for it just working when you give the game to others, I think the answer there lies in the realms of uPnP (Universal Plug and Play) which is how the xbox 360 works and automatically configures port forwarding. Somewhere I've got some code that does it and perhaps should see if I can dig it out and make a resource of it.
#26
Both - thanks for the resource link. I had seen that before, and I do understand how a master server works... I guess I just hadn't read the comments, or remembered them (I looked at the resource a while ago). I'm convinced that my problem is with port forwarding, but I've tried everything I can think of and can't seem to get it to work, so I'll just drop it until it matters ;P.
The UPNP thing sounds awesome - obviously some would consider it a security risk but I think it sounds great ;P.
01/23/2010 (8:18 am)
Hey, Andy - I basically just dropped it because I'm convinced it's not a Torque issue - if that's the case, then it's just something I need to figure out with myself and I don't need to put effort into making a 'fix' for it. Also, it's not critical for now... we're planning on releasing a really inconsequential pre-alpha demo, and it's not exactly imperative that the multiplayer be functioning flawlessly.Both - thanks for the resource link. I had seen that before, and I do understand how a master server works... I guess I just hadn't read the comments, or remembered them (I looked at the resource a while ago). I'm convinced that my problem is with port forwarding, but I've tried everything I can think of and can't seem to get it to work, so I'll just drop it until it matters ;P.
The UPNP thing sounds awesome - obviously some would consider it a security risk but I think it sounds great ;P.
#27
01/23/2010 (7:20 pm)
No worries Daniel, if you want some help to sort out in the future then drop me an email or something and I'll see what I can do. It's the port forwarding that gets most people.
#28
1) PC B queries Master for servers available.
2) Master replies with a listing of known alive game servers.
3) PC B then directly queries each server it was given by Master.
4) PC B awaits replies from servers, if it receives any it'll display them in the GUI that are valid (correct protocol, etc..)
The problem comes in play during stages 3 and 4. When PC B tries to query PC A by sending a packet addressed to the public IP of the server then most likely (if port forwarding is working) it (PC A) will receive the query packet, but when it tries to send a response it'll send it to PC B's IP address as PC A LAN IP (due to NAT router saying packet came from PC B's LAN IP. Therefore PC A will reply directly over LAN to PC B instead of going through NAT router), but PC B is expecting a response from the public IP address not PC A's LAN IP.
This is where things get messed up by majority of NAT routing configurations and usually there is nothing you can do about it to fix the problem except giving the server a real public IP address if it's possible (such as you've got multiple public IPs assigned to you by your ISP).
If your UDP port is forwarded correctly then those on the outside of your LAN should be able to see your server via the master list and see it in the client GUI, but you won't be able to see it on PCs on the LAN. So, LAN PCs will need to manually connect to the server via it's LAN IP via use of the LAN Query method instead.
Acronyms in English (to avoid confusion):
NAT = Network Address Translation (a router feature that makes it possible to share a single public IP with many LAN computers).
LAN = Local Area Network
IP = Internet Protocol
Hopefully I didn't confuse you any further and actually helped. :)
01/24/2010 (4:36 am)
Daniel, I believe your problem is caused by how your NAT router is dealing with packet routing. Since you are hosting a dedicated server on PC A and querying about it after getting address from master server on PC B then things get confusing while both PCs are using LAN IP addresses:1) PC B queries Master for servers available.
2) Master replies with a listing of known alive game servers.
3) PC B then directly queries each server it was given by Master.
4) PC B awaits replies from servers, if it receives any it'll display them in the GUI that are valid (correct protocol, etc..)
The problem comes in play during stages 3 and 4. When PC B tries to query PC A by sending a packet addressed to the public IP of the server then most likely (if port forwarding is working) it (PC A) will receive the query packet, but when it tries to send a response it'll send it to PC B's IP address as PC A LAN IP (due to NAT router saying packet came from PC B's LAN IP. Therefore PC A will reply directly over LAN to PC B instead of going through NAT router), but PC B is expecting a response from the public IP address not PC A's LAN IP.
This is where things get messed up by majority of NAT routing configurations and usually there is nothing you can do about it to fix the problem except giving the server a real public IP address if it's possible (such as you've got multiple public IPs assigned to you by your ISP).
If your UDP port is forwarded correctly then those on the outside of your LAN should be able to see your server via the master list and see it in the client GUI, but you won't be able to see it on PCs on the LAN. So, LAN PCs will need to manually connect to the server via it's LAN IP via use of the LAN Query method instead.
Acronyms in English (to avoid confusion):
NAT = Network Address Translation (a router feature that makes it possible to share a single public IP with many LAN computers).
LAN = Local Area Network
IP = Internet Protocol
Hopefully I didn't confuse you any further and actually helped. :)
#29
01/24/2010 (4:24 pm)
Nathan - that actually makes a lot of sense, thanks! I really do need to try to connect to a dedicated server from outside my network, so if that works I can surmise it's just a problem with the router. I guess it's not a fatal issue, since I can still connect via the LAN.
#30
As you see if we did get a response back from the server on a different IP address (our Lan IP) then Torque would add it to the list of game servers and the next time it tries to ping the server it would use the LAN IP and would succeed (it tries to ping each server 3 times).
Could be wrong but I'd scatter some printf() statements in the client and server code to see what messages and what ip address's it's coming from.
Wouldn't take much to code a lil python script to just respond to ping requests either so that you could prove your port forwarding was working.
It might be worth opening an msdos prompt on each PC and typing the command "netstat -abn" it will show you what programs are listening or connected on what ports.
01/25/2010 (1:19 pm)
@Nathan - Not sure that would be the case with Torque, if I remember correct the ping responses are handle in the code below:static void handleGamePingResponse( const NetAddress* address, BitStream* stream, U32 key, U8 /*flags*/ )
{
// Broadcast has timed out or query has been cancelled:
if( !gPingList.size() )
return;
S32 index = findPingEntry( gPingList, address );
if( index == -1 )
{
// an anonymous ping response - if it's not already timed
// out or finished, ping it. Probably from a broadcast
if( !addressFinished( address ) )
pushPingRequest( address );
return;
}As you see if we did get a response back from the server on a different IP address (our Lan IP) then Torque would add it to the list of game servers and the next time it tries to ping the server it would use the LAN IP and would succeed (it tries to ping each server 3 times).
Could be wrong but I'd scatter some printf() statements in the client and server code to see what messages and what ip address's it's coming from.
Wouldn't take much to code a lil python script to just respond to ping requests either so that you could prove your port forwarding was working.
It might be worth opening an msdos prompt on each PC and typing the command "netstat -abn" it will show you what programs are listening or connected on what ports.
#31
Host your own Master Server
I host our torque master server at master.hellish.us, it rides on port 28002 on my internal network and all of my games are designed to use port 28002. I have port forwarded this port, from 173.14.59.242 : 28002 (my outside firewall IP) which points to my windows server 192.168.12.15 : 28002
Hosting a GAME
Hosting your game is different as the only ports you need to open are the specific port you are hosting it on. 28000 is the primary port that it is hosted on, I am pretty sure it is UDP traffic. Some routers will not allow you to separate the traffic and send both UDP and TCP. You will need to adjust the ports to compensate for each additional game server. It can be different depending on how many machines you have serving. I have 3 machines hosting the 20ish game servers that I run.
One machine multiple servers
Assuming you would like to host multiple servers on a machine via Torque, Each server would need to have the port number incremented. Server 1 run on 28000, server 2 on 28001, etc... this ensures that the port numbers do not clash. You port forward each one sequentially on the external firewall as well.
server 1 73.14.59.2 : 28000 <-> 192.168.12.15 : 28000
server 2 73.14.59.2 : 28001 <-> 192.168.12.15 : 28001
Multiple machines Indvidual machines
Like above, except,
server 1 - 73.14.59.2 : 28000 <-> 192.168.12.15 : 28000
server 2 - 73.14.59.2 : 28001 <-> 192.168.12.100 : 28000
server 3 - 73.14.59.242 : 28003 <-> 192.168.12.100 : 28001
Some things to make sure of...
Windows firewall - Disable it during tests, if your issues go away then change the port settings or better yet, if its windows firewall, Replace it!
Router issues - There are known issues with multiple routers on the market. I get asked this very question quite often and a lot of game servers suffer from poor quality routers. The game sends out a signal, it is returned but on a different port and the router does not know how to translate it properly. I am having this issue with my IPCOP firewall and some old Quake3 servers. Work arounds include specifying your WAN IP instead of your LAN IP in the game configs, some game servers do not like this however. You can also bypass the router by placing the machine directly on the internet, but then you leave your machine open for attack. The last one, buy a new router and spend a little cash on it. D-link offers a gaming router that is top notch and highly recommended.
That your not connecting to your game from the outside while you are inside the network! Unless you have more then one IP this usually is not possible. If you need to see your game servers, you may want to host your own master server.
That you are not hosting another server on the same machine at the same time or that another software has not taken the port. Run this command at the command line and then look for the ports the server is running on.
netstat -a | more > test.txt
02/05/2010 (11:19 am)
@Daniel - The issue that you are having is most likely directly related to the equipment itself and how the responding servers answer. I run about 20 game servers(non torque) from my network and almost all of them work flawlessly. There are a few servers that refuse to show up in the master server at ID. You will need to open several ports depending on what you are looking to do. Host your own Master Server
I host our torque master server at master.hellish.us, it rides on port 28002 on my internal network and all of my games are designed to use port 28002. I have port forwarded this port, from 173.14.59.242 : 28002 (my outside firewall IP) which points to my windows server 192.168.12.15 : 28002
Hosting a GAME
Hosting your game is different as the only ports you need to open are the specific port you are hosting it on. 28000 is the primary port that it is hosted on, I am pretty sure it is UDP traffic. Some routers will not allow you to separate the traffic and send both UDP and TCP. You will need to adjust the ports to compensate for each additional game server. It can be different depending on how many machines you have serving. I have 3 machines hosting the 20ish game servers that I run.
One machine multiple servers
Assuming you would like to host multiple servers on a machine via Torque, Each server would need to have the port number incremented. Server 1 run on 28000, server 2 on 28001, etc... this ensures that the port numbers do not clash. You port forward each one sequentially on the external firewall as well.
server 1 73.14.59.2 : 28000 <-> 192.168.12.15 : 28000
server 2 73.14.59.2 : 28001 <-> 192.168.12.15 : 28001
Multiple machines Indvidual machines
Like above, except,
server 1 - 73.14.59.2 : 28000 <-> 192.168.12.15 : 28000
server 2 - 73.14.59.2 : 28001 <-> 192.168.12.100 : 28000
server 3 - 73.14.59.242 : 28003 <-> 192.168.12.100 : 28001
Some things to make sure of...
Windows firewall - Disable it during tests, if your issues go away then change the port settings or better yet, if its windows firewall, Replace it!
Router issues - There are known issues with multiple routers on the market. I get asked this very question quite often and a lot of game servers suffer from poor quality routers. The game sends out a signal, it is returned but on a different port and the router does not know how to translate it properly. I am having this issue with my IPCOP firewall and some old Quake3 servers. Work arounds include specifying your WAN IP instead of your LAN IP in the game configs, some game servers do not like this however. You can also bypass the router by placing the machine directly on the internet, but then you leave your machine open for attack. The last one, buy a new router and spend a little cash on it. D-link offers a gaming router that is top notch and highly recommended.
That your not connecting to your game from the outside while you are inside the network! Unless you have more then one IP this usually is not possible. If you need to see your game servers, you may want to host your own master server.
That you are not hosting another server on the same machine at the same time or that another software has not taken the port. Run this command at the command line and then look for the ports the server is running on.
netstat -a | more > test.txt
#32
That is one of the best posts that I have seen explaining this in a long, long time.
02/05/2010 (12:12 pm)
@SeanThat is one of the best posts that I have seen explaining this in a long, long time.
#33
@Daniel I didn't see you edited your post above.
02/05/2010 (12:35 pm)
I have to agree with David, Sean's post explains it very good. And yes, Torque uses UDP only for the master server - server - client communication.@Daniel I didn't see you edited your post above.
Quote:Three servers found, all timed out.If your client "found" three servers, it means that the client received a response from the master server. If "all timed out" while the client tried to ping the servers, I assume the communication ("server ping") between client and servers didn't work. Looks like you are not too far away from success :)
#34
Am able to run my own master server well enough, and also a dedicated T3d server on the same machine. These are both running on my hosted VPS (virtual private server) which is out in the ether somewhere.
The dedicated server successfully broadcasts itself to the master, the master successfully queries back for info, then waits.
The problem is in the client connecting from my home PC, out through my router over the Internet to my VPS. The client successfully queries the master, retrieves the server list, then tries to ping the server in question, but times out.
Same issue as another poster above basically.
The VPS server I use is out in the open and has no hardware firewall, only software (Windows firewall). Windows firewall is properly set up to allow both the master server and the dedicated server access to and from the Internet.
I have enabled port forwarding for both 28000 and 28002 (UDP) on my local router hardware, thinking the problem must be at home and not on the VPS. Yet still, I cannot ping the server that the client retrieves from the master.
Same thing applies when using GG's master server (which appears to still be up and running, as my dedicated server on the VPS can heartbeat to it and get an info response back). The client successfully connects to GG's master, retrieves the list, but then times out when trying to ping my server.
Is there something I'm missing here? Also tried this from a friend's place on his connection, and he is also stuck at the same spot. We are using different internet providers and different hardware.
Any help would be greatly appreciated, have a great game but can only play it on the LAN until I get this remote dedicated server thing sorted out. My intent is to have this dedicated server run on this VPS that is hosted somewhere else, and have anyone on the Internet be able to connect to it once they download our client demo.
Am pretty familiar with all this port forwarding and server stuff, so am surprised it is proving difficult for me to get it running. :(
Thanks in advance.
07/29/2010 (7:21 pm)
Hi everyone, good information here but I have a further question...Am able to run my own master server well enough, and also a dedicated T3d server on the same machine. These are both running on my hosted VPS (virtual private server) which is out in the ether somewhere.
The dedicated server successfully broadcasts itself to the master, the master successfully queries back for info, then waits.
The problem is in the client connecting from my home PC, out through my router over the Internet to my VPS. The client successfully queries the master, retrieves the server list, then tries to ping the server in question, but times out.
Same issue as another poster above basically.
The VPS server I use is out in the open and has no hardware firewall, only software (Windows firewall). Windows firewall is properly set up to allow both the master server and the dedicated server access to and from the Internet.
I have enabled port forwarding for both 28000 and 28002 (UDP) on my local router hardware, thinking the problem must be at home and not on the VPS. Yet still, I cannot ping the server that the client retrieves from the master.
Same thing applies when using GG's master server (which appears to still be up and running, as my dedicated server on the VPS can heartbeat to it and get an info response back). The client successfully connects to GG's master, retrieves the list, but then times out when trying to ping my server.
Is there something I'm missing here? Also tried this from a friend's place on his connection, and he is also stuck at the same spot. We are using different internet providers and different hardware.
Any help would be greatly appreciated, have a great game but can only play it on the LAN until I get this remote dedicated server thing sorted out. My intent is to have this dedicated server run on this VPS that is hosted somewhere else, and have anyone on the Internet be able to connect to it once they download our client demo.
Am pretty familiar with all this port forwarding and server stuff, so am surprised it is proving difficult for me to get it running. :(
Thanks in advance.
#35
Virtuozzo that a lot of them use has it's own firewall stuff and usually they don't give clients access to configure that themselves.
07/31/2010 (12:01 pm)
The problem will probably be with your VPS blocking access to the ports you want to connect to, I've had torque on 3-4 different VPS hosts over the years and the majority of the time I've had to contact them to open up those ports for me.Virtuozzo that a lot of them use has it's own firewall stuff and usually they don't give clients access to configure that themselves.
#36
if no,then what things i have to change?
too much to read.and more then to understand.
then there are chances to be failed for my net connection settings.
and finally i will give it up for a long time.
that is my bad habit.have tried to change.but still the same.
so i need those info before try it.
04/12/2012 (11:11 pm)
daniel or anybody plz tell me is any t3d's stock demo or template ready to connect through internet(between 2 pc)?if no,then what things i have to change?
too much to read.and more then to understand.
then there are chances to be failed for my net connection settings.
and finally i will give it up for a long time.
that is my bad habit.have tried to change.but still the same.
so i need those info before try it.
#37
04/13/2012 (5:53 am)
@Ashan, T3D supports full networking out of the box. You can connect between multiple machines without an issue. However, you do require some form of Master Server to be able to store and query a list of servers for users to connect to. This is not really needed if you are only going to have a single server that you host.
#38
"Notify me of new replies"--->somehow my clicking on this checkbox did not work .so only was checking in my mail address for notification.
but thanks for the answer.
one more question.
do i need to change these variables:
$pref::Master[0]
$Pref::Server::Port
$pref::Net::Port
?
i will try it today.
but
04/15/2012 (11:44 am)
sorry i missed your comment."Notify me of new replies"--->somehow my clicking on this checkbox did not work .so only was checking in my mail address for notification.
but thanks for the answer.
Quote:it is only me and my friend.so there will be only one server(from host).
This is not really needed if you are only going to have a single server that you host.
one more question.
do i need to change these variables:
$pref::Master[0]
$Pref::Server::Port
$pref::Net::Port
?
i will try it today.
but
Quote: I don't understand about how gaming works over a network.same for me.
#39
EDIT: I don't think this is actually the cause. I just remembered that my server wasn't showing up on the Gnometech monitor. Also, when I run a dedicated server, heartbeats are sent but not received. I'm lost.
05/12/2012 (1:38 pm)
I've been trying to get my game to work multiplayer as well. I've been reading numerous posts on networking and I think I finally mostly understand how it all works. Here is my diagnosis of the issue I am having. Hopefully someone can verify this or guide me. All of this testing was done on a single computer.- In my prefs files my game is told to use master.garagegames.com.
- I have UDP 28000-28002 forwarded through my router to my local IP.
- When I query master, I can see other servers.
- When I host a server, it doesn't show up when I query LAN (which I'm not worried about), but I can connect using IP 127.0.0.1 and 192.168.0.13.
- When I host a server, it doesn't show up when I query master, and I can't connect using my public IP.
EDIT: I don't think this is actually the cause. I just remembered that my server wasn't showing up on the Gnometech monitor. Also, when I run a dedicated server, heartbeats are sent but not received. I'm lost.
#40
EDIT: I fixed my firewall and it works wonderfully! And I can connect using my public IP: connect("1.2.3.4:28000");
So in conclusion, it seems as though connecting to a server on the same network (or same computer) through the master server works fine.
05/12/2012 (4:05 pm)
Aha! I turned off my laptop's firewall and it's working. I guess it wasn't opening a hole for the ports correctly. Time to try to fix this.EDIT: I fixed my firewall and it works wonderfully! And I can connect using my public IP: connect("1.2.3.4:28000");
So in conclusion, it seems as though connecting to a server on the same network (or same computer) through the master server works fine.
Torque 3D Owner Ted Southard
No, I just use it so that I don't have to deal with changing IP addresses of the server when it comes to my team connecting to it. If you get a master server up and running, you'll want that on the DnyDns account, and have it route people to the correct servers (which the master server itself with know).