Jump to content

  • Log In with Google      Sign In   
  • Create Account


a few questions about server design


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
14 replies to this topic

#1 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 31 August 2012 - 11:08 AM

Hi,
I'm creating action 2d game using UDP and I've heard that it's best to implement whole gameplay on the server and client should send as low data as possible (in order to prevent user from cheating, hacking etc). Therefore I've got some questions, which hopefully someone could answer:
1. My game is going to have a lobby and players will be able to create a match, wait for others to join and start it. In such case what should be done on the server and client separately to ensure best performance for both server and clients? There is pixel perfect collision in my game (a bit laborious becouse every pixel is being checked on 2 colliding sprites). I thought that checking if collision occurs will be done on the client but collision execution on the server. So client will be sending players' indexs which collide, server will execute the collision and send the result back to client. Is that a good approach or whole collision operations should be done on client? (I would like to disable any easy to do hacks in my game but keep good performance and design).
2. Where camera moving should be handled? I guess that on the client becouse it's individual for each client, right?

I would be very grateful for answers!

Sponsor:

#2 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 01 September 2012 - 04:38 AM

Also if I have a lobby and I have a chat there as well so how to ensure that all text messages sent by users arrive to server and vice versa? How is it done in other games created on top of UDP? I guess that loosing text messages shouldn't be allowed even in UDP game?

#3 hplus0603   Moderators   -  Reputation: 4978

Like
2Likes
Like

Posted 01 September 2012 - 04:12 PM

Games on top of UDP usually classify messages into "reliable" and "unreliable." "Reliable" messages, when sent, are put into a queue of some sort, and only removed from that queue when the remote end acknowledges the packet that they were put into. If an acknowledge doesn't come in quickly enough, the messages are re-transmitted, until acknowledge is received. This also needs some form of de-duplication on the receiving end (typically implemented using a serial number for reliable messages.)

enum Bool { True, False, FileNotFound };

#4 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 03 September 2012 - 03:09 AM

thanks for answer. I'm wondering also if I should have a separate server for lobby and separate servers for matches? How is it actually done? 1 server per one match? or 1 server handling all matches? or maybe one player should be the server and host game to others in given match, but is that secure enough? Though I have no idea how to implement that. I would be very grateful for any clues!

#5 hplus0603   Moderators   -  Reputation: 4978

Like
1Likes
Like

Posted 03 September 2012 - 11:52 AM

All the variants you're talking about have been impemented, and work.

The problem with having players hosting matches is that you have to implement NAT punch-through, and only allow players with working punch-through (or port forwarding) to host matches. The benefit is that you don't need to run the game servers yourself.

The benefit of having lobby and game all in one is that the hand-off and management of "who's online" is simple. The draw-back is that there is an upper limit to the number of games you can run at one time, because the server machine may run out of capacity.

The "best practice" for large-scale systems is to run multiple lobbying processes, and also run multiple game processes (perhaps one game per process, if processes are cheap.) When a player logs in, you'd try to assign him/her to a lobby server where other players on the friend list already are. Or you'd assign be geographic location, or something. The point being that you want players to be on lobby servers where they will find friends to play with, and you also want to scale the number of players beyond what a single server can do for lobbying. Xbox Live actually dynamically splits the lobbying -- for most games, it'll be on a single process, but when enough players are online (for the really big games,) it will split; I believe it will split geographically.

enum Bool { True, False, FileNotFound };

#6 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 03 September 2012 - 02:16 PM

thanks a lot for answer!
I think I like the idea about players hosting matches the most as I probably won't have enough budget to buy servers myself. 1 thing is concerning me still. I have very little idea about hacking online games but if one player is being a server, isn't he allowed to easily hack? Both his client and server would be ran on 1 machine so he might be able to corrupt data on the server, or? If you knew any good tutorials I would be really very grateful for your help and I appreciate your time you've spent here already!

PS: How is this method exacly called that one player hosts game for others? It's not peer to peer I guess and not simply client/server?

#7 0BZEN   Crossbones+   -  Reputation: 2004

Like
0Likes
Like

Posted 03 September 2012 - 05:25 PM

As soon as you give a user full administrative rights over the game (being the server), it will get hacked. There's just no two ways around it. Diablo III is went with proprietary dedicated servers for a good reason.

Edited by papalazaru, 03 September 2012 - 05:39 PM.

Everything is better with Metal.


#8 0BZEN   Crossbones+   -  Reputation: 2004

Like
1Likes
Like

Posted 03 September 2012 - 05:31 PM

PS: How is this method exacly called that one player hosts game for others? It's not peer to peer I guess and not simply client/server?


It's just client / server. If you want secure games, you will have to host on machines you trust. Either because you own them, or you can validate and authenticate the server content. Usually 'pure' game servers are called dedicated servers. There is no client-side, no rendering or sound, and the game is controlled via a console (entering commands, either locally, or by a games administrator remotely, rcon_password and all that). It's a lot lighter on resources, and you can run several servers on one machine, your bandwidth becoming your bottleneck.

Internet security is a big deal, especially when money is involved (auction houses). Then you run into legal matters. Simply put, a client / server would be the most secure you can hope for, and from where you can build on, and if someone wants to run a moded server and you do not run an authentication service, then there is nothing you can do, apart from accepting it.

If you run a lobby service, then you can run an authentication service. You will need to authenticate users, client and server content, client and server binaries, transactions, communications, ect... SteamWorks, XBox Live or Games For Windows Live are examples of such systems, and as you can tell, it's not an easy thing to do.

Edited by papalazaru, 03 September 2012 - 05:41 PM.

Everything is better with Metal.


#9 hplus0603   Moderators   -  Reputation: 4978

Like
2Likes
Like

Posted 04 September 2012 - 10:11 AM

if one player is being a server, isn't he allowed to easily hack?


Yes.
Many, many games have been quite successful with this model, though. Until just a few years ago, that was the only way that network-hosted games were written.
You still need a server for matching up the hosters with the players, but that's an easier thing to operate.

If you think your game will be popular, and there will be incentive to cheat, then you may need to change to run the servers on your own. The good news, though, is that, because players go to your matchmaking service to find servers, you can make that change later, without breaking anything that already exists.

So, I would recommend this sequence of implementation:
1) Build the game, with manual hosting, and the player having to enter a target address for the game server.
2) Make the game super fun!
3) Build a matchmaker, where hosted games register, and client players can find and join games.
4) Make this matchmaker, and the NAT punch-through, robust!
5) Now if the game is fun and robust, you may start seeing cheaters as a problem. Move servers into your own hosting, and advertise them in the matchmaking as "secure" or "premium" or whatever.

If you complete 1) and 2), you're better off than 99% of all other game projects on the planet :-)

Edited by hplus0603, 04 September 2012 - 10:11 AM.

enum Bool { True, False, FileNotFound };

#10 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 04 September 2012 - 11:45 AM

papalazaru,
thanks for answer! I would like to use some authetification system but I need to know how hacks work. How someone can change my server's content if server is ran on his own machine? Does he somehow stick another program to my server? Or he's just sending false values to / from server via for example windows command line?

edit:
hplus0603,
thanks a lot for your tips! I feel that network is the hardest challenge that I have faced so far. Though I think that most of the game engine is already done and if I managed to succeed with network coding, the game could be quite fun :). NAT punch-through is a thing that scares me the most... It seems there are almost no any example codes of doing that ;/

Edited by savail, 04 September 2012 - 11:55 AM.


#11 hplus0603   Moderators   -  Reputation: 4978

Like
1Likes
Like

Posted 04 September 2012 - 12:12 PM

When you're talking to a machine across the network, you have no idea what the code is that's running on the other end. It may be your server. It may be a Python script. It may be an alien that's really good at typing hex code into a telnet window :-)

Thus, the question of "what /could/ a cheater do if I let users host games" is "anything that's possible using your network protocol."

If the network protocol downloads maps from the hosting server, for example, then a malicious hoster could download whatever files he want. A very very large file that takes up all disk space? Files containing all kinds of contraband, terrorist threads, and child porn to make the player vulnerable to law enforcement search? Carefully crafted images that root the machine if opened with a vulnerable image decoder? That kind of thing. You can address this by, for example, setting an upper limit on the size of maps, and enforcing this on the downloaded side, and also enforcing that all assets are "baked into" the map file. You probably also want to ensure that the map file actually conforms to the map file format (header bytes, internal structure) by carefully validating it with code that won't thrash the stack or allocate too much memory if some internal data field is wrong.

If the network protocol allows the affecting of game entities during play (which it most likely does) then the attacker can make whatever entities do whatever he wants, within the limit of what entities can do in your game.

The physical implementation of an attack may be as simple as running a second program on the same machine that runs the server, which injects itself into the server address space and mutates data. Or it may be as complex as a network gateway that intercepts the data packets and re-writes them outside the server machine, totally undetectable to the server process. Or it may not be using your server code at all, instead emulating it using some other program.

Don't get me wrong, though: It's important that you write your networking code to be robust. It should never trust a size field that it hasn't verified is "sane;" it should never trust a piece of data that doesn't have the right header bytes; it should be prepared to deal with reads/writes being "short." Once you do that, the impact of a sophisticated cheater is basically validation: it's a great problem to have, because it means that people care enough about your game to spend the time to do that! Once you have that problem, you can probably figure out a way to make enough money on the game to move the server onto machines you can trust.
enum Bool { True, False, FileNotFound };

#12 SimonForsman   Crossbones+   -  Reputation: 5804

Like
1Likes
Like

Posted 04 September 2012 - 12:26 PM

papalazaru,
thanks for answer! I would like to use some authetification system but I need to know how hacks work. How someone can change my server's content if server is ran on his own machine? Does he somehow stick another program to my server? Or he's just sending false values to / from server via for example windows command line?


If the server runs on the users machine he can change anything he wants, (the code it runs, the values it sends/recieves, the data stored in RAM, etc), modifying software is a fairly simple process. (Pirates do it all the time to remove copyprotection from games)

With a matchmaking system your best bet is probably to allow players to rate hosts, highly rated hosts would then get matches quicker while really bad hosts could get their right to act as hosts suspended. (a host doesn't have to cheat to be bad)
I don't suffer from insanity, I'm enjoying every minute of it.
The voices in my head may not be real, but they have some good ideas!

#13 savail   Members   -  Reputation: 328

Like
0Likes
Like

Posted 04 September 2012 - 12:47 PM

Alright, I think I've made up my mind eventually, thanks to everybody who has helped here! Thanks for your time guys!
So I'll have a lobby server which will be ran on localhost on some specially designed for server machine. Do you think that for about 100$ I could buy a machine for lobby server that should handle 100 people online?
Lobby server will handle all the match making and after a match has been created and started one of players will host the game to others. Here's one more question: Should the server be implemented in the same .exe as client or it should be a separate program? or it doesn't matter at all?
And if my game occurs to be so cool that hackers will get interested :P then I'll think about some secure remote hosting ^^

#14 SimonForsman   Crossbones+   -  Reputation: 5804

Like
1Likes
Like

Posted 04 September 2012 - 01:35 PM

Alright, I think I've made up my mind eventually, thanks to everybody who has helped here! Thanks for your time guys!
So I'll have a lobby server which will be ran on localhost on some specially designed for server machine. Do you think that for about 100$ I could buy a machine for lobby server that should handle 100 people online?
Lobby server will handle all the match making and after a match has been created and started one of players will host the game to others. Here's one more question: Should the server be implemented in the same .exe as client or it should be a separate program? or it doesn't matter at all?
And if my game occurs to be so cool that hackers will get interested Posted Image then I'll think about some secure remote hosting ^^


How you separate the client and server is up to you, personally i'd put the server in its own library/class and build it into the client .exe aswell (This makes it fairly straightforward to move it out to a separate binary if you want dedicated servers later on).

The lobby server shouldn't really have to care about how many players you got online, it only has to work when players are trying to find a match. (The longer each game lasts the more players your lobby will be able to handle), $100 is pretty hard to get anything for these days, you might be able to find an old used machine at that price though. (If you buy new hardware it becomes very difficult to get a working system for less than $200-$300) (If the computer runs, is capable of running a decent server OS and can connect to the internet its good enough for a small lobby)

Edited by SimonForsman, 04 September 2012 - 01:37 PM.

I don't suffer from insanity, I'm enjoying every minute of it.
The voices in my head may not be real, but they have some good ideas!

#15 hplus0603   Moderators   -  Reputation: 4978

Like
1Likes
Like

Posted 04 September 2012 - 08:24 PM

A Raspberry Pi is $35 and can probably be a lobby server for a thousand players. The hardware cist is not necessarily the problem.

The question is more where the machine is located. If you're thinking of running the machine on your home internet connection, there are usually lots of problems with that set-up.

$100/month lets you rent a basic online self-managed dedicated server that would be sufficient for all matchmaking needs for any typical indie game. In fact, it might be able to run the forums for your game, too :-) The rock bottom dedicated servers start at about $50/month. Cheaper can be had through "virtual private servers" which are fractions of a server, starting as low as $20/month. Make sure you get enough bandwidth for your needs, though -- if you host your own downloads, it may be expensive otherwise. A VPS is fine for a matchmaker and forums machine, but probably not for actual game server processes, because of the scheduling jitter of virtualization.

Edited by hplus0603, 04 September 2012 - 08:26 PM.

enum Bool { True, False, FileNotFound };




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS