Jump to content
Posted 22 June 2013 - 12:38 PM
Posted 22 June 2013 - 05:17 PM
It's totally possible to connect game servers to the Internet and have it be secure.
If you use a proxy, you don't need two network cards; you can use a single network card with two separate virtual interfaces (two separate addresses.) Another option is to use a hardware proxy (A k a "load balancer.")
The proxy can, in the simplest of situations, be something off-the-shelf like HAProxy. HAProxy can be set up to just forward tcp connections both ways. Note that you won't see the "true" IP address of the client on the game server in this case. If your protocol is HTTP, then the proxy can insert the X-forwarded-for header; if your protocol is raw TCP, it cannot. A hardware load balancer is able to be "transparent" in this case.
More advanced systems that use a game-specific gateway server, and then funnels commands and responses to back-end simulation servers, are also possible, but are most likely not needed unless your game uses advanced physics or complex load balancing mechanisms.
Posted 23 June 2013 - 03:19 PM
Posted 25 June 2013 - 03:34 PM
I'm going to have a proxy server either way in order to direct the messages to the right server. I'm just wondering if it would be better in any way to have the outgoing messages (back to the client) be sent through the proxy server at a code level?
Posted 25 June 2013 - 06:55 PM
I'm just wondering if it would be better in any way to have the outgoing messages (back to the client) be sent through the proxy server at a code level?
Posted 26 June 2013 - 06:06 PM
I think I have a game idea that is quite compelling, but I am really trying this to learn how to make an mmo. I have a decent understanding that this project will probably go nowhere due to the huge amount of content it might need.
I am using UDP for this. I think if I use the standard internet sharing built into windows, the information should come from the proxy server's IP. Why does the information need to come from the same ip and port? Would it be possible/a good idea to use different ports for sending and receiving?
Posted 27 June 2013 - 11:33 AM
The short answer is: NAT is broken if the return source IP/port is not the send destination IP/port. And every residential firewall and wifi "router" will do NAT between the inside network and outside network.
There are some links in the FAQ to how NAT works and why it's important. For example, http://www.mindcontrol.org/~hplus/nat-punch.html (Simple NAT punch-through explanation.)
Edited by hplus0603, 27 June 2013 - 11:34 AM.
Posted 27 June 2013 - 04:51 PM
Thanks, this has been the missing piece of my knowledge of networking. You've been a great help.