I am making a distributed MMO server to serve across multiple servers. I have read that you should not connect the game servers to the internet directly and instead use a proxy machine. the proxy machine will have 2 network cards, one connected to the internet and one connected to the game servers. it then forwards incomming messages to the appropriate game server.
When I go to respond to the message from the game server, should I have code on the proxy server to forward the packets outwards or does the regular internet passthrough from Windows provide the security I need?
MMO server security
It's totally possible to connect game servers to the Internet and have it be secure.
If you use a proxy, you don't need two network cards; you can use a single network card with two separate virtual interfaces (two separate addresses.) Another option is to use a hardware proxy (A k a "load balancer.")
The proxy can, in the simplest of situations, be something off-the-shelf like HAProxy. HAProxy can be set up to just forward tcp connections both ways. Note that you won't see the "true" IP address of the client on the game server in this case. If your protocol is HTTP, then the proxy can insert the X-forwarded-for header; if your protocol is raw TCP, it cannot. A hardware load balancer is able to be "transparent" in this case.
More advanced systems that use a game-specific gateway server, and then funnels commands and responses to back-end simulation servers, are also possible, but are most likely not needed unless your game uses advanced physics or complex load balancing mechanisms.
I would argue that from a security standpoint the proxy option is actually more of a risk if you do not know what you're doing.
Specifically, it gives people the impression that they only need to harden one machine (the proxy) and then the rest is "secure" by default. This is utterly false.
You need to harden every machine in your system, period. And that needs to be done from the hardware up: firewalls with ACLs to drop illegal traffic at the network level, OS configured correctly and patched appropriately, and your software stack itself needs to take various attacks into account for robustness. Every machine should be as hardened as you can make it without compromising your own ability to run the game.
At that point, the proxy is not a useful security measure anymore. You can just as easily expose a protected interface on each game server to the public internet and be done. Proxies can still have their uses, to be sure, but security shouldn't be considered one of them.
Specifically, it gives people the impression that they only need to harden one machine (the proxy) and then the rest is "secure" by default. This is utterly false.
You need to harden every machine in your system, period. And that needs to be done from the hardware up: firewalls with ACLs to drop illegal traffic at the network level, OS configured correctly and patched appropriately, and your software stack itself needs to take various attacks into account for robustness. Every machine should be as hardened as you can make it without compromising your own ability to run the game.
At that point, the proxy is not a useful security measure anymore. You can just as easily expose a protected interface on each game server to the public internet and be done. Proxies can still have their uses, to be sure, but security shouldn't be considered one of them.
Author
I'm going to have a proxy server either way in order to direct the messages to the right server. I'm just wondering if it would be better in any way to have the outgoing messages (back to the client) be sent through the proxy server at a code level?
I'm just wondering if it would be better in any way to have the outgoing messages (back to the client) be sent through the proxy server at a code level?
Are you using TCP? If so, you have to do that, no matter what. There are some hardware load balancers that support asymmetric "Direct Server Response" or similar, but those are not layer 7 proxies like you're talking about here.
If you're using UDP, you have a little more flexibility, and sending the response straight back to the client may reduce load on the proxy server. Just make sure you don't break NAT. Specifically, the "from" ip:port tuple you send needs to be the same as the client sent in "to."
Also, I think you're solving the wrong problem first. Most MMO projects die because they fail to build a game that is at all compelling. Start there :-)
Author
I think I have a game idea that is quite compelling, but I am really trying this to learn how to make an mmo. I have a decent understanding that this project will probably go nowhere due to the huge amount of content it might need.
I am using UDP for this. I think if I use the standard internet sharing built into windows, the information should come from the proxy server's IP. Why does the information need to come from the same ip and port? Would it be possible/a good idea to use different ports for sending and receiving?
The short answer is: NAT is broken if the return source IP/port is not the send destination IP/port. And every residential firewall and wifi "router" will do NAT between the inside network and outside network.
There are some links in the FAQ to how NAT works and why it's important. For example, http://www.mindcontrol.org/~hplus/nat-punch.html (Simple NAT punch-through explanation.)
Author
Thanks, this has been the missing piece of my knowledge of networking. You've been a great help.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
