• Announcements

    • khawk

      Download the Game Design and Indie Game Marketing Freebook   07/19/17

      GameDev.net and CRC Press have teamed up to bring a free ebook of content curated from top titles published by CRC Press. The freebook, Practices of Game Design & Indie Game Marketing, includes chapters from The Art of Game Design: A Book of Lenses, A Practical Guide to Indie Game Marketing, and An Architectural Approach to Level Design. The GameDev.net FreeBook is relevant to game designers, developers, and those interested in learning more about the challenges in game development. We know game development can be a tough discipline and business, so we picked several chapters from CRC Press titles that we thought would be of interest to you, the GameDev.net audience, in your journey to design, develop, and market your next game. The free ebook is available through CRC Press by clicking here. The Curated Books The Art of Game Design: A Book of Lenses, Second Edition, by Jesse Schell Presents 100+ sets of questions, or different lenses, for viewing a game’s design, encompassing diverse fields such as psychology, architecture, music, film, software engineering, theme park design, mathematics, anthropology, and more. Written by one of the world's top game designers, this book describes the deepest and most fundamental principles of game design, demonstrating how tactics used in board, card, and athletic games also work in video games. It provides practical instruction on creating world-class games that will be played again and again. View it here. A Practical Guide to Indie Game Marketing, by Joel Dreskin Marketing is an essential but too frequently overlooked or minimized component of the release plan for indie games. A Practical Guide to Indie Game Marketing provides you with the tools needed to build visibility and sell your indie games. With special focus on those developers with small budgets and limited staff and resources, this book is packed with tangible recommendations and techniques that you can put to use immediately. As a seasoned professional of the indie game arena, author Joel Dreskin gives you insight into practical, real-world experiences of marketing numerous successful games and also provides stories of the failures. View it here. An Architectural Approach to Level Design This is one of the first books to integrate architectural and spatial design theory with the field of level design. The book presents architectural techniques and theories for level designers to use in their own work. It connects architecture and level design in different ways that address the practical elements of how designers construct space and the experiential elements of how and why humans interact with this space. Throughout the text, readers learn skills for spatial layout, evoking emotion through gamespaces, and creating better levels through architectural theory. View it here. Learn more and download the ebook by clicking here. Did you know? GameDev.net and CRC Press also recently teamed up to bring GDNet+ Members up to a 20% discount on all CRC Press books. Learn more about this and other benefits here.
Sign in to follow this  
Followers 0
savail

a few questions about server design

14 posts in this topic

Hi,
I'm creating action 2d game using UDP and I've heard that it's best to implement whole gameplay on the server and client should send as low data as possible (in order to prevent user from cheating, hacking etc). Therefore I've got some questions, which hopefully someone could answer:
1. My game is going to have a lobby and players will be able to create a match, wait for others to join and start it. In such case what should be done on the server and client separately to ensure best performance for both server and clients? There is pixel perfect collision in my game (a bit laborious becouse every pixel is being checked on 2 colliding sprites). I thought that checking if collision occurs will be done on the client but collision execution on the server. So client will be sending players' indexs which collide, server will execute the collision and send the result back to client. Is that a good approach or whole collision operations should be done on client? (I would like to disable any easy to do hacks in my game but keep good performance and design).
2. Where camera moving should be handled? I guess that on the client becouse it's individual for each client, right?

I would be very grateful for answers!
0

Share this post


Link to post
Share on other sites
Also if I have a lobby and I have a chat there as well so how to ensure that all text messages sent by users arrive to server and vice versa? How is it done in other games created on top of UDP? I guess that loosing text messages shouldn't be allowed even in UDP game?
0

Share this post


Link to post
Share on other sites
Games on top of UDP usually classify messages into "reliable" and "unreliable." "Reliable" messages, when sent, are put into a queue of some sort, and only removed from that queue when the remote end acknowledges the packet that they were put into. If an acknowledge doesn't come in quickly enough, the messages are re-transmitted, until acknowledge is received. This also needs some form of de-duplication on the receiving end (typically implemented using a serial number for reliable messages.)
2

Share this post


Link to post
Share on other sites
thanks for answer. I'm wondering also if I should have a separate server for lobby and separate servers for matches? How is it actually done? 1 server per one match? or 1 server handling all matches? or maybe one player should be the server and host game to others in given match, but is that secure enough? Though I have no idea how to implement that. I would be very grateful for any clues!
0

Share this post


Link to post
Share on other sites
All the variants you're talking about have been impemented, and work.

The problem with having players hosting matches is that you have to implement NAT punch-through, and only allow players with working punch-through (or port forwarding) to host matches. The benefit is that you don't need to run the game servers yourself.

The benefit of having lobby and game all in one is that the hand-off and management of "who's online" is simple. The draw-back is that there is an upper limit to the number of games you can run at one time, because the server machine may run out of capacity.

The "best practice" for large-scale systems is to run multiple lobbying processes, and also run multiple game processes (perhaps one game per process, if processes are cheap.) When a player logs in, you'd try to assign him/her to a lobby server where other players on the friend list already are. Or you'd assign be geographic location, or something. The point being that you want players to be on lobby servers where they will find friends to play with, and you also want to scale the number of players beyond what a single server can do for lobbying. Xbox Live actually dynamically splits the lobbying -- for most games, it'll be on a single process, but when enough players are online (for the really big games,) it will split; I believe it will split geographically.
1

Share this post


Link to post
Share on other sites
thanks a lot for answer!
I think I like the idea about players hosting matches the most as I probably won't have enough budget to buy servers myself. 1 thing is concerning me still. I have very little idea about hacking online games but if one player is being a server, isn't he allowed to easily hack? Both his client and server would be ran on 1 machine so he might be able to corrupt data on the server, or? If you knew any good tutorials I would be really very grateful for your help and I appreciate your time you've spent here already!

PS: How is this method exacly called that one player hosts game for others? It's not peer to peer I guess and not simply client/server?
0

Share this post


Link to post
Share on other sites
As soon as you give a user full administrative rights over the game (being the server), it will get hacked. There's just no two ways around it. Diablo III is went with proprietary dedicated servers for a good reason. Edited by papalazaru
0

Share this post


Link to post
Share on other sites
[quote name='savail' timestamp='1346703390' post='4976172']
PS: How is this method exacly called that one player hosts game for others? It's not peer to peer I guess and not simply client/server?
[/quote]

It's just client / server. If you want secure games, you will have to host on machines you trust. Either because you own them, or you can validate and authenticate the server content. Usually 'pure' game servers are called dedicated servers. There is no client-side, no rendering or sound, and the game is controlled via a console (entering commands, either locally, or by a games administrator remotely, rcon_password and all that). It's a lot lighter on resources, and you can run several servers on one machine, your bandwidth becoming your bottleneck.

Internet security is a big deal, especially when money is involved (auction houses). Then you run into legal matters. Simply put, a client / server would be the most secure you can hope for, and from where you can build on, and if someone wants to run a moded server and you do not run an authentication service, then there is nothing you can do, apart from accepting it.

If you run a lobby service, then you can run an authentication service. You will need to authenticate users, client and server content, client and server binaries, transactions, communications, ect... SteamWorks, XBox Live or Games For Windows Live are examples of such systems, and as you can tell, it's not an easy thing to do. Edited by papalazaru
1

Share this post


Link to post
Share on other sites
[quote]if one player is being a server, isn't he allowed to easily hack?[/quote]

Yes.
Many, many games have been quite successful with this model, though. Until just a few years ago, that was the only way that network-hosted games were written.
You still need a server for matching up the hosters with the players, but that's an easier thing to operate.

If you think your game will be popular, and there will be incentive to cheat, then you may need to change to run the servers on your own. The good news, though, is that, because players go to your matchmaking service to find servers, you can make that change later, without breaking anything that already exists.

So, I would recommend this sequence of implementation:
1) Build the game, with manual hosting, and the player having to enter a target address for the game server.
2) Make the game super fun!
3) Build a matchmaker, where hosted games register, and client players can find and join games.
4) Make this matchmaker, and the NAT punch-through, robust!
5) Now if the game is fun and robust, you may start seeing cheaters as a problem. Move servers into your own hosting, and advertise them in the matchmaking as "secure" or "premium" or whatever.

If you complete 1) and 2), you're better off than 99% of all other game projects on the planet :-) Edited by hplus0603
2

Share this post


Link to post
Share on other sites
papalazaru,
thanks for answer! I would like to use some authetification system but I need to know how hacks work. How someone can change my server's content if server is ran on his own machine? Does he somehow stick another program to my server? Or he's just sending false values to / from server via for example windows command line?

edit:
hplus0603,
thanks a lot for your tips! I feel that network is the hardest challenge that I have faced so far. Though I think that most of the game engine is already done and if I managed to succeed with network coding, the game could be quite fun :). NAT punch-through is a thing that scares me the most... It seems there are almost no any example codes of doing that ;/ Edited by savail
0

Share this post


Link to post
Share on other sites
When you're talking to a machine across the network, you have no idea what the code is that's running on the other end. It may be your server. It may be a Python script. It may be an alien that's really good at typing hex code into a telnet window :-)

Thus, the question of "what /could/ a cheater do if I let users host games" is "anything that's possible using your network protocol."

If the network protocol downloads maps from the hosting server, for example, then a malicious hoster could download whatever files he want. A very very large file that takes up all disk space? Files containing all kinds of contraband, terrorist threads, and child porn to make the player vulnerable to law enforcement search? Carefully crafted images that root the machine if opened with a vulnerable image decoder? That kind of thing. You can address this by, for example, setting an upper limit on the size of maps, and enforcing this on the downloaded side, and also enforcing that all assets are "baked into" the map file. You probably also want to ensure that the map file actually conforms to the map file format (header bytes, internal structure) by carefully validating it with code that won't thrash the stack or allocate too much memory if some internal data field is wrong.

If the network protocol allows the affecting of game entities during play (which it most likely does) then the attacker can make whatever entities do whatever he wants, within the limit of what entities can do in your game.

The physical implementation of an attack may be as simple as running a second program on the same machine that runs the server, which injects itself into the server address space and mutates data. Or it may be as complex as a network gateway that intercepts the data packets and re-writes them outside the server machine, totally undetectable to the server process. Or it may not be using your server code at all, instead emulating it using some other program.

Don't get me wrong, though: It's important that you write your networking code to be robust. It should never trust a size field that it hasn't verified is "sane;" it should never trust a piece of data that doesn't have the right header bytes; it should be prepared to deal with reads/writes being "short." Once you do that, the impact of a sophisticated cheater is basically validation: it's a great problem to have, because it means that people care enough about your game to spend the time to do that! Once you have that problem, you can probably figure out a way to make enough money on the game to move the server onto machines you can trust.
1

Share this post


Link to post
Share on other sites
[quote name='savail' timestamp='1346780740' post='4976502']
papalazaru,
thanks for answer! I would like to use some authetification system but I need to know how hacks work. How someone can change my server's content if server is ran on his own machine? Does he somehow stick another program to my server? Or he's just sending false values to / from server via for example windows command line?
[/quote]

If the server runs on the users machine he can change anything he wants, (the code it runs, the values it sends/recieves, the data stored in RAM, etc), modifying software is a fairly simple process. (Pirates do it all the time to remove copyprotection from games)

With a matchmaking system your best bet is probably to allow players to rate hosts, highly rated hosts would then get matches quicker while really bad hosts could get their right to act as hosts suspended. (a host doesn't have to cheat to be bad)
1

Share this post


Link to post
Share on other sites
Alright, I think I've made up my mind eventually, thanks to everybody who has helped here! Thanks for your time guys!
So I'll have a lobby server which will be ran on localhost on some specially designed for server machine. Do you think that for about 100$ I could buy a machine for lobby server that should handle 100 people online?
Lobby server will handle all the match making and after a match has been created and started one of players will host the game to others. Here's one more question: Should the server be implemented in the same .exe as client or it should be a separate program? or it doesn't matter at all?
And if my game occurs to be so cool that hackers will get interested :P then I'll think about some secure remote hosting ^^
0

Share this post


Link to post
Share on other sites
[quote name='savail' timestamp='1346784426' post='4976529']
Alright, I think I've made up my mind eventually, thanks to everybody who has helped here! Thanks for your time guys!
So I'll have a lobby server which will be ran on localhost on some specially designed for server machine. Do you think that for about 100$ I could buy a machine for lobby server that should handle 100 people online?
Lobby server will handle all the match making and after a match has been created and started one of players will host the game to others. Here's one more question: Should the server be implemented in the same .exe as client or it should be a separate program? or it doesn't matter at all?
And if my game occurs to be so cool that hackers will get interested [img]http://public.gamedev.net//public/style_emoticons/default/tongue.png[/img] then I'll think about some secure remote hosting ^^
[/quote]

How you separate the client and server is up to you, personally i'd put the server in its own library/class and build it into the client .exe aswell (This makes it fairly straightforward to move it out to a separate binary if you want dedicated servers later on).

The lobby server shouldn't really have to care about how many players you got online, it only has to work when players are trying to find a match. (The longer each game lasts the more players your lobby will be able to handle), $100 is pretty hard to get anything for these days, you might be able to find an old used machine at that price though. (If you buy new hardware it becomes very difficult to get a working system for less than $200-$300) (If the computer runs, is capable of running a decent server OS and can connect to the internet its good enough for a small lobby) Edited by SimonForsman
1

Share this post


Link to post
Share on other sites
A Raspberry Pi is $35 and can probably be a lobby server for a thousand players. The hardware cist is not necessarily the problem.

The question is more where the machine is located. If you're thinking of running the machine on your home internet connection, there are usually lots of problems with that set-up.

$100/month lets you rent a basic online self-managed dedicated server that would be sufficient for all matchmaking needs for any typical indie game. In fact, it might be able to run the forums for your game, too :-) The rock bottom dedicated servers start at about $50/month. Cheaper can be had through "virtual private servers" which are fractions of a server, starting as low as $20/month. Make sure you get enough bandwidth for your needs, though -- if you host your own downloads, it may be expensive otherwise. A VPS is fine for a matchmaker and forums machine, but probably not for actual game server processes, because of the scheduling jitter of virtualization. Edited by hplus0603
1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0