Peer-to-Peer as alternative for client-server ?
Author
The cheapest solution for a massive multiplayer game for now is a distributed server system, am I correct? For example, 50 players on each server, or 1000, whatever, and if you want to go to another server, you just exit this one and navigate in your in-game build server browser, select another one and you''ll enter it. This way you can spread your servers easily around the globe.
Is it possible to replace that server-client community from let''s say a 100 players with a peer-to-peer solution? If people want to go to another place they just quit this persistent peer-to-peer session and select another peer-to-peer session. This way your massive multiplayer game costs nothing to run. No servers needed.
What more peer-to-peer solutions do there exist for high latency games, like fps. I know quazal, any others?
Interesting idea, but consider this: In massively multiplayer games, you''ve usually got a persistent world. With persistent worlds, cheating is a much more significant problem than it is with discrete game sessions.
Basically, you''d open the door for a great number of cheats. Plus, you''d surrender control of the online world, so you couldn''t really influence it once the game has begun.
Maybe there are solutions to these problems, but running a server farm is probably cheaper than fighting an uphill battle against exploits and other problems in the long run. Who knows...
cu,
Prefect
Basically, you''d open the door for a great number of cheats. Plus, you''d surrender control of the online world, so you couldn''t really influence it once the game has begun.
Maybe there are solutions to these problems, but running a server farm is probably cheaper than fighting an uphill battle against exploits and other problems in the long run. Who knows...
cu,
Prefect
Author
Crosbie Fitch wrote a series of remarkable articles concerning the future of peer-to-peer networks.(at gamasutra)
Somehow there must be a system to minimalize that hacker problem but for now I just want to know whether there are peer-to-peer systems in development, comparable with quazal.com products, open-source or commercial ? (to make Massively Multiplayer Games)
Somehow there must be a system to minimalize that hacker problem but for now I just want to know whether there are peer-to-peer systems in development, comparable with quazal.com products, open-source or commercial ? (to make Massively Multiplayer Games)
If you were to implement this system it would still cost you to run.
You need a way to lcoate all the peer to peer networks, and for that a central server will be needed (a common address).
Another thing you must think about is the storage of data. If all players in one peer to peer network (of up to 100 people like you say) were to leave the session, there would be no-one to store the game information and noone to connect to, thus the game is lost.
Bottom line is, you need a server for *something*, if only to help fight cheating or locate a network.
Dachande
[edited by - dachande on March 24, 2002 6:56:19 PM]
You need a way to lcoate all the peer to peer networks, and for that a central server will be needed (a common address).
Another thing you must think about is the storage of data. If all players in one peer to peer network (of up to 100 people like you say) were to leave the session, there would be no-one to store the game information and noone to connect to, thus the game is lost.
Bottom line is, you need a server for *something*, if only to help fight cheating or locate a network.
Dachande
[edited by - dachande on March 24, 2002 6:56:19 PM]
I have thought about a scenario like this a lot lately. It is true that you would need a server, but the reality is that it's possible to set up a MMORPG using a free (or cheap) host. Just make a CGI script to hold game data on a server like Tripod and give out everyone else's IP when you log on. Doing so, it is possible to run a MMORPG for free.
[edited by - rjahrman on March 24, 2002 12:06:18 AM]
[edited by - rjahrman on March 24, 2002 12:06:18 AM]
I did alot of research studying just such an implementation for MMORPGs. I envisioned a central State server where state was persisted but the actual gamestate would be running in various peer-to-peer sessions that would update the main server''s persisted state every so often. As people moved around the game world they would move between different peer to peer sessions. The holy grail of MMORPG''s I suppose. A virtually Unlimited Scalability model.
There was one problem, however, no way to guarantee security. I explored various solutions. Having each session be a simultaneous simulation (like AOE) where clients were validated against each other. The only problem with that is someone is bound to find out the validation mechanism and then they and a group of their friends could hijack a section of the game state and make all the changes they wanted, which would then be persisted to the main server.
I though of ways to make this more difficult, like randomly hosting small portions of a games state on the state server to make sure that none of the clients in a peer to peer session were cheating, but even then they could detect when the server made a connection and give it the responses it was expecting, while having their way with the game state.
What I came to realize is that a MMORPG system must be two things, it must be Secure, and it must be scaleable in that order. Any time you trust clients with a portion of the gamestate, like in a peer to peer environment you are no longer secure. The more popular your game becomes the more motivation people will have to hack it, it''s only a matter of time. Once people have hacked your game and you have uber characters walking around who cheated to get there, no one will want to play your game. All your scalability is for nothing if no one will play your game. Thus scalability is second only to security.
If you’re going to build a persistent world, start with a secure model e.g. Client Server. Obey all the rules. Never trust the Client with anything. Assume that hackers have the source code for your client and that they can see everything it can. After you''ve dealt with security, you can start with scalability. A O(n) scalability factor is pretty good under these circumstances.
There was one problem, however, no way to guarantee security. I explored various solutions. Having each session be a simultaneous simulation (like AOE) where clients were validated against each other. The only problem with that is someone is bound to find out the validation mechanism and then they and a group of their friends could hijack a section of the game state and make all the changes they wanted, which would then be persisted to the main server.
I though of ways to make this more difficult, like randomly hosting small portions of a games state on the state server to make sure that none of the clients in a peer to peer session were cheating, but even then they could detect when the server made a connection and give it the responses it was expecting, while having their way with the game state.
What I came to realize is that a MMORPG system must be two things, it must be Secure, and it must be scaleable in that order. Any time you trust clients with a portion of the gamestate, like in a peer to peer environment you are no longer secure. The more popular your game becomes the more motivation people will have to hack it, it''s only a matter of time. Once people have hacked your game and you have uber characters walking around who cheated to get there, no one will want to play your game. All your scalability is for nothing if no one will play your game. Thus scalability is second only to security.
If you’re going to build a persistent world, start with a secure model e.g. Client Server. Obey all the rules. Never trust the Client with anything. Assume that hackers have the source code for your client and that they can see everything it can. After you''ve dealt with security, you can start with scalability. A O(n) scalability factor is pretty good under these circumstances.
I''m not sure I agree with your assumption that an MMORPG must be secure. I don''t think this has been absolutely proven.
I think an interesting idea for an MMORPG that hasn''t been implemented yet is security through complete openness. Save all the character data in easily-viewed (and modified) XML or similar scheme on the client end. If a user wants to give himself a +5000 longsword and max out every stat, so be it... no serious gamer will want to play with this perosn. My theory is that removing the challenge from hacking the game (in effect, removing the "hacking" from hacking) will pretty much drive off all the would-be cheaters. The only people who will be interested in the game are the ones that want to *play* it.
Did you play the Dungeon Siege beta? There is no security model for Dungeon Siege... it''s basically wide open, and will even provide an editor for you to muck with anything you want. Of course, it''s not really a persistent-world game either, so the analogy doesn''t fly. Alo, Microsoft will probably take a lot of heat for the lack of security in Zone games, but it was probably the right decision in the long run ($$$).
I think an interesting idea for an MMORPG that hasn''t been implemented yet is security through complete openness. Save all the character data in easily-viewed (and modified) XML or similar scheme on the client end. If a user wants to give himself a +5000 longsword and max out every stat, so be it... no serious gamer will want to play with this perosn. My theory is that removing the challenge from hacking the game (in effect, removing the "hacking" from hacking) will pretty much drive off all the would-be cheaters. The only people who will be interested in the game are the ones that want to *play* it.
Did you play the Dungeon Siege beta? There is no security model for Dungeon Siege... it''s basically wide open, and will even provide an editor for you to muck with anything you want. Of course, it''s not really a persistent-world game either, so the analogy doesn''t fly. Alo, Microsoft will probably take a lot of heat for the lack of security in Zone games, but it was probably the right decision in the long run ($$$).
When you’re talking about persistent state worlds Security is an absolute must! You’re expecting your players to invest time and energy to build up their characters and possessions in this world. If some hacker starts on Monday and is level 200,000 on Wednesday and killing all the people who have invested weeks/months/years acquiring their skills and items in the traditional manner, all your traditional players are going to quit in disgust.
The motivation for hackers to hack persistent state games is much greater then in games where the gamstate is session based, like a starcraft or AoE. If someone hacks the gamestate in an RTS match, the other players can just quit and go join some other game. The hack does not result in any lasting benefit to the hacker. Not so with persistent state games like today’s MMORPGS. Once a hacker has hacked the system his changes to the gamestate are permanent. He will have a continuing advantage over all the other players he is competing against. Thus his motivation to hack is much higher.
People quit playing Asherons Call in droves after the “GEAR” hacks game some player’s ridiculous competitive advantages on the PvP servers. If you think that no one will hack your persistent MMORPG world because you make it really easy to do so. You’re sadly mistaken. What will happen is that people will all max out their levels and experience, play for a few days and get bored because there is no inherent value in fighting monsters or leveling up. Why work up the hard way when everyone else is just modifying their characters in the editor you shipped with the game. It is this whole concept of building your characters faster then everyone else that drives people to play these MMORPGS for countless hours. It’s because of their belief that everyone must follow the same rules of progression that their advancement even has value. If some newbie can just get to the same level by editing his character then advancement will be meaningless and no one will play for longer then a week.
If I haven’t convinced you go ahead and try to implement a persistent state massively multiplayer game with absolutely no regard for security. I think you’ll soon understand what I’m talking about
The motivation for hackers to hack persistent state games is much greater then in games where the gamstate is session based, like a starcraft or AoE. If someone hacks the gamestate in an RTS match, the other players can just quit and go join some other game. The hack does not result in any lasting benefit to the hacker. Not so with persistent state games like today’s MMORPGS. Once a hacker has hacked the system his changes to the gamestate are permanent. He will have a continuing advantage over all the other players he is competing against. Thus his motivation to hack is much higher.
People quit playing Asherons Call in droves after the “GEAR” hacks game some player’s ridiculous competitive advantages on the PvP servers. If you think that no one will hack your persistent MMORPG world because you make it really easy to do so. You’re sadly mistaken. What will happen is that people will all max out their levels and experience, play for a few days and get bored because there is no inherent value in fighting monsters or leveling up. Why work up the hard way when everyone else is just modifying their characters in the editor you shipped with the game. It is this whole concept of building your characters faster then everyone else that drives people to play these MMORPGS for countless hours. It’s because of their belief that everyone must follow the same rules of progression that their advancement even has value. If some newbie can just get to the same level by editing his character then advancement will be meaningless and no one will play for longer then a week.
If I haven’t convinced you go ahead and try to implement a persistent state massively multiplayer game with absolutely no regard for security. I think you’ll soon understand what I’m talking about
Security _CAN_ be implemented through the client! I''m not completely sure on this idea (so correct me if I''m wrong), but consider this: when a user logs on, the program could randomly check how far different players have gotten since last time. If a stat is obviously hacked, the hacked player could be ignored by that computer. It could then "warn" other computers. The hackers would then be playing only with other hackers!!!
That’s fine for if a client changes his information while offline. (although this situation would likely never occur because the Client''s stats and inventory are populated from the server when they connect) But consider this, and this is what I was referring to above. What if the client changed his stats while playing the game, or perhaps gave himself some uber items. When the user logged out of the game, his new stats and items would be saved to the server. The server would have no way of knowing if the client achieved those stats and items legitimately or by hacking. Sure you could set limits on how many levels you could gain in one session, but hackers would rapidly figure out the levels, and how to max them out every time they played. Once you trust the gamestate to live on the client, you are no longer in control, the server is at the mercy of the clients.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement