Port Forwarding
-
Could you do me a favor and summarize the desired behavior in a bullet-point list? However, both from a client to server and a server to client point of view. And - if needed - as well from a client to client point of view. All of these in combination with and without the “allow dubious” and “server hosts all” options set/not set.
I would forward the info to Mike, and then will try to work with him on the implementation.
Thanks a bunch!
About the “Host all Units” option :
–----------------------------------------------------------------------------------------------------
First and foremost, a few definitions about AI management after Deagg :When a battalion/flight is deagg by a player, it’s controlled according to 2 different statuses “Owner” and “SimOwner” for himself and for all MP players (Camp Label must be activated to see these statuses).
-Owner => control of a unit (complete battalion/flight => controlled as unique objects (2D combat control : not much impact on CPU usage and even less impact on bandwidth usage)
-SimOwner => control of all vehicles (tank SAM launcher, infantry, truck, F16, MiG-29, etc.) part of a unit “battalion/flight” => tens of vehicles controlled (3D combat management, for each individual vehicle : large impact on CPU usage and direct impact on bandwidth usage)
-Local => controlled
-Remote => not controlledExamples :
“Owner:local SimOwner:local” => seen from an individual player, it means that this battalion/flight is controlled as a unique object, BUT ALSO that each vehicle in this battalion/flight is controlled by the same individual player
“Owner:remote SimOwner:remote” => seen from an individual player, it means that this battalion/flight isn’t controlled as a unique object AND that each vehicle of this battalion/flight isn’t controlled by the same individual player
“Owner:local SimOwner:remote” => seen from an individual player, it means that this battalion/flight is controlled as a unique object, BUT each vehicle in this battalion/flight is not controlled by the same individual player
“Owner:remote SimOwner:local” => seen from an individual player, it means that this battalion/flight isn’t controlled as a unique object BUT each vehicle of this battalion/flight IS controlled by the same individual player
“Host all Units” disabled :
- if the host deaggs a battalion/flight : from his point of view, he will see it as “Owner:local SimOwner:local” and the other connected players (clients) will see it as “Owner:remote SimOwner:remote”
- if a client deaggs a battalion/flight : he will see it as “Owner:remote SimOwner:local”, all the other clients will see it as “Owner:remote SimOwner:remote” and the host will see it as “Owner:local SimOwner:remote”
This means :
- the host always controls the battalions/flights as unique objects (“owner” will always be “local” for the host) -> very little impact on the CPU and bandwidth usage.
- therefore, the clients never control the battalions/flights as unique objects (“owner” is always “remote” for the clients)
- On the contrary, if a player (host or client) deaggs one or several battalions/flights, he will have to control each vehicle in this battalion/flight (=> SimOwner:local) for all other connected players, which has a direct impact on this player’s CPU and bandwidth usage, whether he is host or client. It depends on the number of battalions/flights he has deagged and on the number of vehicles in these battalions/flight. This means he might have to control tens of objects, all tracers shot, all missiles trajectories => try to imagine a client with a small CPU and bandwidth who has to host all this for all other players … some data will certainly be lost in MP
“Host all Units” enabled :
- the battalions/flights deagged by any client will always be “Owner:remote SimOwner:remote” for the clients
- therefore, these battalions deagged by these clients will always be “Owner:local SimOwner:local” for the host
this means:
- it’s always the host who’ll control all battalions/flights deagged by the clients : therefore, he will always be “Owner:local SimOwner:local” => huge impact on the CPU and bandwidth usage, especially upload.
- the clients don’t control anything, even if they are the ones who deagg the battalions/flights => very low CPU and upload bandwidth usage. But, they must have a stable and large download bandwidth to receive all data sent by the host
Check all the subject i wrote here : https://www.benchmarksims.org/forum/showthread.php?5271-quot-Host-all-units-OFF-quot-vs-quot-Host-all-units-ON-quot-gt-CONCLUSION&highlight=host%27s+units
BB
-
As my original post got jumped on ill try again.
“Unless your hosting you should not need to forward any ports.” OK forget about hosting for now.
A: Statment expressing a desirable outcome or status.
B: Also my current router state/setup.
With my current ISP provided “2WIRE” router (previous DLink I cant get working with this ISP) If I set up port forward
on 2934-2935 then FoL see me as a dubious connection. So can’t connect.If I then set up a DMZ I connect, but my local area network is screwed as my PC now has an external IP.
My solution was/is no port forwarding & no DMZ, apparently thanks to update 4,5 or 6.
Im shore this situation would horrify Arty and any other purist and may not be Ideal but it works with our daily group of 4-8
& weekends of over 20 in the air.So any efforts to drag this old girl (Falcon) into the twenty first century is appreciated.
Regards
-
You can always use a PC router with Linux/FreeBSD and set up static port forwarding for the few select ports… Raspberry Pi as a router is very cheap.
FOL guys are stubborn and their networking knowledge is lacking. ‘Just set up DMZ’, as if that’s what DMZ meant wrt network topology…
-
With my current ISP provided “2WIRE” router (previous DLink I cant get working with this ISP) If I set up port forward
on 2934-2935 then FoL see me as a dubious connection. So can’t connect.That’s probably due to the fact that your router changes the source port (2935) of your outbound packets, even though you got port forwarding setup. Most consumer routers will conserve the source port if there exists a corresponding rule for inbound packets.
If I then set up a DMZ I connect, but my local area network is screwed as my PC now has an external IP.
I’m sure you know, but DMZ is a really bad idea. It exposes your PC to the internet, and makes you vulnerable for all kinds of attacks.
My solution was/is no port forwarding & no DMZ, apparently thanks to update 4,5 or 6.
You probably got the “routing through host” to thank for that. It didn’t function as it should at first, but that was fixed in update 4 or 5. If you start BMS with the “-mono” command switch, it creates a log file in ./user/logs. Not fun reading, but if you search for “routing through host”, you might confirm my suspicion.
-
Another benfit is a friend staying here can also fly online.
So far 4-8 clients with no show stoppers, will be watching closely this weekend when our numbers should be in the 20+
We have a server with gigabit connectivity but the box does need more horsepower.
-
shadow probably u r talking about local lan?
-
shadow probably u r talking about local lan?
No
-
Let’s try it once more as suggested by Ripley, to make more clearer the port mappings:
Dubious on/off, tautologically speaking
- Client X:Y connects to S:T
[dubious=1]
- S:T queries X:2934[4-7] for redirect status
- ACK if redirected, NAK otherwise
[dubious=0]
- ACK
This is disrespective from the current wrong behavior where Y must equal 2935 or the connection won’t be accepted.
Is that explanation good enough?
-
I thought of an issue with this approach. Ideally, clients should be able to connect without port forwarding setup at their side. Sort of the Holy Grail. This requires NAT traversal to establish the peer-to-peer connections between clients, but that’s already in place (in RAKNET). However, by having the server query port 2935 on the client side, you basically require port forwarding on the client side. Of course, if things depend on the parameter AllowDubiousConnections, this could be acceptable.
-
I’m sure you know, but DMZ is a really bad idea. It exposes your PC to the internet, and makes you vulnerable for all kinds of attacks.
Not correct, you always be protected by the default Windows (software) Firewall
BB
-
@Bad:
Not correct, you always be protected by the default Windows (software) Firewall
BB
makes you more vulnerable than you would normally be, considering its basically telling the router to stop all the various filtering it normally does.
-
So break NAT without static port mappings to work around bugs? Oh, bother…
No, you misread. It’s dubious=0 that prevents non-static mappings to work. As said, @mrivers has a problem with non-static mappings. Or something.
Set your hater to stun.
Set AllowDubious to 1, I am completely fine with that. The goal of the 4.32 net code was to not need port forwarding. But there were problematic routers (Zyxel), and there were bugs in the CS fallback code (which were fixed in update 5) and concern for BW that prompted the ability to disable it.
-
IIRC falcon-online reported breakage after clients go to 3D, i.e. network destabilization caused by flaky clients.
Can’t seem to remember the conversation we’ve had a while back
A.S., can you confirm/deny?
-
IIRC falcon-online reported breakage after clients go to 3D, i.e. network destabilization caused by flaky clients.
Can’t seem to remember the conversation we’ve had a while back
A.S., can you confirm/deny?
From my experience (related with all my PVP events) : allowing dubious client induce a server destabilization (with possibility of server crash or possibility of server who is disconnecting every clients at the same time without crash) when more than 40 clients are connected
BB
-
Hi guys. I dont want to hijack the thread, but at the moment I am within a subnet without access to the router and I am having some problems connecting.
As a client (NOT the host), does any port need to be forward as well? I thought it was only mandatory server-side.
Any info appreciated!
-
It’s not mandatory, but some people are overzealous…
-
If you read this thread you will understand completely.
@syn:
Hi guys. I dont want to hijack the thread, but at the moment I am within a subnet without access to the router and I am having some problems connecting.
As a client (NOT the host), does any port need to be forward as well? I thought it was only mandatory server-side.
Any info appreciated!
-
This post is deleted! -
@syn:
Hi guys. I dont want to hijack the thread, but at the moment I am within a subnet without access to the router and I am having some problems connecting.
As a client (NOT the host), does any port need to be forward as well? I thought it was only mandatory server-side.
Any info appreciated!
Yes you need client and server to have Open ports if behind a NAT… IF you do NOt have access to the Router like at college or something you could try a HTTP Tunneling service…
-
@Bad:
Not correct, you always be protected by the default Windows (software) Firewall
BB
WEll yes and No if you DMZ your PC you are vulnerable to an attack more so then if the SPI Firewall and a Software Firewall is in place… it is BEST NOT to DMZ your PC For anything other then testing…
This is the Lazy way out… DMZ is exactly what it stands for “De Militirized Zone” Well we all know or at least should know what that is like…