Pages: [1]
  Print  
Author Topic: Changing the master server heartbeat operation  (Read 9901 times)
mondo1287
Nub


Cakes 0
Posts: 22


« on: September 18, 2007, 08:07:06 pm »

Please read my post here:
http://openarena.ws/board/index.php?topic=1166.0

And consult the link here:
http://www.forumplanet.com/planetquake/topic.asp?fid=5761&tid=1780880&p=1

To summarize, some routers/firewalls, particularly enterprise grade models that support a massive amount of concurrent connections, will modify the source port of outgoing packets to keep each connection on a unique port (Think enterprise with 3000 machines sharing the same firewall).  This causes an issue with the master server as it uses the source port of the heartbeat packet to determine the port the server is running on.  If the server is running on port 27960, and the router modifies the source port of the packet to a random port, say port 34000, the master server assumes the server to be running on port 34000. 

In the second link above, the quake4 developer agreed to change the heartbeat operation to rectify this.  They changed the heartbeat packet to include the servers net_port setting and use that as the servers port, ignoring the source port of the heartbeat packet.  Alternatively, it may also be possible to modify the heartbeat packet with a flag that says don't modify my headers, but this would not be ideal, and may even be ignored by some routers and they will still do their own internal translation.

I'm interested in what you guys (the developers) think about this.  If I end up with a ton of free time, I may investigate further and possibly submit a patch to do what I've described.  Also, I may not even know what I'm talking about.  Smiley

EDIT:

I think the code that would have to be changed is line 265 of sv_main.c
Quote
NET_OutOfBandPrint( NS_SERVER, adr, "heartbeat %s\n", HEARTBEAT_GAME );

Which could be changed to something like:
Quote
NET_OutOfBandPrint( NS_SERVER, adr, "heartbeat %s\n", HEARTBEAT_GAME, "\n", PORT_SERVER );

And of course the code for whatever maintains the master server list would have to be changed.
« Last Edit: September 18, 2007, 09:35:44 pm by mondo1287 » Logged
next_ghost
Half-Nub


Cakes 0
Posts: 76


« Reply #1 on: September 19, 2007, 05:13:24 am »

As I have said here, this change won't do anything unless your router is broken and can't handle NAT properly. Even in that case, it might not work anyway.
Logged
mondo1287
Nub


Cakes 0
Posts: 22


« Reply #2 on: September 19, 2007, 08:38:07 pm »

This should be a problem when running any type of server that uses the Quake III master server model behind a PAT based firewall. (http://en.wikipedia.org/wiki/Port_address_translation)
There probably aren't many people trying to run servers behind a device of this type, but I wouldn't be surprised if manufactures of lower end devices start implementing this.  Even the wrt54g has enough memory and a fast enough processor to implement it, and the number of home internet users with more than just a couple of computers is growing to a point where they may need to use PAT.

I posted a more cohesive explanation here: http://mondotech.blogspot.com/2007/09/patnapt-firewalls-and-quake-iii-servers.html

The code modifications to the server engine are seemingly simple, but the dpmaster source would need modified as well.  I took a quick peek at the dpmaster source, and what is needed will require some intimacy with the code.
« Last Edit: September 19, 2007, 09:26:03 pm by mondo1287 » Logged
sago007
Posts a lot
*

Cakes 62
Posts: 1663


Open Arena Developer


WWW
« Reply #3 on: September 20, 2007, 02:41:59 am »

To summarize, some routers/firewalls, particularly enterprise grade models that support a massive amount of concurrent connections, will modify the source port of outgoing packets to keep each connection on a unique port (Think enterprise with 3000 machines sharing the same firewall). 
I don't like to call it enterprise router. I would like to call it 'home router' as many if not all routers sold to private homes is of that type (imagine 2 or more computers in a single home sharing a cable or xDSL connection).
A real enterprise class firewall could be configured to route the traffic (as it is required for many standard services)

Even the simplest home router uses lots of 'hacks' just to get all the fundamental Internet services to work.

This causes an issue with the master server as it uses the source port of the heartbeat packet to determine the port the server is running on.  If the server is running on port 27960, and the router modifies the source port of the packet to a random port, say port 34000, the master server assumes the server to be running on port 34000. 
This is bad indeed. A program should never expect to control its own source port.

I must admit I'm a little surprised that it works in this way. I thought that sending heartbeats to the master server was handled separately.
Logged

There are nothing offending in my posts.
mondo1287
Nub


Cakes 0
Posts: 22


« Reply #4 on: September 20, 2007, 05:50:54 am »

Some soho/home devices just do NAT and won't change the outgoing source port, which is why a lot of people have trouble trying to play Quake III games online with more than one computer at a time.   Others may only modify the source port if there are two internal addresses trying to reach the same public address on the same port, this is probably the most common.  In the higher end network edge firewall devices (Cisco PIX, Sonicwall, Watchguard, Checkpoint, etc.), you'll find that they modify the source port of everything.  In the much higher end devices, you have the ability to control every aspect of the PAT, and actually resolve the issue at hand. In any case, you're right enterprise is probably a bad word, as it's nothing more than a corporate I.T. buzzword.  I am, however, referring to hardware that you will find at the network edge in any large corporate network, the devices doing the routing out to the internet are usually ahead of these, and you won't find them being used in your grandma's house.  Although, you may find them being used by your average I.T. nerd wanting to run a Quake server. Smiley
« Last Edit: September 20, 2007, 05:53:04 am by mondo1287 » Logged
De@thByBl@st
Half-Nub


Cakes 0
Posts: 67


« Reply #5 on: September 26, 2007, 01:51:27 pm »

 Well, I think the terms "enterprise", "higher end", "network edge", and "large corporate network" are all B.S. buzzwords being used by people trying to sound more important and more knowledgeable than they actually are and I find it interesting that this PAT issue has never been mentioned very much, that tends to lead me to believe that it's more user configuration error than anything else, since so far only a hand full of people have ever reported having this issue.

 Personally, I can't really speak for "enterprise", "higher end", "network edge", and "large corporate networks", but I can say that I have yet to have any issues running any kind of server from any network including numerous ISPs, so admittedly I'm a bit confused about your reported issue and in fact am wondering why I have never had such an issue myself.

 Though it seems logical that the net port specified in the servers configuration should be used.
Logged
beast
Lesser Nub


Cakes 0
Posts: 142



« Reply #6 on: September 27, 2007, 01:08:18 am »

Well, I think the terms "enterprise", "higher end", "network edge", and "large corporate network" are all B.S. buzzwords being used by people trying to sound more important and more knowledgeable than they actually are and I find it interesting that this PAT issue has never been mentioned very much

Just because you don't understand them doesn't mean that you should denigrate someone who uses the terms. There are very few (if any) routers sold to homes that are PAT. These are very real devices, even if you haven't heard of them. Maybe someone else is trying to sound more important and more knowledgeable than they actually are...

Personally, I can't really speak for "enterprise", "higher end", "network edge", and "large corporate networks"

Then don't slam those who can speak for them...

so admittedly I'm a bit confused about your reported issue and in fact am wondering why I have never had such an issue myself.

Do you have a PAT router? If not, you would never have such a problem...

Back off and cut some slack. People come here looking for help, not hostility...
Logged
De@thByBl@st
Half-Nub


Cakes 0
Posts: 67


« Reply #7 on: September 28, 2007, 12:41:46 am »

Well, I think the terms "enterprise", "higher end", "network edge", and "large corporate network" are all B.S. buzzwords being used by people trying to sound more important and more knowledgeable than they actually are and I find it interesting that this PAT issue has never been mentioned very much

Just because you don't understand them doesn't mean that you should denigrate someone who uses the terms. There are very few (if any) routers sold to homes that are PAT. These are very real devices, even if you haven't heard of them. Maybe someone else is trying to sound more important and more knowledgeable than they actually are...

Personally, I can't really speak for "enterprise", "higher end", "network edge", and "large corporate networks"

Then don't slam those who can speak for them...

so admittedly I'm a bit confused about your reported issue and in fact am wondering why I have never had such an issue myself.

Do you have a PAT router? If not, you would never have such a problem...

Back off and cut some slack. People come here looking for help, not hostility...

1. The only hostility I see in this thread is your asinine half ass quoted post.
2. If you had bothered to actually read the full post you quoted you would realize that it's certainly not a lack of understanding loser buzzwords, in fact far from it, which leads us back to 1. ^

 To clarify for you, only losers need to use such buzzwords in my opinion, the rest of us have enough certification, experience and/or degrees or a combination thereof that we don't need to try so hard to look like we know what we are doing, because we do and it's already well documented. Your big bad "enterprise" or "corporate network" pales in comparison to an ISPs network spanning an entire state or country  in one case, with tens of thousands or even hundreds of thousands of users online at any given time, I can assure you.

Now if you don't have a life and your post made it a bit obvious that you don't, try trolling someone that actually gives a damn next time, your insanity may be better appreciated and your argument is bound to last longer.

In short I was somewhat interested in the problem, but now I'm not and in fact now I am convinced that only complete idiots purchase PAT devices.
Logged
beast
Lesser Nub


Cakes 0
Posts: 142



« Reply #8 on: September 28, 2007, 07:49:15 pm »

In short I was somewhat interested in the problem, but now I'm not and in fact now I am convinced that only complete idiots purchase PAT devices.

I am not the one with the problem, I was trying to get help and understanding for the person. So don't call the original person names just because you got your pink panties in a knot... Take a deep breath and realize that the world is not spinning around you. I doubt that anyone really cares whether you are interested or not. (Certainly no one cares if I am interested or not...) The person is just trying to get some help...
« Last Edit: September 29, 2007, 01:26:28 am by beast » Logged
w1zrd
Member


Cakes 2
Posts: 582


Give to life what you expect back


WWW
« Reply #9 on: September 28, 2007, 08:45:21 pm »

Well, I think the terms 'enterprise", 'higher end', 'network edge', and 'large corporate network' are all B.S. buzzwords being used by people trying to sound more important and more knowledgeable than they actually are and I find it interesting that this PAT issue has never been mentioned very much

Why do you use them buzzwords yourself then?
And the buzzword you keep repeating is also a buzzword or rather
Quote from: De@thByBl@st
a loser buzzword
should one wish to think so.

Just because you
Quote from: De@thByBl@st
think the terms 'enterprise', 'higher end', 'network edge', and 'large corporate network' are all B.S. buzzwords
doesn't meant that the rest of the world has to agree. Not very nice to undermine mondo1287 because he used your buzzword terms.

Personally, I can't really speak for "enterprise", "higher end", "network edge", and "large corporate networks"
Then don't, let people with experience of mentioned speak for/against it..

Quote from: De@thByBl@st
in fact am wondering why I have never had such an issue myself.
Maybe because all configurations/devices/routers/enterprises/servers/plastic bags are not the same?

Quote from: De@thByBl@st
Now if you don't have a life and your post made it a bit obvious that you don't, try trolling someone that actually gives a damn next time, your insanity may be better appreciated and your argument is bound to last longer.
Don't make personal insults to people for your own pleasure, doesn't take a college degree to figure that one out.

Quote from: De@thByBl@st
In short I was somewhat interested in the problem, but now I'm not and in fact now I am convinced that only complete idiots purchase PAT devices.
Now that is somewhat uninteresting to read..

In short, I have no idea what the whole issue is about but being rude and impolite isn't going to make you any
Quote
more important
Apologies for my angry post Sad
Logged

'Toto, I've a feeling we're not in Kansas anymore.'


mondo1287
Nub


Cakes 0
Posts: 22


« Reply #10 on: September 28, 2007, 09:32:40 pm »

All drama aside, you won't find a PAT device in use by any ISP or co-location provider.  They don't use any form of NAT.  What you will find is that any company with a large user base has a NAT device that does PAT.  You can't NAT 1000 users behind a single public address with a device that doesn't do PAT.
Logged
dmn_clown
Posts a lot
*

Cakes 1
Posts: 1324


« Reply #11 on: September 28, 2007, 10:53:57 pm »

There are very few (if any) routers sold to homes that are PAT.

Not that it matters, but that is not entirely true, busybox (the firmware used in most of the inexpensive consumer routers) is more than capable of NAT/PAT, though those features are rarely used and in some models you have have to hack the firmware to use PAT.

Other than that, the old usenet phrase comes to mind:  "Don't feed the trolls"
Logged

beast
Lesser Nub


Cakes 0
Posts: 142



« Reply #12 on: September 29, 2007, 01:25:51 am »

Not that it matters, but that is not entirely true, busybox (the firmware used in most of the inexpensive consumer routers) is more than capable of NAT/PAT, though those features are rarely used and in some models you have have to hack the firmware to use PAT.

Since most consumer grade devices that do support PAT (somewhere in the firmware) usually require some sort of hack, I was lazy and said that most don't support it. As you have said, that statement was not entirely true and I stand corrected.
Logged
mondo1287
Nub


Cakes 0
Posts: 22


« Reply #13 on: October 02, 2007, 02:05:30 pm »

I found a solution for the newer Sonicwall devices, too bad the one I have at home can't do it.  They call it Consistent NAT, and basically you can say I want all UDP traffic from this address on this port to this remote address to always use this port.
Logged
De@thByBl@st
Half-Nub


Cakes 0
Posts: 67


« Reply #14 on: October 16, 2007, 03:19:09 am »

I think you guys smoke way too much coffee.

I wasn't putting the op down for his use of these buzzwords, it was more of a statement  that they are highly subjective and rarely relevant (if ever) when discussing such problems, since it doesn't really matter if your sitting at home or at work, the problem is the same.

That being said if the op doesn't care to gain the interest of others in regard to his problem then perhaps it would be more appropriate to keep it under wraps, obviously posting your problem in in Internet forum seeking help contradicts such desires.

In any case the solution is obvious, but I'll let all the "enterprise" experts sort that out, since the op was just posting to hear his/her head rattle, my mistake.
Logged
Pages: [1]
  Print  
 
Jump to: