Gameserver MultiIps is that possible?

[gmakhs]

If you want to receive support we need this info to help you properly.
» Find Revision



hello i had an idea today but since im not able to test it i will ask it as question.

server in config have the option to use with * all aviable ips so this means if my computer have 4 ip's the server will be accesable from all of them ? if yes is possible to connect players from diferent ip's right ? is possible to use a whole subnet therE?

If thats possible and the hosts file can accept subnet then we can have a server working with multiple ips on the same machine . if thats possible we could defend against ddos attack by just null route one ip and then the players will connect again from the next one .

is that even possible ?

[UnAfraid]

What makes you think ddoser wont kill the other ips as well?
Its possible u can define that through ipconfig.xml manually or leave server to configure them automaticly

[gmakhs]

normally udp flooders are able to attack 1 ip per time so by using a company (don't know if it is advertise so i don't put name here) tha null routes the ip with hardware when the attack happens you can avoid the server crash and save some time from downtimes.
And players will be able to login again even if the server is under attack




P.S the company auto restore ip when the attack stop so if you have like 10 -20 -64 ips (they are cheap ) you can have a cheap way to protect from attacks

[UnAfraid]

so if you have like 10 -20 -64 ips (they are cheap ) you can have a cheap way to protect from attacks

Yeah and RIPE said the same

[gmakhs]

must be something liek this or ?

Code: Select all

<?xml version="1.0" encoding="UTF-8"?><!-- Note: If file is named "ipconfig.xml" this data will be used as network configuration, otherwise server will configure it automatically! --><!-- Externalhost here (Internet IP) or Localhost IP for local test --><gameserver address="127.0.0.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <gameserver address="127.0.0.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <gameserver address="127.0.0.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../data/xsd/ipconfig.xsd">    <!-- Localhost here -->    <define subnet="127.0.0.0/8" address="127.0.0.1" />    <!-- Internalhosts here (LANs IPs) -->    <define subnet="10.0.0.0/8" address="10.0.0.0" />    <define subnet="172.16.0.0/19" address="172.16.0.0" />    <define subnet="192.168.0.0/16" address="192.168.0.0" /></gameserver>

[UnAfraid]

no u cannot multiply that element.
You can just simply re-route players lets say 10.0.0.0/12 (10.0.*.*) will connect through 10.0.0.2
But u cannot make game server to send ppl to different ips just like that.

[gmakhs]

yes bit if i re - route on if they netstat they will see the real ip or the ip they used when routed ?

[gmakhs]

no u cannot multiply that element.
You can just simply re-route players lets say 10.0.0.0/12 (10.0.*.*) will connect through 10.0.0.2
But u cannot make game server to send ppl to different ips just like that.

yes but when they logged into the server they will be able to see with netstat the main ip (the one that server uses ) and attack this one so re-route doesn't help us here

[UnAfraid]

Yes you gotta make login server to randomly attach players according to list of ips.

[^pan0s^]

You can configure your server to listen to all interfaces (the * option) and configure your ips xml to accept connections from all the IPs your machine has assigned.

After that is done, make your clients to connect to a hostname (eg. l2.yourserver.com).

After that is done too you can make it work with extremely low DNS TTL values (if you own your dns server you know how to do it, if not ask your provider to do so). With the low DNS TTLs you prevent dns resolvers (at least the ones that are well configured and follow standards) to cache the ip for a long time. (make it smth like 30 seconds)

You get DDosed, the ip gets null routed and players disconnected, you update the DNS record of the domain to another IP of your machine and after 30s (DNS TTL) clients start connecting from the other IP.

You can take that scheme even further by configuring your dns servers to load balance dns requests over all the ips you have so when one IP gets DDosed not ALL the players get disconnected, but thats gonna be a long talk of how to do it.

Hope i helped. (Melancholy, you know who i am)