Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Making server public with Dynamic IP behind NAT (hosted on 2 machines)

Newbie Spellweaver
Joined
Jul 24, 2008
Messages
16
Reaction score
0
Re: [Tutorial]Making server public with Dynamic IP behind NAT (hosted on 2 machines)

same error c9
 
Newbie Spellweaver
Joined
Feb 12, 2012
Messages
29
Reaction score
1
Re: [Tutorial]Making server public with Dynamic IP behind NAT (hosted on 2 machines)

thats not work
 
Initiate Mage
Joined
May 11, 2014
Messages
1
Reaction score
0
Hello guys,

like most of you I was experiencing the same C9.Error.
A friend of mine and me we invested hours of experiencing the reason.
We sniffered the network traffic (IPs and Ports, used by the Server) and found out the following:

As you all know, to make the VSRO Files 1.188 run you have to enter the local (private) IP address (such as 192.168.*.*) in the certification files, the server config file, the smc config file and to spoof it into the SR_GameServer.exe, AgentServer.exe and the MachineManager.exe in order to make all executables able tu run properly.

Local test:
I'm using the EDXLoader6 for starting my game client. So I entered there my local IP and the TCP-port 15779 (Default of the Gateway Server) - Everything is fine, game client starts.
When you enter your user information, then the connection to port 15779 gets cancelled and a new connection to TCP-port 15884 (Default for the AgentServer) estalishes. - Everything's fine, the game runs in the local network

Public test:
When you repeat the process with you public IP (could be found out by for example) you will see, that the first connection to the Gateway Server works perfect (in case you have port forwarding from outbound interface to your VSRO-Server port 15779 configured).
But when you enter your user credentials, I guess the GatewayServer tells your client to establish his next connection on TCP-port 15884 with his private IP (so his 192.168.*.*). This cannot work, since your router wants to find this ip inside of your private subnet, where of course there is no VSRO-Server...
I tried to force sro_client.exe to use the public IP of the Server host as well as for the Gateway as for the Agent Server with the propper ports, but sro_client.exe simply ignores it and I receive C9.Error again after entering user credentials.

Maybe my loader is poop, maybe my server. I don't know.

Here my workaround:
I am running here an Astaro Security Gateway 220 (Rev. 4) which is an extremely performant Router/Gateway/Firewall.
It offers you to create your own VPN-Tunnels.
With this it is possible for me to host my server, distribute my VPN-Software and have no problems with idiotic casted IPs...
Here is my ovpn configuration file (with a few ***s)
This should explain, how you could configure your VPN if you decide for the same method (This config file can be used with OpenVPN-Servers after you have made your adjustments). Btw I am using the DNS suffix ddns.net provided by

ip-win32 dynamic
client
dev tun
proto tcp
remote ***.ddns.net 443
tls-remote "C=***, L=***, O=***, CN=***, emailAddress=***"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
ca ***.ca.crt
cert ***.user.crt
key ***.user.key
auth-user-pass
cipher AES-256-CBC
auth SHA512
comp-lzo
route-delay 4
verb 3
reneg-sec 0

I hope maybe I could help you with your server issues or give you at least a small exitation, why you have this Error.
 

SIM

Newbie Spellweaver
Joined
Aug 22, 2014
Messages
15
Reaction score
20
Try setup a loop-back adapter and put there your WAN IP.
 
Initiate Mage
Joined
May 24, 2013
Messages
3
Reaction score
0
I dont get how this should work if you just have 1 public IP. Like ProtoAqua already mentioned, the Gatewayserver is Acknowledging and reseting the connection(to the gatewayserver) after logging in and says the next destination is the Agent with his ip and the given port.

Nice if the ip is private.

Sure, you can setup your Gameserver with your public IP, even is it just a virtual host (just nat the incoming traffic, with the specified Ports, to the private network and Masquerade the outgoing traffic of your private network with the public ip of your vm host).

Setup also a loopback Adapter with the public ip, so the cert still runs on the host, and make sure the agent, machine and gameserver service have also the public IP spoofed. But with this Config you just cant setup another gameserver.

The 2nd machine, agent and Gamserver service would also have the public ip configured, they would send a request to the first machine (public ip -> nat -> private ip) the first machine would try to answer the public ip ... and ends in the loopback.
GG.
It would be just Ducking easy if the configuration would give the Option for a WAN - IP and a LAN - IP to accept. Its really annoying.
 
Retired
Joined
Oct 28, 2013
Messages
536
Reaction score
103
I dont get how this should work if you just have 1 public IP. Like ProtoAqua already mentioned, the Gatewayserver is Acknowledging and reseting the connection(to the gatewayserver) after logging in and says the next destination is the Agent with his ip and the given port.

Nice if the ip is private.

Sure, you can setup your Gameserver with your public IP, even is it just a virtual host (just nat the incoming traffic, with the specified Ports, to the private network and Masquerade the outgoing traffic of your private network with the public ip of your vm host).

Setup also a loopback Adapter with the public ip, so the cert still runs on the host, and make sure the agent, machine and gameserver service have also the public IP spoofed. But with this Config you just cant setup another gameserver.

The 2nd machine, agent and Gamserver service would also have the public ip configured, they would send a request to the first machine (public ip -> nat -> private ip) the first machine would try to answer the public ip ... and ends in the loopback.
GG.
It would be just Ducking easy if the configuration would give the Option for a WAN - IP and a LAN - IP to accept. Its really annoying.
There isn't such thing like "Private IP".

Lemme elaborate this a bit.

Dynamic IP address: An always fixed time/date where your ISP needs to reset your router's DHCP. You can request a Static IP address, if you want to. Advantage: privacy, only the police, in cooperation with your ISP, would be able to track you down, if you caused any crime in the past, but none of the usual or wanna be hackers out there will be able to track you down. Disadvantage: hosting stuff might become a pain in the arse (daily IP refreshing and fetching).

Static IP address (mistaken here by "private" IP): A fixed IP address for ever, unless you switch back to a dynamical address. Advantages: A fixed address has its good purpose for hosting, in terms of clouds, dedicated servers, webservers/websites. You could even host your own webserver with your custom URL without paying any provider! Disadvantage: privacy gets a big hit by that, if not taken care of.

Best choice is still yet the dynamical IP parsing in combination of dynDNS OR DNS providers.
If you own a proper router, which is able to parse and fetch Dyn-/DNS hoster information to the router itself, then you are able to host quite as usual as you would do it with a static IP address.
I did this kind of hosting 6 years ago for a total of 2 years and had no issues with so called "GS, shard, certification"-connection issues or misfunctions nor had to set up anything for the server (loopbacks, redirections, etc).

And you don't need to have a second machine to host a second public server on the same hosting rig.
Nw7L7BE - Making server public with Dynamic IP behind NAT (hosted on 2 machines) - RaGEZONE Forums

And that was just before hooking up the necessary modules on the same machine. 1 of 2 options.
1.) Hosting rig + VM machine
2.) Hosting rig with modified module parameters
 

Attachments

You must be registered for see attachments list
Last edited:
Initiate Mage
Joined
May 24, 2013
Messages
3
Reaction score
0
Thx for the nice answer.

May I've got misunterstood. The Nating goes by a linux server. The Problem was that the Client got the Private Adress, of the Agent Server, from the Gateway Server as next destination, the adress of the LAN, in other words, behind the router. That's the Private IP. So the connection couldnt establish. The Public IP is static, no problem here. Im not sure if this is a problem with the vsro Server Files neither if it is a problem with the netfilter Framework in the iptables from linux.

The current work arround is the setup of the supermike proxy, and to spoof everything as the public ip.

But srsly, thanks for the advice :)
 
Newbie Spellweaver
Joined
Jun 25, 2014
Messages
5
Reaction score
0
C9 Problem in Another Player ? and error in agent Token timedout ?
 
Back
Top