Current connection problems (Preferred Coturns for ICE)
-
Playing is currently not possible. Connections are not established or you get a timeout or players randomly lose the connection in the game.
I am aware of the DDoS problem, but could the person responsible deactivate all “coturn servers” except for “US East” to see if it gets better?
There were a lot of connection problems some time ago and the Germany 1 was probably crashed / out of memory error.
Would suggest a test without coturn servers, but after my tests some time ago, it seems to need at least one coturn server, otherwise no connections can be established in general.
It can't get any worse than it currently is.
Thanks.
-
Btw: Practicing the weeks where “Global” didn't exist, I usually had very good connections and hardly any problems while playing.
-
US East has the same problems as all other coturns. We tried a very long test set yesterday.
Our self hosted coturns are less reliable than using 3rd party ones. But much worse: the ice adapter (more precise the underlying library) is much more often failing to provide the important self-reflexive and relay candidates than 3rd party browser Turn test apps.
The relay is not needed that often, but if you don't get s self reflexive candidate (aka your own public ip) no connection can be made at all.
Why did it work in the past? We don't know. We use the same ice4j as in the past. We use the same coturn and even tried alternative tools like eturnal yesterday with the same results (even tried different linux distros and a different hoster).
-
-
Thanks for the feedback.
"US East has the same problems as all other coturns. We tried a very long test set yesterday."
My idea behind this was to have only one coturn server running, so that all traffic goes through it and other factors such as faulty coturn servers can be excluded.
US East has (at least with AWS) the best connection worldwide to Asia (Australia) <-> xxxUS Eastxxx <-> Europe. A compromise, so to speak, if only one coturn server were online."Our self hosted coturns are less reliable than using 3rd party ones. But much worse: the ice adapter (more precise the underlying library) is much more often failing to provide the important self-reflexive and relay candidates than 3rd party browser Turn test apps."
Are they all self-hosted except for GLOBAL? So the servers at Hetzner like Germany 1 or Finland?
Or am I misunderstanding something here and it was an internal test where players had no access to it?
"The relay is not needed that often, but if you don't get s self reflexive candidate (aka your own public ip) no connection can be made at all."
During a test (as host -> lobby) I once tried to block all coturn server connections locally (firewall), so that players can only connect directly to me, to roughly understand how much delay / lag / connection problems coturn servers generate.
Couldn't do this though, as once I blocked all coturn servers, I couldn't create a lobby or join other lobbies (tried this several times and with very few players in them to exclude any existing coturn server connections).
I wonder if this is a bug in the software and it is never assumed here that there are simply no coturn servers?Btw: No match worked yesterday. But since the coturn servers Finland is no longer in the list (off?), it works quite well.
Unless you have optimized it and that has made it better.
I cannot recommend Hetzner for DDoS protection.
I have personally had the best experience with OVH.
At OVH you can also write to the support if you get an attack, they look at it and have optimized the filters at that time (at least that was the case a few years ago). -
@Sturmgewehr said in Current connection problems (Preferred Coturns for ICE):
Are they all self-hosted except for GLOBAL? So the servers at Hetzner like Germany 1 or Finland?
Yes. All coturn servers except global are self hosted. Global can be either Xirsys or Cloudflare depending on our configuration right now.
@Sturmgewehr said in Current connection problems (Preferred Coturns for ICE):
During a test (as host -> lobby) I once tried to block all coturn server connections locally (firewall), so that players can only connect directly to me, to roughly understand how much delay / lag / connection problems coturn servers generate.
Couldn't do this though, as once I blocked all coturn servers, I couldn't create a lobby or join other lobbies (tried this several times and with very few players in them to exclude any existing coturn server connections).
I wonder if this is a bug in the software and it is never assumed here that there are simply no coturn servers?Yes, blocking all coturns for FAF is not a smart move
The ICE protocol requires coturn. If you block all coturns the ICE adapter can only gather your local ip addresses. Since everybody uses a router in between, this will never reveal your public ip to others. And even if it could, it would still be required for hole-punching (you send data out on the port, so your firewall accepts incoming traffic on that port).Btw: No match worked yesterday. But since the coturn servers Finland is no longer in the list (off?), it works quite well.
Coincidence.
I cannot recommend Hetzner for DDoS protection.
Yes I am quite pissed at Hetzner right now. It's not just their lack of DDoS handlng, is also there basically useless hardware firewall setup from the 90s. You can setup exactly 10 rules and each rule only takes on ip-range. That is not even sufficient to whitelist all cloudflare ip addresses.
I have personally had the best experience with OVH.
FAF used to run on OVH at the very beginning. It was very unreliable. Also we are talking about the one company that had a whole datacenter burn down so far.
Hetzner has incredible good pricing for dedicated machines. But the rest slowly goes to shit.
