More connection issue - but something seems to be off

Personne · 3 Dec 2024, 05:55

FAF is still experiencing some connection issues, as I believe every one is aware, so just out of curiosity did start doing some troubleshooting. And found this oddity:

in the advanced-ice-adapter.log file, I found this beautiful JSON

19:33:03.408 [JJsonPeer] INFO  c.f.i.r.RPCHandler - IceMsg received {"srcId":172610,"destId":21539,"password":"2bp0phl4ge89lh5os1bf27t8i3","ufrag":"be8on1hoo834s9","candidates":[{"foundation":"1","protocol":"udp","priority":2130706431,"ip":"25.14.85.199","port":6519,"type":"HOST_CANDIDATE","generation":0,"id":"50","relAddr":null,"relPort":0},{"foundation":"2","protocol":"udp","priority":2130706431,"ip":"10.0.0.63","port":6519,"type":"HOST_CANDIDATE","generation":0,"id":"51","relAddr":null,"relPort":0},{"foundation":"3","protocol":"udp","priority":1677724415,"ip":"73.157.8.80","port":6519,"type":"SERVER_REFLEXIVE_CANDIDATE","generation":0,"id":"52","relAddr":"10.0.0.63","relPort":6519},{"foundation":"4","protocol":"udp","priority":2815,"ip":"5.161.127.50","port":10622,"type":"RELAYED_CANDIDATE","generation":0,"id":"53","relAddr":"73.157.8.80","relPort":6519},{"foundation":"6","protocol":"udp","priority":2815,"ip":"104.248.242.8","port":55374,"type":"RELAYED_CANDIDATE","generation":0,"id":"54","relAddr":"73.157.8.80","relPort":6519},{"foundation":"6","protocol":"udp","priority":2815,"ip":"104.248.242.8","port":59887,"type":"RELAYED_CANDIDATE","generation":0,"id":"55","relAddr":"73.157.8.80","relPort":6519}]}

If you look at it you will find an IP of 10.0.0.63 (RFC 1918), non-routable IP, why is that ? What is the point ?

If I parse the same log a bit further, I see a lot of connection also to RFC 1918 IP which one more time does not make sense: 192.168.1.100 is my local IP, I would understand this one, but why so many others !

I also run some connectivity test to forcing to some other coturn server, If I select Finland or Germany I cannot connect to any game. I did not find any obvious issue on the Finnish server, but it seems that the German network is having some issue

Here is traceroute:

Sheikah · 12 Mar 2024, 07:03

What you are showing there is the candidate message. This message serves as one of the initial messages to other players to let them know where it may be possible to connect to you. I believe all those ips you are showing are host candidate messages which makes sense.

The ice adapter looks for candidates using all of your network interfaces so if you have multiple local interfaces these will all pop up in the candidates message.

Brutus5000 · 12 Mar 2024, 13:24

Also why would we exclude private networks? There are people playing over LAN.

Personne · 12 Mar 2024, 15:22

@brutus5000

I do not make sense for an internet connection to reach out to a 10.x.x.x network as it is non - routable. Even though why would a HOST candidate be on a fix IP of 10.0.0.63 ?

Something is off that is for sure.

Brutus5000 · 12 Mar 2024, 16:40

I don't understand your problem. If 2 people play over LAN they are still running through the ice adapter.

Line 3 shows your external address retrieved via STUN. The rel address is just metadata and not used for connecting (I guess it just picked a random local ip)

Personne · 12 Mar 2024, 17:30

@brutus5000

You have information I do not have, that is a fact. I'm just trying to help.

If you refer to line 3 with the IP of 73.157.8.80 as my public IP -> is it not. But this is not the problem.

The Rel 10.0.0.63 IP is a non-routable IP, therefore only used on internal network, and indeed maybe used by LAN players anyhow 1 question:

Why does this IP is even trying to be accessed, as 1) it is not a public IP 2) None of my computers are in the 10.0.0.0/8 block.

On the other ends, when assigning the coturn to Finland or Germany, I cannot connect to any games - even with all FW remove from the network. Are these 2 coturn being hammered with DDDOS 24/7 ?

Brutus5000 · 12 Mar 2024, 19:56

Host candidates are all candidates "harvested" from your network interfaces - virtual or physical. So a 10.x.x.x address or 172.x.x.x appearing that you don't know could be a virtual machine network adapter or a docker network. Other ip addresses could stem from VPNs or other network services (Hamachi, ...)
Server relexive is the ip address a coturn server sees when you connect to it. If 73.157.8.80 is not your public ip, there indeed is a problem. Are you sitting in front of a proxy maybe? What does https://ifconfig.me show as IP?
Relayed candidates are basically the ip addresses of the Coturn servers that offer TURN traffic proxying,

And yes basically all our self-hosted coturn servers get DDoS hammered as soon as we publish the ip.
Global is a 3rd party service that cannot be ddosed.