DDOS issues
-
So, some possible suggestions:
- Use of VPN's to connect each client. This should reduce most of the attacks. Obviously changes to the existing network code should also scale to something a little larger than 16 players, but ROME wasn't built in a day as they say.
- Issue keys to people for play. This can be automated at connection time, and tied to a persons phone. So a Phone or a FOB will be required. Fobs are pretty cheap, and Phones, well will require someone to write an app.
- Charge to play. Doesn't have to be a lot, but something to cover the infrastructure costs of hosting the infrastructure to do the above, which will be complex.
- You will need a team, probably of 2 people, one to write the network code and the other to write the client/app software for the phones.
- Development time would probably work out to around 15-20 months if you had two guys working full time.
From what I have seen so far the requirements do not seem to be too onerous, so start a kickstart campaign to get about 500K to get the ball rolling. I mean if Star Citizen can produce basically nothing for hundreds of millions, it shouldn't be too hard to get a half a million from somewhere for new infrastructure and code for the game.
I would really like FAF too succeed. Mainly due to the fact it brings back memories.
This other is because I like to see PitViperX get microwaved to the face.
-
Sorry to say that but reading this made my jaw drop. What are you talking about? Using a vpn is widely known in FAF player base
why don´t you explain for which reasons it could be or it could NOT be a good idea to use a VPN instead (DDoS Protection obviously, but there are connection issues when people use terribly slow VPNs and OR with restrictions).
Also, not everyone wants to own a phone these days (that is why people are usually on a computer for work-related things) binding a FAF Client to a phone is very likely something most people don´t need. Its not like sensitive e-Mails etc.
Why charge to play for an old cheap game that has a (comparatively small (but cool ;)) player base?? This might work in games like WoW to bind players to the game since they had already invested much money to play. FAF has a patreon https://www.patreon.com/faf to cover payments for the infrastructure for now. Read here for more info: https://faforever.com/donation
FAForever is a non-profit project from the SupCom Community - cool and knowledgable people put much of their own free time into this. Saying they should be 1-2 full-time workers sounds crazy dude. And crowd-funding a game that old and that small at 500k cash dude wtf? xD
-
WebRTC relay servers are basically providing the same protection as a VPN for our use case. However we have technical software issues forcing all clients to pass through to relay server. The attempt to do so made connections overall worse and we have no clue why.
FAF will never raise relevant amounts money via crowdfunding, the community is way to small. Star Citizen makes money out of big promises for something people can't get anywhere else.
-
-
@Brutus5000
Just read the big Post JIP made about the DDOS Issue. Very sad to hear that the situation seems this dire. On the topic:
From what I read the biggest Problems right now is individual Players being targeted directly while in game, possible by the exposed IP address due to the P2P architecture.
Is the IP only exposed when launching the lobby or can it already be apprehended via the FAF client/ the IRC chat?
When it is only once a lobby has been joined, have there been attempts at tracing the malicious accounts? It might be possible to derive a pattern if each lobby join is logged and if it is possible to log whether a game has been affected by a DOS attack or not.Has this approach already been considered? It would still be a cat and mouse game but might be able to mitigate the current issue.
-
As far as we know players ips get only exposed when joining lobbies.
Apart from that I can't get into detail of our detection patterns.
-
So sorry, if I irritated anyone.
I won't speak of it again.
Good Luck with the game.
-
@Brutus5000
Switch relay server to https://www.ovhcloud.com/en/security/game-ddos-protection/ or something like that which should be more ddos-proof. As for worse connection through relay server check if the relay is properly handling PMTUD and check for buffer bloat and try to fix that.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login