Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
noprof2015-04-21 12:34:17
iptables
noprof, 2015-04-21 12:34:17

How to make gre tunnels as proxy for MMORPG project (details inside)?

Hello!
Given:
game server:
IP: 1.1.1.1,
tcp game emulator ports: 1000, 2000
Access to the game server from the outside should not be present. Only through proxy servers (about them below).
The game server is hosted on a machine with 1 IP
Proxy Servers:
Servers that will act as proxies (to reduce latency in the game by using a connection to them, instead of connecting directly to the game server).

  1. IP: 2.2.2.2
  2. IP: 3.3.3.3
  3. IP: 4.4.4.4
  4. IP: 5.5.5.5
Task
It is necessary to do the following as in the image:
wXG1Qxh.png
In other words, organize proxy servers in different parts of the world with different IP addresses. If a player selects a proxy server, then he connects to the main server through a proxy server, while he retains his real IP. + The game server should not glow anywhere (IP address of the game server).
Important
I am learning to master networks. I need your help.
If someone understands this, then I am ready to sponsor you beer (on webmoney) for providing me with detailed information on how to do this in teams, and preferably with documentation of what and why, so that there would be at least some understanding.
PS I tried to organize a GRE tunnel, everything seems to be fine, but now I'm stupid about how to add more tunnels to the main server with a proxy.
PPS , the question still arises with tunnels, namely, which IP address should the server be connected to (there is a login in the game server, and the game server: ports 1000, 2000). if I set the ip address of the game server (1.1.1.1), then the player after the server login will connect to the game server to the ip address 1.1.1.1, and not through a proxy. (when viewed through a firewall on a PC).
Thank you in general! Hope for help

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
Z
zorruch, 2015-04-21
@zorruch

Are both servers running Linux? (I just haven't seen MMORPG servers not on Windows)
GRE tunnel is not encrypted, if it suits you - then ok.
I understood the proposed scheme, but could not understand what is not working for you.
In short, in my view, the scheme of work should look like this:
1) the client is given the ip of the proxy server for the connection.
2) DNAT is configured on the proxy server towards the game server (which goes through GRE) and SNAT so that responses from the game server go through the proxy, otherwise the server will respond from its ip and will not work.
Actually, the GRE tunnel in your case is not necessary, because DNAT can be done immediately to the external address of the game server interface and access can be killed only on a white sheet (list of proxy servers)

Report
V
Vlad Zhivotnev, 2015-04-21
@inkvizitor68sl

It's better to do this - https://debian.pro/1578
Each of the proxies will need 2 IP addresses (one of which will go to the main server).
Otherwise, you will suffer with NAT/DNAT.

Similar questions
V
Vladimir Solovyov2015-02-06 06:21:47
iptables. What are the required icmp-types? 1Reply
A
AliasNameless2019-07-10 10:04:59
How to change iptables rule? 2Reply
C
C_hard2019-07-19 13:28:14
How to put PREROUTING iptables through a filter? 3Reply
X
x-tropic2017-02-28 14:20:51
How to prevent VPN clients from accessing the Internet, leaving access only to a given ip (or domain)? 1Reply
T
Taurus2017-03-16 18:52:36
How to configure the host so that the IP of the Openvz container is determined correctly? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question