Heroes of newerth chat server connection problem trough pfsense
-
Hi everyone. I'm having issue with the online game played by many in my network. I'm still new to pfsense please any help will be appreciated.
The pfsense in my network is a new server bulit a few days ago. i manage to mindle around with it for a few days now. in my network we have 3 internet line (adsl). The pfsense is to manage the 3 internet connection in such 2 internet connection are load balanced for browsing and the another one for online game purposes.
the current pfsense server is still under testing stage and so all the network are in the same 192.168.1.xxx /24 including all 3 modems, wan, opt1 and opt2. all wan, opt1 and opt2 have the gateway to each respecting adsl connection accordingly.
the 3 modem are at
192.168.1.251/252/254the wan,opt1,opt2 are at
192.168.1.11/12/13pfsense resides on LAN at 192.168.1.1
my first setting is to set the load balancer
at gateway 251 and 252 and name it BothAdsl
and i change the firewall default LAN rule given by newly install pfsense part gateway to point to "BothAdsl"
when i visit www.whatismyip.com my ip changes if i refresh the page to the 2 ADSL line given ip.next i set the port needed for the online game :-
In the pfsense server, i also install the squid3 as a proxy service for my network. not too sure if this affects my problem.
Game Problem-
the problem on the online game (Heroes of newerth) only effects on the connection to the chatserver side port 10031 TCP. Overall the game play have no problem. game can be played normally, problem happens on the in game chat service. its just that the chat server connects and disconnects to a point my friend got annoyed.
below are a few things that i print-screen to investigate with time stamp. (note that the pc i'm on resides on the ip of 192.168.1.117)
this image says dc around time 13:13 to 13:16
this picture says something about when the game connected to the chat server at port 10031
this is the firewall log taken from pfsense. the arrow is the time 192.168.1.117 gets connect or dc… (i dono how to read maybe dc)please note that if the client pc's gateway point directly to one of the ADSL this problem dont exist
and
Client pc connect trough pfsense playing the same game disconnect differently and randomly...i did try the same setting and apply it on one of the ADSL's firewall and no problem happen and client connect trough the particular gateway ADSL can play the game but not other online game as the port are not open.
if this problem can be fix trough "Manual Outbound NAT rule generation (Advanced Outbound NAT (AON))" can you tell me how to i put this? i'm abit confuse how does this AON works.
can anyone share some light on what i can do to fix this?
p/s sorry about the over size pictures...
-
Garena Messenger (currently used only for Hon) uses port 80 as well in the authentication phase. The custom ports (for Garena) are used only for tunnelling gameplay data. This could be an issue since the server doesn't expect your client that established a connection on the load-balancer to use another IP for gameplay.
Perhaps you can use netlimiter or some other similar software on the PC to force Garena/ Hon to only use a specific gateway (this way, your regular browser traffic gets load-balanced but the game doesn't). -
ok… didnt see that coming... i tought that the garena manager and Hon inside Garena are seperate. i'll go download Netlimiter and try my best to fix this.
i'll stick to this post and update my progress.thanks mate!
-
ok… didnt see that coming... i tought that the garena manager and Hon inside Garena are seperate. i'll go download Netlimiter and try my best to fix this.
i'll stick to this post and update my progress.thanks mate!
No problem. On a side note, Garena (used for Warcraft III and Left 4 Dead etc) is separate from Garena Messenger (used solely for Hon). However, there are future plans to port everything to ride on Garena Messenger instead.
I'll make some feedback to the technical team to see if it is possible to allow custom port settings on he Messenger much like how Garena works (uses TCP/ UDP custom ports for login but HTTP purely for web/ ads in the program) but there is no guarantee that it will happen. -
No problem. On a side note, Garena (used for Warcraft III and Left 4 Dead etc) is separate from Garena Messenger (used solely for Hon). However, there are future plans to port everything to ride on Garena Messenger instead.
I'll make some feedback to the technical team to see if it is possible to allow custom port settings on he Messenger much like how Garena works (uses TCP/ UDP custom ports for login but HTTP purely for web/ ads in the program) but there is no guarantee that it will happen.Hope it will go trough… i don't see that its complicated for them to add another port to listen on the authentication phase else than port 80. it will saves us a lot of problem from the beginning and it should be different.
about the netlimiter i've downloaded it... install it... but i really don't know how to add a rule to netlimiter to change the gateway of a given application. all i see is to limit speed. help appreciated...
-
Hope it will go trough… i don't see that its complicated for them to add another port to listen on the authentication phase else than port 80. it will saves us a lot of problem from the beginning and it should be different.
about the netlimiter i've downloaded it... install it... but i really don't know how to add a rule to netlimiter to change the gateway of a given application. all i see is to limit speed. help appreciated...
I hope so too. Otherwise, it'll be a big headache for me to settle the NAT for the clients.
You don't happen to be using the Lite version of Netlimiter, are you?
Another 'free' method would be to use VPN. VPN into the pfsense where you can set rules to force each different client onto a specific gateway. That way, when you're gaming, you establish a VPN connection first then launch the game. Otherwise, you'll use the default routing into the loadbalance group.
-
ok… here's a weird fix that stop the "disconnected from chat server" problem. in my case what you can see in my setting... i just change the rule in port 11031 TCP (the hon chat server) to default gateway. at this point its weird because the game server port 11100-11500 UDP will pass trough gateway 192.168.1.254 and the port for chatserver 11031 TCP will go trough gateway default which is 192.168.1.251 set in wan link. the game works fine and the log seems to be clean and not much of port 11031 log problem.
what i found out is that if i use the firewall rule to force port 11031 to go trough gateway 192.168.254. my firewall log will have a lot of port 11031 block by default ending with TCP:P / F / A... and game seems to DC almost every 3 minutes. i did try to play around with the firewall rule under "Advance option" -> state timeout in second of 24 hours(in second) and the game will dc from chatserver longer than before this setting is applied.
if i dont do any loadbalancing in pfsense and leave the game to go trough the default port. no problem in firewall log with any port 11031 get to log.
that's where i try to leave the tcp port 11031 to go through default gateway. and it seems to fix it.
i guess the game server will log your ip in its table for the game purposes and the chat server will have a separate table of its own to log ip. it makes sense if we see theses servers as a separate objects in the network world (obviously they have different ip) and they works differently. one is for the whole game where it will receive mouse clicks, keyboard short cut and in game chat system and all of this are recorded and can be played in the replay links. and the other one is just the chat server the IRC for the client and some more advance command where you can follow or join game.
as for garena messenger. when you login garena messenger click on hon game, garena will send and update the config of the game where the game will auto log you when the game runs. and after the game runs. you can kill the garena. and nothing happens.
now i have different problem... sometime during in game... my character will run back to fountain and then DC... :-( this is bad... have you got this kind of problem?