I’ve just discovered the load balancing & auto scaling functions of AWS EC2, and I immediately put them to use for Wildfire.

love the feature; it scales automatically depending on the amount of activity Wildfire is having.
The servers in the screenshot were created by the auto scaler and not me.

I don’t have to worry about the capacity of Wildfire’s infrastructure either, as the load balancer balances the load out to all running instances equally (this is the main reason I put Wildfire on a full database server rather than SQLite). All instances (at the moment) are t2.micro instances as my account’s under the free tier (so I get 750 hours free per month), but this will probably change as the popularity of Wildfire grows. The main issue here is the financial cost; although auto scaling reduces costs as it only creates new instances on demand, it still costs money.

Restoring & offering online multiplayer services is something that developers/publishers of the games should be paying me for, but I do it for free (note that this doesn’t mean that I don’t accept donations). I have to pay for the server infrastructure & development out of my money & my own free time (not that I don’t enjoy doing it, which I do as Wildfire is an interesting project).

Network Address Translation, or “why the awesome stuff above can’t work”

So, it turns out the above doesn’t work, all because of a little thing called Network address Translation (NAT, for short).

NAT is what’s used to translate your public IP address into your LAN IP address, and vice versa. For your router to route incoming packets to your computer it needs to be able to match the packet somehow to your computer- when your computer sends a packet to a server on the Internet, the router needs to strip out certain data such as the local IP address and replace it with the router’s public IP address. When this happens your router also inserts a unique packet ID into the packet’s frame, other identifying information such as your computer’s MAC address is removed- when the server responds it provides the same packet ID so your router can recognise it and send it to only your computer.

A good thing to note is that this happens with both TCP and UDP, but not a UDP broadcast (a UDP broadcast is sent to all devices on a LAN, it’s how software can automatically and instantly find another compatible piece of software on the network, a good example of this is a LAN game server and game).
According to Gustavo Diel (Crysis Wars Connector co-developer), this is why hosting a Crysis Wars server on a home connection isn’t possible without port forwarding.

“why’s this a problem?” you ask. Well, the problem with this is that while it works incredibly well for residential and some business networks, it falls flat on its face where hosting services is concerned. As discussed earlier NAT works by using unique packet IDs so responses can be matched up to the correct computer inside the network, any packets that don’t correspond to these unique IDs are ignored.

Client server networks work by the server offering a service, but where the client initiates the connection (this is why the end initiating the connection is always referred to as the client). While a service such as a game server may be able to advertise that it exists by connecting to a master server (such as Wildfire), clients will not be able to reach it if it is behind a router as the packets sent to the server will not match anything the router has sent and will be discarded as a result.

Guess what load balancers are? Just routers with some fancy software that lets them decide which server to send a packet to. Hardware load balancers do have the ability to send a new connection to a server behind it appropriately, but software load balancers (such as what AWS uses) do not. This is where the problem lies.

Dedicated servers often connect to the Internet almost directly (with the server itself having a public IP address) and this is why NAT is not an issue with dedicated servers (NAT does not exist and does not need to exist here), but is with residential Internet connections.

No responses yet

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.