Forums

Stories

Knowledge Base

Business Community > Switches > SOLVED - ACL Issue - Losing connection to dedicated server

< Switches

SOLVED - ACL Issue - Losing connection to dedicated server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

SOLVED - ACL Issue - Losing connection to dedicated server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ss1gohan13

LV1

2023-09-10 04:02:49 - last edited 2023-09-11 22:22:33

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

SOLVED - ACL Issue - Losing connection to dedicated server

2023-09-10 04:02:49 - last edited 2023-09-11 22:22:33

Tags: #VLAN & Multi-Networks #Switch ACL

Model: TL-SG2428P

Hardware Version: V5

Firmware Version: 5.0.5

Evening all,

I'm having an issue with (continuous) network communication to a DMZ network I have setup for dedicated gaming servers.

Here is a brief summary:

VLAN 1: 192.168.0.0/24

VLAN30: 192.168.30.0/24

VLAN40: 192.168.40.0/24

DMZ: 10.0.200.0/24

I have setup an ACL to deny the DMZ network to communicate to any of the other VLANs setup.

Now the issue I have:
At the end of a game (KillingFloor 2 in this instance) The game will come to end (either by loss or victory) and the game will just hang. If I disable the ACL rule I setup at the time of game end, the game will pick up the change/loss of the game and move on. If this is not done, the server will simply time out and I will have to rejoin the server.

When I join the game, it appears that I am joining from my external IP address.

EDIT: Question, would mDNS have any resoultion?

1 Accepted Solution

ss1gohan13

LV1

2023-09-11 22:21:39 - last edited 2023-09-11 23:56:19

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

Re:ACL Issue - Losing connection to dedicated server-Solution

2023-09-11 22:21:39 - last edited 2023-09-11 23:56:19

UPDATE FOR ALL:

So my dedicated game server I am running appears to do a DNS query at end of game to signal that the game is over (win or loss).

Since I was denying access to my internal pihole (and most likely whatever my primary DNS was one) the game wouldn't know that the game ended and the connection to the host would time out.

After I enabled access to my pihole internally (via port 53) I was able to get the server to responding properly.

Thank you all for your input and help.

EDIT:

To clarify, and to make it easier, I setup the ACL rule in the gateway, not the switch. The gateway ER7206, has proper directional ACL rules.

Recommended Solution

7 Reply

ss1gohan13

LV1

2023-09-10 19:24:54

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

Re:ACL Issue - Losing connection to dedicated server

2023-09-10 19:24:54

Hey all,

Small update for everyone

I've setup a group with 192.168.40.50/32 (this is my IP to my gaming PC)
I setup a new ACL that permits traffic from the DMZ to said group (192.168.40.50/32)
I placed the rules in order of operation (Permit then deny) and I am still having a timeout issue with the server ending.

Is there a packet capture feature that I can use to see if there is something not making it back to my desktop?

KJK

LV4

2023-09-10 19:44:48

Posts: 309

Helpful: 103

Solutions: 31

Stories: 0

Registered: 2022-03-29

Re:ACL Issue - Losing connection to dedicated server

2023-09-10 19:44:48

@ss1gohan13

Can't you enable logging on the deny ACL rule?

Kris K

ss1gohan13

LV1

2023-09-10 21:50:39

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

Re:ACL Issue - Losing connection to dedicated server

2023-09-10 21:50:39

@KJK You bet! How do I do that?

KJK

LV4

2023-09-11 00:19:50

Posts: 309

Helpful: 103

Solutions: 31

Stories: 0

Registered: 2022-03-29

Re:ACL Issue - Losing connection to dedicated server

2023-09-11 00:19:50

@ss1gohan13

JetStream Switches User Guide, Configuring IP ACL Rule, Pages 799-800

Kris K

Clive_A

2023-09-11 03:41:06 - last edited 2023-09-11 03:44:26

Posts: 3378

Helpful: 1020

Solutions: 684

Stories: 0

Registered: 2023-06-09

Re:ACL Issue - Losing connection to dedicated server

2023-09-11 03:41:06 - last edited 2023-09-11 03:44:26

Hi @ss1gohan13

Thanks for posting in our business forum.

Wireshark can capture the packet and analyze the network traffic.

If you say that you experience something like the game hangs there, you cannot end the game because of ACL, then you should check if the source or destination IPs are not included in/excluded from ACL. Not sure how your game ends. Usually, if it is P2P, then the source and destination would usually stay the same.

I guess you should capture and find out why. How to capture packets using Wireshark on SMB router or switch

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Beta firmware got some NEW features! Subscribe for the latest update! ☛Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting Manual ★ ☚ (Disclaimer: Short links are used above solely for guidance to TP-Link subdomains and are safe and tracker-free. Exercise caution with short links from non-official members on forums. We are not liable for external content or damage from non-official members' link use.)

ss1gohan13

LV1

2023-09-11 09:49:53

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

Re:ACL Issue - Losing connection to dedicated server

2023-09-11 09:49:53

@Clive_A

Thank you for the reply. Also, apologies; I'm on mobile right now.

That link provided is for accessing the switch at the admin level of the switch GUI interface. I've got my switch tied into my omada controller. Is there another guide that references using the omada controller?

Also, side question, I noticed that there is a beta firmware for my gateway. I'm not advocating that I update to the beta version, but I noticed that ICMP type 13 packet had a fix put into place. Is it possible that is related to my timeout issue? If I understood what it is, it's a timestamp packet.

ss1gohan13

LV1

2023-09-11 22:21:39 - last edited 2023-09-11 23:56:19

Posts: 10

Helpful: 4

Solutions: 1

Stories: 0

Registered: 2022-12-16

Re:ACL Issue - Losing connection to dedicated server-Solution

2023-09-11 22:21:39 - last edited 2023-09-11 23:56:19

UPDATE FOR ALL:

So my dedicated game server I am running appears to do a DNS query at end of game to signal that the game is over (win or loss).

Since I was denying access to my internal pihole (and most likely whatever my primary DNS was one) the game wouldn't know that the game ended and the connection to the host would time out.

After I enabled access to my pihole internally (via port 53) I was able to get the server to responding properly.

Thank you all for your input and help.

EDIT:

To clarify, and to make it easier, I setup the ACL rule in the gateway, not the switch. The gateway ER7206, has proper directional ACL rules.

Information

Helpful: 1

Replies: 7

SOLVED - ACL Issue - Losing connection to dedicated server

SOLVED - ACL Issue - Losing connection to dedicated server

Information

Voters 1

Tags