SOLVED - ACL Issue - Losing connection to dedicated server
Evening all,
I'm having an issue with (continuous) network communication to a DMZ network I have setup for dedicated gaming servers.
Here is a brief summary:
VLAN 1: 192.168.0.0/24
VLAN30: 192.168.30.0/24
VLAN40: 192.168.40.0/24
DMZ: 10.0.200.0/24
I have setup an ACL to deny the DMZ network to communicate to any of the other VLANs setup.
Now the issue I have:
At the end of a game (KillingFloor 2 in this instance) The game will come to end (either by loss or victory) and the game will just hang. If I disable the ACL rule I setup at the time of game end, the game will pick up the change/loss of the game and move on. If this is not done, the server will simply time out and I will have to rejoin the server.
When I join the game, it appears that I am joining from my external IP address.
EDIT: Question, would mDNS have any resoultion?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
UPDATE FOR ALL:
So my dedicated game server I am running appears to do a DNS query at end of game to signal that the game is over (win or loss).
Since I was denying access to my internal pihole (and most likely whatever my primary DNS was one) the game wouldn't know that the game ended and the connection to the host would time out.
After I enabled access to my pihole internally (via port 53) I was able to get the server to responding properly.
Thank you all for your input and help.
EDIT:
To clarify, and to make it easier, I setup the ACL rule in the gateway, not the switch. The gateway ER7206, has proper directional ACL rules.
- Copy Link
- Report Inappropriate Content
Hey all,
Small update for everyone
I've setup a group with 192.168.40.50/32 (this is my IP to my gaming PC)
I setup a new ACL that permits traffic from the DMZ to said group (192.168.40.50/32)
I placed the rules in order of operation (Permit then deny) and I am still having a timeout issue with the server ending.
Is there a packet capture feature that I can use to see if there is something not making it back to my desktop?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@KJK You bet! How do I do that?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi @ss1gohan13
Thanks for posting in our business forum.
Wireshark can capture the packet and analyze the network traffic.
If you say that you experience something like the game hangs there, you cannot end the game because of ACL, then you should check if the source or destination IPs are not included in/excluded from ACL. Not sure how your game ends. Usually, if it is P2P, then the source and destination would usually stay the same.
I guess you should capture and find out why. How to capture packets using Wireshark on SMB router or switch
- Copy Link
- Report Inappropriate Content
Thank you for the reply. Also, apologies; I'm on mobile right now.
That link provided is for accessing the switch at the admin level of the switch GUI interface. I've got my switch tied into my omada controller. Is there another guide that references using the omada controller?
Also, side question, I noticed that there is a beta firmware for my gateway. I'm not advocating that I update to the beta version, but I noticed that ICMP type 13 packet had a fix put into place. Is it possible that is related to my timeout issue? If I understood what it is, it's a timestamp packet.
- Copy Link
- Report Inappropriate Content
UPDATE FOR ALL:
So my dedicated game server I am running appears to do a DNS query at end of game to signal that the game is over (win or loss).
Since I was denying access to my internal pihole (and most likely whatever my primary DNS was one) the game wouldn't know that the game ended and the connection to the host would time out.
After I enabled access to my pihole internally (via port 53) I was able to get the server to responding properly.
Thank you all for your input and help.
EDIT:
To clarify, and to make it easier, I setup the ACL rule in the gateway, not the switch. The gateway ER7206, has proper directional ACL rules.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 669
Replies: 7