* Starcraft over Wireguard ... :sideeye:
@ 2018-02-12 7:23 Eric Light
2018-02-12 9:07 ` Henning Reich
2018-02-14 21:24 ` Asbjørn Sloth Tønnesen
0 siblings, 2 replies; 3+ messages in thread
From: Eric Light @ 2018-02-12 7:23 UTC (permalink / raw)
To: wireguard
[-- Attachment #1: Type: text/plain, Size: 2448 bytes --]
Hi, awesome WG mailinglist!
My 18 year-old has recently moved out of home, and we're starting to
yearn for one of our traditional Starcraft matches. I thought I should
be able to do this easily with Wireguard.
The idea, generally, is that one of us would start up a game, and
Wireguard - with a side serving of ProxyARP and IP forwarding - would
help make all the other computers see that game. (or, at very worst,
allow me to run a game that could be seen by his computer AND the other
computers here).
-=-=-=-=-=-=-=-=-=-=-=-=-
On his computer: (LAN IP 192.168.1.x)
> [Interface]
> PrivateKey = {blah}=
> ListenPort = 12457
> Address = 192.168.88.3/24
>
> [Peer]
> PublicKey = {blah2}=
> Endpoint = {my home}:12457
> AllowedIPs = 0.0.0.0/0
>
On my computer: (LAN IP 192.168.88.x)
> [Interface]
> PrivateKey = {blah3}=
> ListenPort = 12457
> Address = 192.168.88.2/32
>
> [Peer]
> PublicKey = {blah4}=
> AllowedIPs = 192.168.88.3/32
-=-=-=-=-=-=-=-=-=-=-=-=-
But it turns out not to be so easy. Starcraft sets up games over UDP
5353 and UDP 6112, and originally I thought it was a problem with
forwarding UDP packets. However, I can see packets coming over the
tunnel from his computer, but the packets are being forwarded to an
address I don't know:
> root@me:~# tcpdump -i home port 5353 or port 6112
> tcpdump: verbose output suppressed, use -v or -vv for full
> protocol decode> listening on home, link-type RAW (Raw IP), capture size 262144 bytes
> 20:02:35.744726 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10> 20:02:35.759142 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10> 20:02:35.759157 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10> 20:02:36.045323 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP,
> length 19> 20:02:36.099993 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP,
> length 19> 20:02:36.100005 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP,
> length 19> 20:03:05.964077 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10> 20:03:05.964118 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10> 20:03:05.987761 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP,
> length 10
Any ideas where I can start looking? I get similar behaviour whether I
host the game on my computer or on his.
Thanks in advance for any help you guys can offer!
E
--------------------------------------------
Q: Why is this email five sentences or less?
A: http://five.sentenc.es
[-- Attachment #2: Type: text/html, Size: 7706 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Starcraft over Wireguard ... :sideeye:
2018-02-12 7:23 Starcraft over Wireguard ... :sideeye: Eric Light
@ 2018-02-12 9:07 ` Henning Reich
2018-02-14 21:24 ` Asbjørn Sloth Tønnesen
1 sibling, 0 replies; 3+ messages in thread
From: Henning Reich @ 2018-02-12 9:07 UTC (permalink / raw)
To: Eric Light; +Cc: wireguard
[-- Attachment #1: Type: text/plain, Size: 5142 bytes --]
Hi,
I don't understand what you really want. You say someting about other
computers. Who are these other people/copmuters and there they are? Inside
your (or your childs) network or unknown public internet users?
Did you try to set up a game through battle.net or a "local" game? In
addition, your configuration looks like you mixed up with your subnets. On
your childs side, you configure your interface as part of an /24 subnet,
but on your side, its just a /32 "range".
It may work anyway, bit I think its still confusing.
So I think, a good start would be to clean up your wg-config. I like to use
a seperate "subnet" for vpn traffic. So there is no ProxyArp needed,
because the VPN-Server works as a Gateway for his own subnet. Disadvantag
is that you can't use (without some more work) broadcast features. Mostly
use for some autodetections and so on.
Maybe this will help a bit.
On his computer: (LAN IP 192.168.1.x)
[Interface]
PrivateKey = {blah}=
ListenPort = 12457
Address = 192.168.123.3/24 <http://192.168.88.3/24>
[Peer]
PublicKey = {blah2}=
Endpoint = {my home}:12457
AllowedIPs = 192.168.123.0/24 <http://192.168.88.3/24>, 192.168.88.0/24
On my computer: (LAN IP 192.168.88.x)
[Interface]
PrivateKey = {blah3}=
ListenPort = 12457
Address = 192.168.123.2/ <http://192.168.88.2/32>24
[Peer]
PublicKey = {blah4}=
AllowedIPs = 192.168.123.0/24 <http://192.168.88.3/24>, 192.168.1.0/24
With this configuration, you should create (and play) games using the
dedicated vpn IPs (192.168.123.2 or 3 ) or maybe (not tested) your orignal
local IPs (192.168.88.xxx or 192.168.1.xxx).
An complete other soloution could be using a layer2 vpn. I like
SoftEtherVPN.
You could install it, bind the vpn to a tap-device (within the SoftEther
configuration) and than bind the tap-device (with linux tools like brctl,
systemd-networkd config) to your physical interface.
If anybody connect to this vpn, it's just like an additional wire to your
network. So all works, inlcuding DHCP in the same subnet and so on.
The strange double-bridge is not needed, if your SC-Host and VPN-Host are
NOT the same device. Because if you bridge the VPN directly to the physical
interface (without the help of an additional tap-device) the VPN Client
can't reach the vpn-server itself.
Or maybe without any VPN? Just Portforwarding and a (dynamic) DNS entry?
You could get free ones here: https://freedns.afraid.org/
2018-02-12 8:23 GMT+01:00 Eric Light <eric@ericlight.com>:
> Hi, awesome WG mailinglist!
>
> My 18 year-old has recently moved out of home, and we're starting to yearn
> for one of our traditional Starcraft matches. I thought I should be able
> to do this easily with Wireguard.
>
> The idea, generally, is that one of us would start up a game, and
> Wireguard - with a side serving of ProxyARP and IP forwarding - would help
> make all the other computers see that game. (or, at very worst, allow me
> to run a game that could be seen by his computer AND the other computers
> here).
>
> -=-=-=-=-=-=-=-=-=-=-=-=-
>
> On his computer: (LAN IP 192.168.1.x)
>
> [Interface]
> PrivateKey = {blah}=
> ListenPort = 12457
> Address = 192.168.88.3/24
>
> [Peer]
> PublicKey = {blah2}=
> Endpoint = {my home}:12457
> AllowedIPs = 0.0.0.0/0
>
>
> On my computer: (LAN IP 192.168.88.x)
>
> [Interface]
> PrivateKey = {blah3}=
> ListenPort = 12457
> Address = 192.168.88.2/32
>
> [Peer]
> PublicKey = {blah4}=
> AllowedIPs = 192.168.88.3/32
>
>
> -=-=-=-=-=-=-=-=-=-=-=-=-
>
> But it turns out not to be so easy. Starcraft sets up games over UDP 5353
> and UDP 6112, and originally I thought it was a problem with forwarding UDP
> packets. However, I can see packets coming over the tunnel from his
> computer, but the packets are being forwarded to an address I don't know:
>
> root@me:~# tcpdump -i home port 5353 or port 6112
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on home, link-type RAW (Raw IP), capture size 262144 bytes
> 20:02:35.744726 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
> 20:02:35.759142 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
> 20:02:35.759157 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
> 20:02:36.045323 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19
> 20:02:36.099993 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19
> 20:02:36.100005 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19
> 20:03:05.964077 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
> 20:03:05.964118 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
> 20:03:05.987761 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10
>
>
> Any ideas where I can start looking? I get similar behaviour whether I
> host the game on my computer or on his.
>
> Thanks in advance for any help you guys can offer!
>
> E
>
> --------------------------------------------
> Q: Why is this email five sentences or less?
> A: http://five.sentenc.es
>
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>
[-- Attachment #2: Type: text/html, Size: 17525 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Starcraft over Wireguard ... :sideeye:
2018-02-12 7:23 Starcraft over Wireguard ... :sideeye: Eric Light
2018-02-12 9:07 ` Henning Reich
@ 2018-02-14 21:24 ` Asbjørn Sloth Tønnesen
1 sibling, 0 replies; 3+ messages in thread
From: Asbjørn Sloth Tønnesen @ 2018-02-14 21:24 UTC (permalink / raw)
To: wireguard
Hi Eric,
If the game requires the computers to be on the same LAN,
complete with broadcast, multicast etc., you can run a layer
2 network through WG, running a L2TPv3 tunnel on top of WG's
layer 3 network.
See ip-l2tp(8) for usage examples.
It doesn't say in the man page, but if you set the L2TP MTU
high like 1500 (to simulate standard LAN MTU), then the
packets will be fragmented at the IP layer, so at the cost
the fragmentation overhead you can even emulate a higher MTU.
--
Best regards
Asbjørn Sloth Tønnesen
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-02-14 21:18 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-02-12 7:23 Starcraft over Wireguard ... :sideeye: Eric Light
2018-02-12 9:07 ` Henning Reich
2018-02-14 21:24 ` Asbjørn Sloth Tønnesen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.