Running zones on 2 or more PC's behind router

Twang · #1 03-03-2004, 06:51 PM

I run world.exe on the computer I play eq on, and the zone servers on another comp. Works fine when I run it setup for minilogin, but when I set it up to run for the internet, it gets random disconnects from the zones running on the other computer. The comp with world.exe is setup for DMZ, and if I run the zones on there it works fine.

I tried port forwarding 7990-8000, but still no luck. Is there any other ports that need to be forwarded? I tried 1024-64565, but that disconnected world.exe on the DMZ comp. Or is it just not possible to run the zones on a different comp?

Any help greatly appreciated.

samandhi · #2 03-04-2004, 01:01 AM

You should not have to port forward JUST to connect zone to world... You will hvae to port forward so that everyone else will see your server. You should be able to run zone from a different computer, by setting up your IP address as your internal IP address.. The only thing you should have to put in as your external is your world address (so that eqemu will see it). Where you have to enter an IP address, instead of using your external or localhost, use your internal IP.. Again, the only place you NEED to put your external IP is in world address.... shouldnt even need to put puter on DMZ, (unless you happen to have one of the unlucky routers that require you not only use port forwarding but dmz also, like mine hehe) just make sure your router is NOT filtering internal incoming traffic on that machine...

Twang · #3 03-04-2004, 01:26 AM

I tried putting just my local address in the boot5zones.bat, and the zone server connects to world.exe fine, but when I connect, world tells it to boot up the zone, but the client never connects. The way I understood it to work is that when you zone, world.exe hands off the client to one of the zone.exe's, so the client has to directly connect to the comp you're running zone.exe on. With the IP's set as 68.170.*.* 7990 192.168.*.*, the client can connect, but usually goes linkdead right away. With the IP's set as 192.168.*.* 7990 192.168.*.*, the zone window never even shows a connection from the client.

I'm kinda new when it comes to routers, as I just got one recently for the first time (for its wireless capabilities so I could get on the net with my laptop), and this is the first game I've tried to host since then. If nothing else, I can always hook the other computer up to the internet directly as I used to do before. This just seemed like a safer idea. Thanks for trying to help though.

smogo · #4 03-04-2004, 02:02 AM

Quote:

The way I understood it to work is that when you zone, world.exe hands off the client to one of the zone.exe's, so the client has to directly connect to the comp you're running zone.exe on.

That's the way i guess it works, so you'll have to forward port 9000 to the comp hosting world.exe; and forward others according to the host that runs the zone
e.g.
Comp1 123.123.123.001
world.exe
zone.exe on port 7991
zone.exe on port 7992

and comp2 123.123.123.002
zone.exe on port 7993
zone.exe on port 7994

then
you'd have to forward 9000, 7991 and 7992 to 123.123.123.123.001 and 7993,7994 to 123.123.123.002.

Twang · #5 03-04-2004, 02:12 AM

Oops, my mistake. I had the internal IP's mixed up when I tried it last. Instead of

zone.comp.ip 7990 world.comp.ip

I had

world.comp.ip 7990 world.comp.ip

The client tries to connect now, but still has the same linkdead problem as when I used the external IP. So I have no idea if zone.exe needs an external connection or not.

I did try forwarding those ports to the zone.exe comp, with the world.exe comp set as DMZ, but still get the linkdead problems. It does connect maybe 1/4 of the time though, whether I forward the ports or not.

Twang · #6 03-04-2004, 03:00 AM

Ok, not a router problem. I set one zone with internal IP's, and one with external, and both had the linkdead problem. Then I figured I'd try booting them as a static zone, gfay and butcher, and that worked fine with either external or internal IP's. I zoned back and forth about 20 times no problems. So the problem isn't the connection like I thought, its a zone booting problem. Sorry for posting a problem that didn't exist.

krusher · #7 03-04-2004, 04:31 AM

Eqemu and firewalls/routers. Ugg. Heres the deal.

Most consumer grade routers/firewall use what is called "statefull packet inspection", what this means is that for traffic to be allowed into the INTERNAL network it MUST have orginated from the INTERNAL network. So, when your world server connects to the Login servers the firewall tracks that information and will allow the traffic back into the orginatating source ie: world server.

The plot thickens however because most people only have 1 PUBLIC IP address. To get around the limitations of that, once again most firewall/routers use what is called NAT ( Network Address Translation ).

So, the firewall/router takes the internal IP address of the traffic request, remaps it to the public IP address and sends the traffic out to the internet. It does this by reassigning the requesting private IP:port to the public IP:port. - ie: 192.168.0.1:80 gets remaped to x.x.x.x:80, and sends the traffic. The firewall/router REMEMBERS this information and when the request comes back, it forwards that traffic to the requesting computer.

( This is REALLY basic. There is alot more going out but hopefully you get the idea ).

You dont mention what type router/firewall you have so this will be a generic setup.

The world server connects to the Eqemu Login servers on the ports listed in your Loginserver.ini ie: 5997. Once that connection is established the server shows up in the list. If you allow port 5997 traffic to your internal world server all will be good. Although this isnt really required because the your world server established the connection to the login servers. But to be safe, you should port forward port 5997 to your internal world server's internal IP address.

Once someone selects your server from the list, the eqemu login server hands out the PUBLIC IP address of your world server ( THIS IS YOUR PUBLIC IP ) and directs the client to connect to your world server IP on port 9000. Since your router/firewalll will see this traffic as comming in it will drop the packets since there was no coresponding outbound request. This is why players will get errors when they try to connect to your world server if port 9000 isnt redirected to the internal IP address of the world server computer.

IMPORTANT: In the Loginserver.ini file your IP address MUST be listed as your PUBLIC IP. NOT the internal network IP of the world server computer.

Once a client is connected to the worldserver, the worldserver knows the ip address of the client that has connected. ( Keep that in mind ).

Step 1: Setup port forwarding in your firewall to allow port 5997 traffic to your world server.

Step 2: Setup port forwarding in your firewall to allow port 9000 traffic to your world server.

Lets say your worldserver is 192.168.0.1

Port forward port 5997 and port 9000 to 192.168.0.1

If all is good. Players will be able to connect to the "world server". If they cant then double check and make sure that port 9000 is being forwarded to the correct computer.

One other thing to note: the zone servers also connect to the world server using port 9000. The world server keeps track of the zone servers and knows what ports the zone servers are listening on. But since both the world server and zone server computers are INSIDE your lan that traffic never hits the router/firewall.

Step 3:

Setup port forwarding in your firewall to allow ports 7995-7999, these are the default boot5zone.bat ports.

ie: If your zoneserver IP is 192.168.0.2 then you would port forward 7995-7999 to that PRIVATE ip address.

This is what happens when a client attempts to connect to the zone server.

The world server says "ok, this client ( i already know his IP )wants to zone to arena" lemme see, the arena zone isnt running so i will tell the zone server to bootup the arena zone. Since i know that once the zone is booted up it will be listening on port 192.168.0.2:7995 in this case, i will tell the client to connect to the zoneserver on 192.168.0.2:7995.

Now, here is the rub. As far as the zoneservers are concerned, there is no PUBLIC IP. It only understands the private IP that you setup in the bootzone.bat file. Those IP's are what the zoneservers are listening on. And as far as the client is concerned there is no PRIVATE IP, only the public ip he connected on.

Since the worldserver knows the public IP of the client, it send the information back that says ok, the zone is ready and waiting for you to enter. The client says ok. i will connect to the zoneserver using the PUBLIC IP that the worldserver gave me and the port it told me to connect on. ie

.x.x.x:7995.

If the port isnt allowed then you cant connect. If it is allowed, the client connects and all is good.

Lets say your worldserver is 192.168.0.1
and your zoneserver is 192.168.0.2

The typical bootzone.bat file might look like this:

start zone . 192.168.0.2 7995 192.168.0.1
start zone . 192.168.0.2 7996 192.168.0.1
start zone . 192.168.0.2 7997 192.168.0.1
start zone . 192.168.0.2 7998 192.168.0.1
start zone . 192.168.0.2 7999 192.168.0.1

If the ports are forwarding correctly then the client should'nt have any troubles connecting to the zoneserver once the worldserver hand them off. I have had some problems with Linksys firewall/routers dropping connections. If that happens the client of course goes LD. Other than that, i have used Dlink, SMC, TrendNet products without any issues.

Sorry this turned into a book but i hope the information helps you understand what is going on with firewalls/routers.

If you have any question please feel free to PM me and i will try to help as much as i can.

Krusher

Twang · #8 03-04-2004, 05:16 AM

Thanks, that was a very informative post. My router is made by NetworkEverywhere, which I understand to be actually made by linksys, so maybe thats part of my problem. The main problem now seems to be with booting the zones though, if I set them as static they seem to connect just fine. Curious if the zone computer actually needs to be port forwarded though, as it seems to work the same with or without port forwarding turned on. I can't check it outside my network, so I'll just have to wait for someone to login and see what happens.

krusher · #9 03-04-2004, 06:30 AM

Post your Loginserver.ini and boot5zone.bat file so i can take a look. Im not sure im understanding what the exact problem is. Also please let me know the private ip's of the world server and the zone server you are running.

Krusher