10-08-2007, 01:15 AM
Hi everyone,
I'm having some problems with my srcds server and I am hoping someone here might shed some light on it for me. I hardly ever have to post to forums for answers, so it's either something really obtuse or really easy I'm over looking.
Here's my situation.
I am having fits getting my server to show up in the master lists. I can, and everyone else can, connect to the game through console "connect" command in the client. I am running a SRCDS server on an internal IP (192.168.0.10) that is connected to the internet through a watchguard firewall. I can manually add the server to my favorites and it pings fine and I can see the game details fine.
I have a /29 of IP's. My default outbound route uses .218. I have had my firewall configured in 2 different ways based on conflicting information found on the internets.
1 (everything works with this, except the master list stuff):
UDP 27015
UDP 27020
TCP 27015
2 (nothing changes when i use this):
UDP 27000-27015
UDP 1200
TCP 27015
TCP 27030-27039
#1 makes the most sense to me from a services standpoint. For any service I know of you don't have to open up more than a few ports, but whatever, I tried both because #1 isn't showing up on master lists and everyone said firewalls can be a problem.
Well, my server still does not show up in the master list. So, I guess, here's my question. When I start my SRCDS server, my firewall logs are filled with (in addition to a variety of exploit attempts) a huge number of communication attempts over UDP ports 43000-45000.
No one anywhere has even mentioned anything about allowing incoming udp ports in that range, but im looking at my firewall and im seeing massive numbers of connection attempts.
Any tips on this would be great, thanks in advance for your time.
-Jeff
Ok, updated symptom:
I cannot rcon into the server. Whenever I try to issue rcon commands, it fails. If i try to telnet into 27015, it fails.
I know I have the firewall setup right. It's not the firewall. I turned logging on to show me allowed packets and watched as my external connection attempts were allowed through.
I have iptables turned off, so it's not my server either, especially since I can connect and play fine.
I'm still puzzled about the udp connections. Does anyone know why I receive so many connection attempts on those high UDP ports after starting my srcds server? I'm not sure it's related to my problem, but it is a concern.
updated symptom:
Cannot telnet externalip 27015
Cannot telnet internalip 27015 from another box on same subnet (192.x.x.x)
CAN telnet 127.0.0.1 27015 from ssh session.
update-
The server was starting up binding to 127.0.0.1. I added -ip 192.168.x.x to the command line and now rcon works.
so rcon works now, but I still do not see my server on game-monitor.com, nor do i see it in tf2's server list.
any sugs?
i may have stumbled onto the problem thanks to this post:
http://forums.steampowered.com/forums/showthread.php?t=493670&highlight=master
I installed qstat on my box and ran the command to grep my server out of the list. Sure enough, it's registering with the master server at some bizarre port range, :48626. This is likely related to Watchguard's dynamic NAT function and steam's registration process that reads the source port and assumes that the source port of the registration request is the port srcds is running on.
This assumption made by the master server is wrong in this case.
This also explains all of the high-port UDP connections. The watchguard is assigning the high UDP port numbers, registers with steam, everyone trying to play a game queries the entire master server list and it includes 5 or 6 registrations from my server with high udp port numbers, rather than the right one, 27015.
Setting -port at the command line didn't seem to help at all.
I'll have to figure out how to disable this dynamic nat crap and have everything still work.
Does anyone know of a way to authoritatively tell the master server what port my server is running on?
These don't work:
-port 27015 command line
+port 27015 command line
ip ipaddress:27015 in the server.cfg
port 27015 in server.cfg (unknown command)
I'm tearing my hair out over here. I can't think of a good reason why the steam master server list functions the way it does. There should be a way for me to define the port registered by steam.
Anyone?
I'm having some problems with my srcds server and I am hoping someone here might shed some light on it for me. I hardly ever have to post to forums for answers, so it's either something really obtuse or really easy I'm over looking.
Here's my situation.
I am having fits getting my server to show up in the master lists. I can, and everyone else can, connect to the game through console "connect" command in the client. I am running a SRCDS server on an internal IP (192.168.0.10) that is connected to the internet through a watchguard firewall. I can manually add the server to my favorites and it pings fine and I can see the game details fine.
I have a /29 of IP's. My default outbound route uses .218. I have had my firewall configured in 2 different ways based on conflicting information found on the internets.
1 (everything works with this, except the master list stuff):
UDP 27015
UDP 27020
TCP 27015
2 (nothing changes when i use this):
UDP 27000-27015
UDP 1200
TCP 27015
TCP 27030-27039
#1 makes the most sense to me from a services standpoint. For any service I know of you don't have to open up more than a few ports, but whatever, I tried both because #1 isn't showing up on master lists and everyone said firewalls can be a problem.
Well, my server still does not show up in the master list. So, I guess, here's my question. When I start my SRCDS server, my firewall logs are filled with (in addition to a variety of exploit attempts) a huge number of communication attempts over UDP ports 43000-45000.
No one anywhere has even mentioned anything about allowing incoming udp ports in that range, but im looking at my firewall and im seeing massive numbers of connection attempts.
Any tips on this would be great, thanks in advance for your time.
-Jeff
Ok, updated symptom:
I cannot rcon into the server. Whenever I try to issue rcon commands, it fails. If i try to telnet into 27015, it fails.
I know I have the firewall setup right. It's not the firewall. I turned logging on to show me allowed packets and watched as my external connection attempts were allowed through.
I have iptables turned off, so it's not my server either, especially since I can connect and play fine.
I'm still puzzled about the udp connections. Does anyone know why I receive so many connection attempts on those high UDP ports after starting my srcds server? I'm not sure it's related to my problem, but it is a concern.
updated symptom:
Cannot telnet externalip 27015
Cannot telnet internalip 27015 from another box on same subnet (192.x.x.x)
CAN telnet 127.0.0.1 27015 from ssh session.
update-
The server was starting up binding to 127.0.0.1. I added -ip 192.168.x.x to the command line and now rcon works.
so rcon works now, but I still do not see my server on game-monitor.com, nor do i see it in tf2's server list.
any sugs?
i may have stumbled onto the problem thanks to this post:
http://forums.steampowered.com/forums/showthread.php?t=493670&highlight=master
I installed qstat on my box and ran the command to grep my server out of the list. Sure enough, it's registering with the master server at some bizarre port range, :48626. This is likely related to Watchguard's dynamic NAT function and steam's registration process that reads the source port and assumes that the source port of the registration request is the port srcds is running on.
This assumption made by the master server is wrong in this case.
This also explains all of the high-port UDP connections. The watchguard is assigning the high UDP port numbers, registers with steam, everyone trying to play a game queries the entire master server list and it includes 5 or 6 registrations from my server with high udp port numbers, rather than the right one, 27015.
Setting -port at the command line didn't seem to help at all.
I'll have to figure out how to disable this dynamic nat crap and have everything still work.
Does anyone know of a way to authoritatively tell the master server what port my server is running on?
These don't work:
-port 27015 command line
+port 27015 command line
ip ipaddress:27015 in the server.cfg
port 27015 in server.cfg (unknown command)
I'm tearing my hair out over here. I can't think of a good reason why the steam master server list functions the way it does. There should be a way for me to define the port registered by steam.
Anyone?