Hello there,

I have tested something this morning on a Huge FFA and had 0 crashes for over 4 hours. This is the first time for me hosting a 10 players game and having absolutely no problems and almost no lag.

What I'm about to describe here may help stabilize a connection and reduce lag. When applied by a game host it can solve a lot of the problems we're seeing in Sins. However it requires one to have access to an external server, which I guess few of us have. But still I thought it's worth posting this to help anyone who may be able to implement this.

The idea is simple: use an external server hosted in a data centre to forward the network traffic through.

Why?
The why is very simple: service providers don't like to admit this, but a home internet connection is inherently slower and more prone to problems than that of a machine in a data centre. Why? Because the ISP is on a budget and has to squizz and distribute bandwidth across potentially many home customers. Data centres have less problems as they need just one big connection from the data centre to the internet. The result is that the average small server in a data centre is likely to have a much better internet connection than your home machine.

A server??
Well, today hosting solutions are so cheap it's ridiculous. I pay £15 (~25$) / month for a very humble virtual server with around 150M of RAM and 10G HD. I don't use it for much but even this humble virtual machine has a better internet connection than my home one.

Now obviously not everyone is going to pay 30$/month on top of their internet connection just to solve some problems but perhaps groups of players (clans maybe) would like to chip in 5$ each, or perhaps someone already has access to a server through their line of work. In either case the rest of this post is dedicated to anyone who has access to a server and would like to give this a try.

How?
I'm personally a Linux Debian fan, so my example here will assume a windows XP client and a Debian server. I strongly recommend using Cygwin on the winbox as it makes life so much easier when you want to script your box. However with little changes this process can be used on any other setup.

Warning
The process I am about to outline here requires some basic understanding of networking and system administration. Do not - I repeat - Do not try any of this unless you are confident that you can reverse the changes and that you understand the implications.

So let's start.

First off download & install OpenVPN on both the server and client:

Server:


Client: go to OpenVPN's download page and download the windows installer.

The next stage is to set up the VPN connection between the client and the server. There is no point in me explaining here how to do this as this is described in full detail on the OpenVPN website:

Now let's set up the server to masquerade connections for the client:


And add port forwarding for Sins:


Finally we need to open port 1194 on the server for the client. This is a potential security breach and you should apply whatever precautions you find appropriate. The command I am listing below will limit the potential possible attacks to IP spoofing on a compromised OpenVPN server (if ever an exploit for it found). I consider this to be reasonable risk level but that's just me:

Replace client_ip_address with your IP address above.

At this point the server is happy to accept VPN connection from the client and act as a NAT for the client through the VPN with the Sins port forwarded back to the client. The next stage is to convince Windows to take advantage of this.

Before you continue
My next advise will cause OpenVPN to modify the default gateway on Windows machine. Do not proceed unless you know how to disable / enable your LAN and internet connection. If anything goes wrong restart both.

Add the following line to the client configuration OpenVPN file:


Find your current gateway set by whatever internet connection set up you have. To do this open a shell Window and run the following command:


Find the line that says "Default Gateway:" and write down this number. This is your normal internet gateway, which we are about to replace. However we still need all non-VPN'ed traffic to use this gateway, so:

replace server_ip_address above with the IP address of your server and original_gateway with the default gateway IP address that you've written down previously.

I personally also recommend adding static routes for the DNS servers as there is no point in them going through the VPN connection:

Replace dns_server1 and dns_server2 with the IP addresses of the DNS servers reported by ipconfig.

Finally there is one small problem, for some reason OpenVPN does not reset the default gateway correctly when it shuts down (depends on how you run it though). I wrote a little shell script that I use to control the whole process since I'm using Cygwin:


Depending on what method you use you may or may not experience this problem and you may have another solution for it. you can always run the route command above manually after you shut down the connection.

That's it, when you start the VPN connection all your internet traffic will now pass through the VPN and to the outside world you appear to be communicating from your server's IP address using its internet connection. The only part where your own internet connection is used is between your desktop to your server.


If anyone out there gives this a try I'd be happy if you posted your impressions here. I will try this myself in the following few days and report my findings. As mentioned earlier the first test was very successful as I never every hosted a big game with no crashes.