Yes, separate real IP's. One to One NAT translations for each external (WAN) IP to internal (LAN) IP of the appropriate servers. This firewall supports up to 512 NAT policies which means I could have a few hundred computers on the LAN with their own Internet IP's.
Mike ParaDOX www.paradisesgarage.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roman Hatsiev Sent: Tuesday, August 28, 2007 4:43 AM To: [email protected] Subject: Re: [hlds] Some Servers not showing up on the Steam Master Server List - Redux Mike, just to make sure that I understood you correctly - you have separate real IP for every server box behind firewall? How you forward ports to your LAN servers? On 27/08/07, Mike Munoz <[EMAIL PROTECTED]> wrote: > Yeah I know this subject has been done to death! I am also familiar > with all the common problems. > > I have tried all the tried and true techniques for resolving this. It > is most likely caused by the new firewall I just implemented. But I > want to know why! > > Servers: > 3 HP Proliant DL 380 G3 (full specs available if required) > > 1. HLDS x 4 - 67.93.155.120:27015 <-- Connected to the DMZ, > This one shows up on the SMSL > 2. HLDS x 5 - 67.93.155.126:27015 <-- LAN NAT to WAN does not > show up on SMSL > 3. HLDSS x 4 - 67.93.155.119:27015 <-- LAN NAT to WAN does not > show up on SMSL > > Never mind the performance and bandwidth, it all works great.. Or used > to, read on... > Oh yeah, please don't state the obvious solution, put them all on the > DMZ! I want them all on the LAN, They should and did work on the LAN > before the firewall was changed. The DMZ is being used as a test case. > > All servers are playable if you connect manually or have them on your > Favorites list. > > Firewall: > Sonicwall Pro 3060 with Enhanced OS - > http://www.sonicwall.com/us/PRO_3060.html > 3 Security Zones > LAN - > all outbound traffic allowed > WAN < - All inbound blocked except for UDP and TCP > ports 27000 - 27050 > DMZ < - All inbound blocked except for UDP and TCP > ports 27000 - 27050 > > The NAT is configured to allow all traffic transparently to the > specified host on the LAN. The same firewall rules are used on the DMZ > and LAN to control what ports are open to the WAN. > > For a full list of the other ports and servers use Game Monitor: > http://www.game-monitor.com/search.php?search={MC}&type=server > > They don't all show up using Game tiger however: > http://www.gametiger.net/search?server=%7BMC%7D&game=all > > Notice only the one IP shows up. All the servers are configured > similarly and some have been up for years without issues. > It seems like Game Monitor caches the server list and will continue to > ping and report a server as being up as long as it still replies > regardless of the SMSL (Steam Master Server List) It looks at the SMSL > for new servers and will only show a server if it is first on the SMSL. > Game Tiger will only show servers that show up on the SMSL. > > The server on the DMZ shows up fine and has a steady population. The > servers on the LAN do not. > > Using the built in connection monitor I see all the servers connecting > the SMSL servers and they pass the same amount of data back and forth. > I would need to use a packet sniffer to get more precise. > > The purpose of this post is to better understand the way the HLDS > servers communicate with the Steam master servers. If it is the > firewall causing the problem I need to be able to explain exactly what > the problem is to the firewall manufacturer so they can fix it. I have > read (several times) The Master Server Protocol located here: > http://developer.valvesoftware.com/wiki/Master_Server_Query_Protocol > and numerous other documents. I understand what should be happening, > just not sure why it isn't. > > Previously, I had a Sonicwall Pro 230 and all the servers showed up > fine from the LAN using NAT and similar rules. I upgraded for better > performance and more features, plus regular updates. They stopped > supporting the older one. > > I hope this is clear enough to follow. Let me know what needs clarification. > > > I hope that this can help others that may have issues with servers > showing up the SMSL as well. > > > Mike ParaDOX > > www.paradisesgarage.com > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
