Jump to content

Nobody can connect to my DMP server

InfiniteAtom
 Share

Recommended Posts

JohnWittle

JohnWittle

Posted
Posted

Your router doesn't allow incoming connections on the port that DMP uses (not sure which). Most routers block all incoming connections by default. You need to 1) find out which port DMP uses and 2) find instructions for your specific router model to forward that port to your computer. Nothing to do with KSP.

Link to comment
Share on other sites
InfiniteAtom

InfiniteAtom

Posted
  • Author
Posted
4 hours ago, JohnWittle said:

Your router doesn't allow incoming connections on the port that DMP uses (not sure which). Most routers block all incoming connections by default. You need to 1) find out which port DMP uses and 2) find instructions for your specific router model to forward that port to your computer. Nothing to do with KSP.

If I port forward on the host machine do people who want to connect to my server (clients) need to do the same?

4 hours ago, kiwi1960 said:

and of course..... unblock it in the OS firewall....

But port forwarding is the main one... and make your router a DMZ if you can... so it acts like a website.....

 

What does making my router DMZ mean and how do I do it?

Link to comment
Share on other sites
kiwi1960

kiwi1960

Posted
Posted

Hard to say.... it opens port 80 and makes your router allow any incoming connections from the internet... I used to run a website from one of my computers so some people could contact me easier... the router I had explained it all, however, since then, I had destroyed about 5 routers from over use... :)

Google it would be your best bet, both for your router name and model number and just "how to make my router DMZ" might help.

 

Link to comment
Share on other sites
JohnWittle

JohnWittle

Posted
Posted

Eh, the DMZ would help if DMP used port 80, but I seriously doubt that.

@InfiniteAtom: No, your players do not need to do anything, only the host. And not the host machine, at that, just the router.

First, a brief explanation of ports. Imagine your computer is a city with a harbor connection. It has a bunch of ports. Each port only allows a very specific kind of cargo to unload there. Port 80, for instance, only allows website cargo, while Port 6667 only allows IRC server related cargo. Your computer can open various ports to the wild, while keeping others closed.

Think of it this way. There are three kinds of connections: incoming, outgoing, and ongoing. When you go to google.com, first you open an outgoing connection to your DNS server, requesting the IP address for google.com. From then on, the conversation between your computer and your DNS server is an ongoing connection, so your router allows incoming traffic from the DNS server until the conversation is over. Then, once you get the IP address for google.com, your computer opens an outgoing connection to google's server, and then google's server sends you back the html, javascript, etc for the front page of google, which your router allows through because, again, it's an ongoing connection which you started.


But your router does *not* allow connections which other people try to start. If it did, you would be bombarded with Port 80 requests from hackers and bots, looking for vulnerabilities in websites. Bombarded with port 22 requests, looking for ssh vulnerabilities, etc. In our port analogy, the Port Authority for Port 80 only allows website cargo to arrive if the cargo ship has a document, signed by your computer, saying that it specifically requested this cargo.


However! If you are trying to host a game server, then other people need to be able to open new connections to your computer. They need to be able to show up at your harbor and be accepted, even if the port authority didn't know about them in advance. Of course, you only want to open one port, the port which DMB uses.

Your firewall is like the actual port authority. However, your router is like Ellis Island: it filters out traffic before it even reaches your computer, based on what port that traffic is bound for and whether they have signed documents stating that your computer actually requested that cargo. Both your firewall and your router's firewall work exactly the same way, except that your router also manages the traffic for all of the other computers on your network as well.

So if you want to open the port which DMB uses, you not only have to make an exception in the router's firewall for that port (not sure which one), but you also need to specifically tell the router that traffic coming for this port should be send to your computer. Otherwise it won't know what to do with it. Some routers allow you to set this up based on your computers' MAC address: i.e. "Send all incoming Port 80 traffic to the computer with such-and-such MAC address". This is called port forwarding, because it's literally forwarding all of the traffic which arrives at a given port to your computer.

Hope this explanation helps!

Link to comment
Share on other sites
  • 3 weeks later...
InfiniteAtom

InfiniteAtom

Posted
  • Author
Posted
On 8/7/2016 at 11:53 AM, JohnWittle said:

Eh, the DMZ would help if DMP used port 80, but I seriously doubt that.

@InfiniteAtom: No, your players do not need to do anything, only the host. And not the host machine, at that, just the router.

First, a brief explanation of ports. Imagine your computer is a city with a harbor connection. It has a bunch of ports. Each port only allows a very specific kind of cargo to unload there. Port 80, for instance, only allows website cargo, while Port 6667 only allows IRC server related cargo. Your computer can open various ports to the wild, while keeping others closed.

Think of it this way. There are three kinds of connections: incoming, outgoing, and ongoing. When you go to google.com, first you open an outgoing connection to your DNS server, requesting the IP address for google.com. From then on, the conversation between your computer and your DNS server is an ongoing connection, so your router allows incoming traffic from the DNS server until the conversation is over. Then, once you get the IP address for google.com, your computer opens an outgoing connection to google's server, and then google's server sends you back the html, javascript, etc for the front page of google, which your router allows through because, again, it's an ongoing connection which you started.


But your router does *not* allow connections which other people try to start. If it did, you would be bombarded with Port 80 requests from hackers and bots, looking for vulnerabilities in websites. Bombarded with port 22 requests, looking for ssh vulnerabilities, etc. In our port analogy, the Port Authority for Port 80 only allows website cargo to arrive if the cargo ship has a document, signed by your computer, saying that it specifically requested this cargo.


However! If you are trying to host a game server, then other people need to be able to open new connections to your computer. They need to be able to show up at your harbor and be accepted, even if the port authority didn't know about them in advance. Of course, you only want to open one port, the port which DMB uses.

Your firewall is like the actual port authority. However, your router is like Ellis Island: it filters out traffic before it even reaches your computer, based on what port that traffic is bound for and whether they have signed documents stating that your computer actually requested that cargo. Both your firewall and your router's firewall work exactly the same way, except that your router also manages the traffic for all of the other computers on your network as well.

So if you want to open the port which DMB uses, you not only have to make an exception in the router's firewall for that port (not sure which one), but you also need to specifically tell the router that traffic coming for this port should be send to your computer. Otherwise it won't know what to do with it. Some routers allow you to set this up based on your computers' MAC address: i.e. "Send all incoming Port 80 traffic to the computer with such-and-such MAC address". This is called port forwarding, because it's literally forwarding all of the traffic which arrives at a given port to your computer.

Hope this explanation helps!

This wont let hackers into my system right?

Link to comment
Share on other sites
  • 2 weeks later...
technicalfool

technicalfool

Posted
Posted
On 07/08/2016 at 3:32 AM, InfiniteAtom said:

What does making my router DMZ mean and how do I do it?

You don't "make the router a DMZ" so much as "put a machine on your network into the DMZ".

If your router has a DMZ feature, you can pick a machine on your network and place it into the DMZ. It means that the machine is outside of the firewall (and consequently, no longer protected by it). As I recall, it will also place that machine on the other side of the NAT that most home routers use for sharing a single IP address amongst multiple machines.

 

tl;dr: It makes hosting a server on your network a lot easier, but shouldn't be done unless there's no other way of getting people on the Internet to see your machine.

Link to comment
Share on other sites
  • 2 weeks later...
JohnWittle

JohnWittle

Posted
Posted
On 8/24/2016 at 5:02 PM, InfiniteAtom said:

This wont let hackers into my system right?

Only if the specific port you are opening is associated with an application which is vulnerable. For instance, if you open port 80 (to let apache or nginx or some such serve webpages), and then run, say, Wordpress, then it is possible that some exploit exists for the current version of Wordpress which allows people to get into your system.

Link to comment
Share on other sites
InfiniteAtom

InfiniteAtom

Posted
  • Author
Posted
On 9/14/2016 at 8:56 PM, JohnWittle said:

Only if the specific port you are opening is associated with an application which is vulnerable. For instance, if you open port 80 (to let apache or nginx or some such serve webpages), and then run, say, Wordpress, then it is possible that some exploit exists for the current version of Wordpress which allows people to get into your system.

Ok. Got it. So, I am still having issues when people try to connect.

On 9/14/2016 at 8:56 PM, JohnWittle said:

Only if the specific port you are opening is associated with an application which is vulnerable. For instance, if you open port 80 (to let apache or nginx or some such serve webpages), and then run, say, Wordpress, then it is possible that some exploit exists for the current version of Wordpress which allows people to get into your system.

Should I try it with just the DMP mod?

On 9/4/2016 at 10:19 PM, technicalfool said:

You don't "make the router a DMZ" so much as "put a machine on your network into the DMZ".

If your router has a DMZ feature, you can pick a machine on your network and place it into the DMZ. It means that the machine is outside of the firewall (and consequently, no longer protected by it). As I recall, it will also place that machine on the other side of the NAT that most home routers use for sharing a single IP address amongst multiple machines.

 

tl;dr: It makes hosting a server on your network a lot easier, but shouldn't be done unless there's no other way of getting people on the Internet to see your machine.

If I do this will it make the router not usable for normal internet usage?

Link to comment
Share on other sites
JohnWittle

JohnWittle

Posted
Posted

You say you are still having problems when people try to connect; what exactly is the problem? Do they get a "timeout" error, or a "connection refused" error, or something else? If the first, it means they literally *cannot connect* to your computer. If the latter, it means that they *can* connect, but that the connection is getting refused. If you set up port forwarding on your router, then the connection is probably getting refused at your *computer*. (In keeping with the "ocean port" analogy above, if you are the President and you go out to Ellis Island and say "anybody coming from France should be let in immediately, no questions asked, even if they don't have their papers", then some Frenchmen come to Ellis Island and get sent to Manhattan because you "forwarded" the port to "manhattan" [your computer], but you forgot to let the Manhattan port authority [your *computer*'s, as opposed to your *router*'s, firewall] know about the arrangement wrt Frenchmen, so they get rejected.)

If you are on a Windows machine, your firewall is called "Windows Firewall". You will want to open it (start menu, type "windows firewall"), go to "Advanced Settings", go to "Inbound Rules", click "Port" (rather than Program, since Windows probably doesn't know about DMB you must select the port instead), then type in the Port which DMB uses (not sure, probably in DMB documentation), then click "Allow" or "Enable" or whatever.

You have to make sure the incoming traffic can get past *both* your router *and* your computer's firewall!

This is why people rent servers and hosting services, rather than try to run websites and things on their home computer. It is a pain in the butt. Sometimes your ISP won't even allow incoming traffic to reach you at all, so that you'll have to buy *their* hosting service. You might check on your ISP's policy with regarding to hosting services.

Link to comment
Share on other sites
This thread is quite old. Please consider starting a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...