• vort3
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    If you are good with all of this stuff, can you tell me if usijg bore relays traffic or creates some kind of direct (P2P?) connection between devices?

    I have a device without public IP, AFAIK behind NAT, and a server. If I use bore to open a port through my server and host a game, and my friends connect to me via IP, will we have big ping (as in, do packets travel to the server first, then to me) or low ping (as in, do packets travel straight to me)?

    In other words, is bore good to play with friends when games use a method if connection via IP when you have a server with public IP, but host a game on your local device without public IP?

    We are currently using yggdrasil for this and connect via «local» IPv6.

    • Arthur BesseA
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      I have a device without public IP, AFAIK behind NAT, and a server. If I use bore to open a port through my server and host a game, and my friends connect to me via IP, will we have big ping (as in, do packets travel to the server first, then to me) or low ping (as in, do packets travel straight to me)?

      No, you will have “big ping”. bore (and everything on that page i linked) is strictly for tunneling which means all packets are going through the tunnel server.

      Instead of tunneling, you can try various forms of hole punching for NAT traversal which, depending on the NAT implementation, will work sometimes to have a direct connection between users. You can use something like tailscale (and if you want to run your own server, headscale) which will try its best to punch a hole for a p2p connection and will only fall back to relaying through a server if absolutely necessary.

      • vort3
        link
        fedilink
        arrow-up
        1
        ·
        6 months ago

        Thanks.

        I do have wireguard on my server as well, I guess it’s similar to what tailscale does?

        Too bad my friends from Russia can’t connect to me, it might be because we are doing something wrong, but most likely wiregueard is somehow (DPI?) blocked in Russia.

        I can connect to my own wireguard, it routes all my traffic and I can access any blocked sites, as well as access other people via «local» IPs over wireguard. I think this uses NAT traversal and we exchange data directly over wireguard. But somehow some friens are not able to use that.

        Do you know if Yggdrasil does something similar and if we exchange data directly when playing over Yggdrasil virtual IPv6 network?

        • Arthur BesseA
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          6 months ago

          I do have wireguard on my server as well, I guess it’s similar to what tailscale does?

          Tailscale uses wireguard but adds a coordination server to manage peers and facilitate NAT traversal (directly when possible, and via a intermediary server when it isn’t).

          If your NAT gateway isn’t rewriting source port numbers it is sometimes possible to make wireguard punch through NAT on its own if both peers configure endpoints for eachother and turn on keepalives.

          Do you know if Yggdrasil does something similar and if we exchange data directly when playing over Yggdrasil virtual IPv6 network?

          From this FAQ it sounds like yggdrasil does not attempt to do any kind of NAT traversal so two hosts can only be peers if at least one of them has an open port. I don’t know much about yggdrasil but from this FAQ answer it sounds like it runs over TCP (so using TCP applications means two layers of TCP) which is not going to be conducive to a good gaming experience.

          Samy Kamkar’s amazing pwnat tool might be of interest to you.

          • vort3
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            Oh, I have found pwnat before, but it’s not available for windows, also most people say that it doesn’t work anymore because most routers patched the behavior that made it work IIRC.

            What’s the easy way to know if two peers are directly connected without measuring ping time and guessing?