I am using TCP/UDP proxy service to protect my server and encountered the TCP/UDP IP not matching problem.
Discard UDP packet from ..., reason: Sender UDP Port doesn't match current session port: X != Y
So I set allowClientUdpPortChanges to true as suggested by the forum post:
viewtopic.php?p=87135#p87135
But set that setting to true did not help. I still see the Discard UDP packet message.
The server version is 2.17.
Please advise! Thanks!
set allowClientUdpPortChanges to true has no effect
Re: set allowClientUdpPortChanges to true has no effect
Hi,
I think the problem is the Proxy server. With UDP the proxy masks the sender's IP and there's no way for the server to validate the authenticity of the request.
Cheers
I think the problem is the Proxy server. With UDP the proxy masks the sender's IP and there's no way for the server to validate the authenticity of the request.
Cheers
Re: set allowClientUdpPortChanges to true has no effect
But I thought by setting allowClientUdpPortChanges to true the server does not try to validate the authenticity of the request.
"This is basically telling the server to ignore client UDP port changes at the cost of reducing security" This was what you suggested from the post mentioned previously.
"This is basically telling the server to ignore client UDP port changes at the cost of reducing security" This was what you suggested from the post mentioned previously.
Re: set allowClientUdpPortChanges to true has no effect
Yes. it accepts requests coming from a port number that is different from the original port that was used to initialize the protocol.
However the Proxy Server also masks the sender's IP address, so all incoming connections now look like they are coming from the same IP address, which is an issue for the server's UDP internal consistency / validation.
Sorry
However the Proxy Server also masks the sender's IP address, so all incoming connections now look like they are coming from the same IP address, which is an issue for the server's UDP internal consistency / validation.
Sorry
Re: set allowClientUdpPortChanges to true has no effect
My bad!
The error message is actually Discard UDP packet from ..., reason: Sender UDP IP doesn't match current session IP: X != Y
It is IP mismatch.
If putting Smart fox server behind proxy services is not possible how do we protect the production server from DDOS? By the way TCP connection works fine behind proxy services such as GCP global TCP Load Balancer.
The error message is actually Discard UDP packet from ..., reason: Sender UDP IP doesn't match current session IP: X != Y
It is IP mismatch.
If putting Smart fox server behind proxy services is not possible how do we protect the production server from DDOS? By the way TCP connection works fine behind proxy services such as GCP global TCP Load Balancer.
Re: set allowClientUdpPortChanges to true has no effect
No problem.
Yes the problem is essentially with UDP only. TCP should not be an issue.
If your server needs to stay behind a Proxy server I would recommend switching your UDP calls back to TCP and everything should work fine.
Cheers
If putting Smart fox server behind proxy services is not possible how do we protect the production server from DDOS? By the way TCP connection works fine behind proxy services such as GCP global TCP Load Balancer.
Yes the problem is essentially with UDP only. TCP should not be an issue.
If your server needs to stay behind a Proxy server I would recommend switching your UDP calls back to TCP and everything should work fine.
Cheers
Who is online
Users browsing this forum: No registered users and 128 guests