Page 1 of 1

Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Wed May 10, 2017 6:01 am
by kaizokuroof
Hi All,

First time post here. Did a few google searches, but was unable to find a fix for my issue. I've been hosting game servers for various indie games a while now, so I'm pretty familiar with a standard home port forward.
However, I've recently turned one of my own old PC's into a PFsense router/firewall. It's going alright, I've setup some NAT/Firewall rules to allow the UDP port for 34179 (Standard port) and I'm piping it through to my servers address, however, when I launch my game as a client/server (for testing, the idea is to have it headless), I'm told that the game cannot get my external IP address.
I've had my co-workers go over my NAT rules to make sure they're right. Am I missing a port, are any of you able to point me in the right direction. I can see in the logs it's getting my correct IP address.

Code: Select all

0.001 2017-05-10 15:39:58; Factorio 0.15.9 (build 29504, win64, steam)
   0.001 Operating system: Windows 10 (version 1607) 
   0.001 Program arguments: "E:\SteamLibrary\steamapps\common\Factorio\bin\x64\Factorio.exe" 
   0.001 Read data path: E:/SteamLibrary/steamapps/common/Factorio/data
   0.001 Write data path: C:/Users/CaptainFlacon/AppData/Roaming/Factorio
   0.001 Binaries path: E:/SteamLibrary/steamapps/common/Factorio/bin
   0.008 System info: [CPU: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz, 8 cores, RAM: 16324MB]
   0.009 Display options: [FullScreen: 0] [VSync: 0] [UIScale: 100%] [MultiSampling: OFF] [Screen: 255]
   0.012 Available display adapters: 1
   0.013  [0]: \\.\DISPLAY1 - Radeon (TM) RX 480 Graphics {0x80000, no details}
   0.013  [1]: \\.\DISPLAY2 - Radeon (TM) RX 480 Graphics {0x80005, [0,0], 1920x1080, 32bit, 59Hz}
   0.013 Create display on adapter 0. Size 1280x720 at position [310, 162].
   0.074 Initialised Direct3D:[0] Radeon (TM) RX 480 Graphics; driver: aticfx64.dll 21.19.407.0
   0.078     Video memory size (dedicated video/dedicated system/shared system/available): 8140/0/8162/4092 MB
   0.133 DSound: Starting _dsound_update thread
   0.133 DSound: Enter _dsound_update; tid=8032
   0.133 Device reset internal.
   0.137 Desktop composition is active.
   0.137 Graphics settings preset: very-high
   0.137 Graphics options: [Graphics quality: normal] [Video memory usage: high] [Light scale: 25%] [DXT: false]
   0.202 Loading mod core 0.0.0 (data.lua)
   0.209 Loading mod base 0.15.9 (data.lua)
   0.299 Loading mod base 0.15.9 (data-updates.lua)
   0.355 Checksum for core: 3409166051
   0.355 Checksum of base: 3769930138
   0.458 Info PlayerData.cpp:55: Local player-data.json available, timestamp 1494394793
   0.458 Info PlayerData.cpp:60: Cloud player-data.json available, timestamp 1494168051
   0.533 Loaded shader file E:/SteamLibrary/steamapps/common/Factorio/data/core/graphics/shaders/game.cso
   0.533 Loaded shader file E:/SteamLibrary/steamapps/common/Factorio/data/core/graphics/shaders/zoom-to-world.cso
   0.543 Initial atlas bitmap size is 16384
   0.545 Created atlas bitmap 16384x7691
   0.545 Created atlas bitmap 4096x1860
   0.545 Created atlas bitmap 4096x3648
  14.746 Sprites loaded
  14.746 Convert atlas 4096x1860 to: trilinear-filtering 
  14.772 Convert atlas 4096x3648 to: mipmap 
  14.908 Loading sounds...
  16.727 Custom inputs active: 0
  16.759 Factorio initialised
  57.111 Info ServerSynchronizer.cpp:27: nextHeartbeatSequenceNumber(0) initialized Synchronizer nextTickClosureTick(0).
  57.111 Info ServerMultiplayerManager.cpp:663: mapTick(-1) changing state from(Ready) to(PreparedToHostGame)
  57.111 Info ServerMultiplayerManager.cpp:663: mapTick(-1) changing state from(PreparedToHostGame) to(CreatingGame)
  57.111 Loading Level.dat: 990496 bytes.
  57.111 Info Scenario.cpp:133: Map version 0.15.9-0
  57.153 Checksum for script C:/Users/CaptainFlacon/AppData/Roaming/Factorio/temp/currently-playing/control.lua: 76911248
  57.155 Info UDPSocket.cpp:27: Opening socket at (0.0.0.0:34197)
  57.156 Hosting game at 0.0.0.0:34197
  57.156 Info HttpSharedState.cpp:44: Downloading https://auth.factorio.com/generate-server-padlock
  58.370 Info HttpSharedState.cpp:111: Status code: 200
  58.370 Info AuthServerConnector.cpp:106: Obtained serverPadlock for serverHash (Qm373Zl2niLmoCvneq8bWbEa3pk9vuq3) from the auth server.
  58.370 Info ServerMultiplayerManager.cpp:663: mapTick(0) changing state from(CreatingGame) to(InGame)
  58.370 Info ServerRouter.cpp:581: Asking pingpong servers (pingpong1.factorio.com:34197, pingpong2.factorio.com:34197) for own address
  58.371 Info UDPSocket.cpp:39: Opening socket for broadcast
  58.373 Info GameActionHandler.cpp:3243: MapTick (0) processed PlayerJoinGame peerID(0) playerIndex(0) mode(create ) 
  59.663 Warning ServerMultiplayerManager.cpp:556: Determining own address has failed. Best guess: 180.181.116.99:34197
  59.713 Info UnparsedNetworkMessage.cpp:87: Invalid packet (type GetOwnAddressReply) received from 139.162.150.14:34197: unexpected confirmation number
  59.713 Info UnparsedNetworkMessage.cpp:98: Message data: 09 af 52 14 00 00 00 31 38 30 2e 31 38 31 2e 31 31 36 2e 39 39 3a 33 34 31 39 37
  60.646 Info ServerMultiplayerManager.cpp:592: Matching server connection resumed
EDIT:

So after I posted this - I realised I was using both IPv6 and v4 on my pfsense WAN interface. I stopped this, because lets face it, Ipv6 blows and I was able to launch the game without the error. I had setup a DMZ to allow everything (which I turned off) and setup the NAT/Firewall rules. Now when I try to host, I'm getting 0.0.0.0:34197 on the Best Guest... Anymore idea?

Re: Hosting server - windows [HALP]

Posted: Wed May 10, 2017 2:44 pm
by Caennanu
Hello kaizo!

since you added an edit, did you edit the log file as well? i can't determine.
i know little of what you are talking about, but since you changed ip settings, might it be that the server file is configured for another ip address than the ip that is actually assigned?

what leads me to think this is the following:
180.181.116.99:34197 for best guess, but an answer to 139.162.150.14:34197.
this ip address leads to factorio itsself while it should be your own external ip adress (atleast it is on my server).

Re: Hosting server - windows [HALP]

Posted: Thu May 11, 2017 12:29 am
by kaizokuroof
Hi Friendo,

Thanks for responding!
Caennanu wrote: since you added an edit, did you edit the log file as well?
I did not, it's virtually the same log file, however please see below for change:
NewLogFile
More specifically, I believe this is the issue:
More Spec
I know now the issue is with my firewall, but I'm not sure where. It seems it's jumbling the ports for some reason, but I don't know of any features. I did read someone else on the forums had similar issues, but they solved it by resetting their modem/router, which I've done.
Caennanu wrote: what leads me to think this is the following:
180.181.116.99:34197 for best guess, but an answer to 139.162.150.14:34197.
this ip address leads to factorio itsself while it should be your own external ip adress (atleast it is on my server).
Forgive me, I don't quite get what you mean. Are you saying the Answer should be from my IP address and not the unknown 139 addy?

Further to all of this, I should mention users can direct connect to my public address and on my lan. It just won't talk with the factorio matchmaking system I guess.
I will also note that my config.ini, located in my appdata, port setting is 34197.
This is actually all a precursor, I do want to host a debian linux box and host a headless server, but I'd like to get my rules running on my windows machine, with GUI for easy troubleshooting at the moment.

@@@@@@@@@@@@@@@@@@@@@@@@@

EDIT MORE INFORMATION!!!

Here is my latest log, and below are my firewall rules.
Latest Log



Port Forward Rule
Netstat -a while game running

Re: Hosting server - windows [HALP]

Posted: Thu May 11, 2017 8:54 am
by kaizokuroof
Hello!

I fixed it. Apparently there is this super cool feature that randomises ports on PFsense, and other routers/firewall systems, that screw certain applications up. Things like VPN and such, which also extends to games.

I created an Outbound NAT rule, which keeps my server on a static port map, meaning if I'm sending out a packet with port 34179, it keeps the source/destination the same. Wow such a headache, but I guess I learned something new! Hopefully if anyone else has issues with PFsense/Randomising ports, this long winder tripple post from a man bashing his skull against the wall will help!

Happy factorio-ing! Hope to see you on my server soon ;)

@@@@@@@@@

Wow, okay so my server is listed in the Public server list but people cannot connect. ;_________; Connection refused by server or some such. But I've had enough for today :(

Re: Hosting server - windows [HALP]

Posted: Tue May 16, 2017 11:29 am
by Caennanu
shouldn;t it be port 34197? maybe its the nat rules.
maybe you made a typo there too :)

Re: Hosting server - windows [HALP]

Posted: Wed May 17, 2017 2:48 am
by kaizokuroof
Caennanu wrote:shouldn;t it be port 34197? maybe its the nat rules.
maybe you made a typo there too :)
Hi,

Thanks for your responses. No, default configs. It was the port randomisation causing issues. My rules are correct and the server is now up and running. I forgot to update the post though. The people couldn't connect, because if you're behind a firewall, using NAT, you need to local connect via lan. Those outside of my network can connect fine. I've got a dynamic IP address, so my next step is loading a auto updating DNS, which appears to be working also.

Thanks again for your help, I'll mark the thread as soived!

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Sun May 21, 2017 11:15 am
by Daneel_
As a fellow pfSense user, this had me grinding my teeth for an hour or so. Finally found this thread and fixed the outbound NAT.

Completely fixed the issue, thanks for posting about it and helping others out.

For what it's worth you need to turn on Hybrid Outbound NAT on the outbound NAT tab (Firewall / NAT / Outbound) for the static mapped port to work. Screenshot of how I have it set up below (do step 1 then 2):
2017-05-21_21-03-26.png
2017-05-21_21-03-26.png (230.51 KiB) Viewed 14467 times
Lastly, some searchable text for other users to find this post:
factorio headless server udp issues NAT can't connect pfsense firewall open
udp Invalid packet (type GetOwnAddressReply)
unexpected confirmation number

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Sat Jun 10, 2017 7:52 am
by shraik
factorio not support rfc6056 ?

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Sat Jun 10, 2017 10:54 am
by mexmer
shraik wrote:factorio not support rfc6056 ?
it's not problem of factorio, but NAT/firewall.

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Fri Jan 28, 2022 10:55 pm
by MakCuber
2022 update, had the exact same issue after moving my router to pfsense.

I have a double NAT situation where my homeserver is under a guest network created by my ISP modem. I set up port forwarding for 34197 on the modem and pfsense, confirmed in Factorio I could connect to my server via my public IP, guest IP, and home server IP, but still the pingpong server was failing in the factorio server logs. Finally got it working properly thanks to the screenshots in this thread by setting up the Outbound NAT rule in pfsense

Thanks to everything that put this info together!

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Mon Nov 04, 2024 11:50 pm
by AreYouScared
Daneel_ wrote: Sun May 21, 2017 11:15 am As a fellow pfSense user, this had me grinding my teeth for an hour or so. Finally found this thread and fixed the outbound NAT.

Completely fixed the issue, thanks for posting about it and helping others out.

For what it's worth you need to turn on Hybrid Outbound NAT on the outbound NAT tab (Firewall / NAT / Outbound) for the static mapped port to work. Screenshot of how I have it set up below (do step 1 then 2):

2017-05-21_21-03-26.png

Lastly, some searchable text for other users to find this post:
factorio headless server udp issues NAT can't connect pfsense firewall open
udp Invalid packet (type GetOwnAddressReply)
unexpected confirmation number

For the life of me i cannot figure this out... Using OPNSense, Basically pfSense...
Below is what i have..

I still get
Determining own address has failed. Best guess: and Received own address message reply with conflicting address
11-04-2024, 18-49-37.png
11-04-2024, 18-49-37.png (23.04 KiB) Viewed 271 times
11-04-2024, 18-47-07.png
11-04-2024, 18-47-07.png (50.55 KiB) Viewed 271 times

Re: Hosting server - Linux/Windows [SOLVED] (Port Randomisation)

Posted: Mon Nov 18, 2024 6:31 am
by Daneel_
AreYouScared wrote: Mon Nov 04, 2024 11:50 pm
Daneel_ wrote: Sun May 21, 2017 11:15 am As a fellow pfSense user, this had me grinding my teeth for an hour or so. Finally found this thread and fixed the outbound NAT.

Completely fixed the issue, thanks for posting about it and helping others out.

For what it's worth you need to turn on Hybrid Outbound NAT on the outbound NAT tab (Firewall / NAT / Outbound) for the static mapped port to work. Screenshot of how I have it set up below (do step 1 then 2):

2017-05-21_21-03-26.png

Lastly, some searchable text for other users to find this post:
factorio headless server udp issues NAT can't connect pfsense firewall open
udp Invalid packet (type GetOwnAddressReply)
unexpected confirmation number

For the life of me i cannot figure this out... Using OPNSense, Basically pfSense...
Below is what i have..

I still get
Determining own address has failed. Best guess: and Received own address message reply with conflicting address
11-04-2024, 18-49-37.png
11-04-2024, 18-47-07.png
Do you have the outbound NAT type set to Hybrid? If it's Automatic (the default) then it won't work correctly. The 34197 NAT should be the only one you need - that's all I have and it works correctly, and it looks correct based on your first screenshot. You've included the screenshot for a second port (34198? For a second server?) that seems to be doing something where it keeps the interface IP instead of using the WAN address (you do want to use the WAN address though).

I believe on OPNsense you need to go to Firewall --> NAT --> Outbound to see the setting.