Linux Pinging the Linx server caused extremely high latency for all players on the server

Blue mame

Blue mame

Refugee
Version
V2.6
Platform
Linux
Method to reproduce the content: Start a 7dtd server on a Linux system and continuously accept tcping packets. Connect to the network through the TCP server port, limit the total matching traffic and close the port, causing all players to be disconnected from that port for seven days.
 
Reproduction Steps
On a Linux system, start a 7dtd server and continuously ping the server's IP address and port.
Link to Logs
https://pastebin.com/xwfgjD9k
Link to Screenshot/Video
https://pastebin.com/xwfgjD9k
What an interesting denial of service attack. I had to look up a few things to fully understand it as tcping is different than just a typical ICMP ping. This looks like a nasty problem to try and solve in the server software other than trying to find some kind of timer value maybe. Have you considered a firewall that limits connection attempts from a single IP?
 
zztong said:
What an interesting denial of service attack. I had to look up a few things to fully understand it as tcping is different than just a typical ICMP ping. This looks like a nasty problem to try and solve in the server software other than trying to find some kind of timer value maybe. Have you considered a firewall that limits connection attempts from a single IP?
Click to expand...
Might need some kind of firewall policy? But this problem only exists on Linux systems, whereas there is no issue on Windows systems. I have tested Linux servers from multiple providers and found that this only happens on Linux.
 
Blue mame said:
Might need some kind of firewall policy? But this problem only exists on Linux systems, whereas there is no issue on Windows systems. I have tested Linux servers from multiple providers and found that this only happens on Linux.
Click to expand...

That's what I was thinking. Perhaps the Windows firewall already has such a rule by default. I mean, the game must accept connections. It's a matter of how quickly it should shed a connection that isn't doing anything. Shed it too quickly and you start dropping players with bad connections. Shed it too slowly and you get what you're seeing. Or at least that how I understand the issue.
 
zztong said:
That's what I was thinking. Perhaps the Windows firewall already has such a rule by default. I mean, the game must accept connections. It's a matter of how quickly it should shed a connection that isn't doing anything. Shed it too quickly and you start dropping players with bad connections. Shed it too slowly and you get what you're seeing. Or at least that how I understand the issue.
Click to expand...
This can directly cause the server to enter a dead loop. As you can see in the video, I still maintained such a high latency for the next 3 minutes. If I don't restart the server, I won't be able to get rid of it. However, this situation won't occur in Windows. The server has already crashed, and even attacking Linux servers like this is completely cost-effective. Let me see if TFP has a solution to this problem
 
Hey All,

Thank you for taking the time to report this.

I added a ticket to our bug-tracking software for this so that the networking developers can investigate what is happening and determine the best course of action.

Thanks,
Dollie
 
You must log in or register to reply here.
Back
Top