[cod] CoD and my struggle with NAT

Steven Hartland steven at multiplay.co.uk
Wed Jan 7 05:40:39 EST 2004

Did you try this:
Had a flash of inspiration this morning I think the following might just

If we have this picture:
NAT box: internal, external
Server: internal
Client: internal

If we change this to:
NAT box: internal, external
Server: internal, fake (alias)
Client: internal, fake (alias)

And then force the client to connect to the server on the ip reported
in the packet sent to the master will be the ip of the NAT ( and hence
if port forwarding is setup correctly the auth packet will be forwarded
to the client on and it will all just work.

Adding the 1.1.1.X aliases to the internal machines wont affect connectivity
as they have no routes to the outside world so all external connectivity
will be done via the NAT'ed addresses.

I cant test this here as I don't have NAT but Im pretty confident it will work.

    Steve / K
----- Original Message ----- 
From: <cod at kaleplek.net>
To: <cod at icculus.org>
Sent: Wednesday, January 07, 2004 12:30 PM
Subject: [cod] CoD and my struggle with NAT

> Hi all here am back again with more news.... Yes I'm still not stopped
> debugging... ;-)
> A little update after asking Actvision for some help and all the good
> ideas here (thanks for that) I went to a couple of friends of mine who are
> a lot more Linux/Network goeroes then I am and the have looked at it and
> came with an answer that was a little bit shocking for me. The answer was
> now I no for sure I am screwed. ;-)
> The gave a little push in the following direction. Activision made a
> mistake to not make the server NAT/Firewall/Multihome aware this is an
> issue that was already on the internet in games like Diablo etc. where
> they fixed it (I really don't know how).
> My friends said this method that activision used is a lot better then the
> Method of EA because in the actvision method the server owner doesn't get
> the cd-keys in and can't steal them (See a post of me a while back). But
> this method also brings some problem (DUHHHHH). A fix would be that it is
> possible on the server to config it and say if you use a NAT/Firewall with
> a private address like 10.5.x.x/192.168.x.x etc. etc. to give you an
> opportunity to give an other address in a config file (public address) the
> will use to auth by activision. This method is like a proxy so activision
> should create a little proxy in there server for nat etc.
> We all came to the conclusion when the hype is gone the came will die
> because the private range users who want to play it will not be able to do
> so.
> So is there a way I can connect to activision or talk to somebody who
> build the linux binary version who can help me with this problem. Please
> Please help my server is going up in the list and is full every day now,
> and in this way also I have to stop it because I like to host if I can be
> a part of it. ;-)
> So please who can get me in contact with one of those guys or are they in
> this mailing group?????
> Regards
> Quint
> Boy_One

This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. 

In the event of misdirection, illegible or incomplete transmission please telephone (023) 8024 3137
or return the E.mail to postmaster at multiplay.co.uk.

More information about the Cod mailing list