Wireguard and client dont work

[Lice2]

Have you read the Important information text above

• [X] Yes i did

Current behavior

I support a Vserver at ionos and have a Wireguard server running there. I forwarded the ports to my client. The client ip is 10.0.0.3 Only now I have the problem that it doesn't address 10.0.0.3 but the server where the Wireguard server is running. So the IP that is directly on the Internet. I've already tried docker run -i -t --rm --network host -v $(pwd)/steamcmd:/steamcmd -v $(pwd)/game:/sonsoftheforest --name sons-of-the....... that it takes the IP settings from my client. But he always wants the IP from the main server at ionos. I need help with that. Kind regards, Patrick

Desired behavior

the dedicated server runs perfectly. It's just that it can't be reached from outside

Links to screenshots

No response

To Reproduce

Steps to reproduce the behavior:

1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error the dedicated server runs perfectly. It's just that it can't be reached from outside

Software setup

• OS: ubuntu 20.04 Desktop
• Docker: Docker version 25.0.3, build 4debf41

Hardware setup

• vCPU: Intel 8 Cores
• RAM: 32gb
• Disk: 512GB

Additional context

I support a Vserver at ionos and have a Wireguard server running there. I forwarded the ports to my client. The client ip is 10.0.0.3 Only now I have the problem that it doesn't address 10.0.0.3 but the server where the Wireguard server is running. So the IP that is directly on the Internet. I've already tried docker run -i -t --rm --network host -v $(pwd)/steamcmd:/steamcmd -v $(pwd)/game:/sonsoftheforest --name sons-of-the....... that it takes the IP settings from my client. But he always wants the IP from the main server at ionos. I need help with that. Kind regards, Patrick

[jammsen]

Hey @Lice2 - Im providing a docker-image here and support most questions regarding that image and maybe problems with it. But im not doing a Networking or VPN Master-class here, not sure on how to help you and what you expect here?!

[Lice2]

Ok, but still thank you for the reply.

[jammsen]

Hope you get this figured out, sorry im not versed in that.

[gitzec]

from my point of view it just does not make any sense what you are up to...

[Lice2]

@gitzec OK and what would make sense from your point of view? I'm just trying to make sure the server is accessible from outside. And I assumed that when Docker is in host mode it can access the shared ports. And without host mode I have the ip 172.17.0.3. I just need help with how the server accesses 10.0.0.3 and not directly to the IP on Ionos.

[gitzec]

This request seems to be way out of scope as it mixes many things like: server hosting, virtualization, container services, vpn, undefined clients, private/public ipv4 networks, port forwarding, ...

Thoughts... ... hmmm... his server is hosted at ionos... i guess... because he wrote "i support"... mabe he means that he has created the vm or - because of the specs - rented a bare metal... which should be great as ionos servers usually can have a public ip.... and, if the firewall of the host machine is configured to do so, the connection attempts should reach the host... if docker runs on this host and has set the ports section in the docker compose correctly, the connection attempts to the host at given ports should be nat-ed into the container... but, why is he talking about wireguard... a vpn client/server...? which adapter owns the given private ip 10.0.0.3...? and what is the client he mentioned... his gaming pc?

honestly, your english is hard to understand for me. maybe use your native language and use copilot to translate.

[Lice2]

I operate a Wireguard server at ionos. And the Sons of the Forest server is at my home on a small Ubuntu server where the Wiregaurd client is running. I also have other dedicated servers on my Ubuntu server that are also accessible from outside, e.g. Minecraft , factorio , 7days to die ... And my client here at home where the Sons of the Forest Dedicatet server should be running has the ip 10.0.0.3 through wiregaurd. And for this I have forwarded all ports. So from the Ionos Wireguard server to my Ubuntu server here at home.

[gitzec]

thanks, this sheds some light into the situation.

so, this is your setup, right?

1. you rented a bare metal server located at an ionos location
2. it has a public ip which can be reached from the internet
3. you opened the udp ports needed by sotf in your host's firewall: 8766 (GamePort), 27016 (QueryPort), 9700 (BlobSyncPort)
4. you have a wireguard server running which accepts connections on these ports
5. your wireguard client at home is connected to the wg server
6. the wg server forwards the ports to the wg client
7. you have the sotf server running at your client, it starts up without any errors and is vidible in the ingame server browser
8. the sotf server uses the three ports and is bound to the adapter of the wg client
9. you should now be able to join your server using the public ip of your server on port 8766

if this is the setup: please describe the error messages you see and which service is sending it.

[gitzec]

and... just to clarify... all questions should be directed to the respective support areas of the respective application... if the image is up and running in a container, the support of this repo usually ends.

[Lice2]

Up to this point. You have run the Sotf server on your client, it only starts without errors and is visible in the browser of the ingame server if I set the network check to true in the dedicatet.txt of the Sotf server, i.e. that it should skip the network check. If I ignore the network check then the server starts. The problem is that the server runs in Docker and has the IP 172.17.0.3 and my Wiregaurd client 10.0.0.3. The ports 8766 27016 9700 are all forwarded to the address 10.0.0.3. That's why I tried to start the Docker with -network host. Since this supposedly accesses the host network. This is my problem at the moment. I should somehow tell the Docker to use the 3 ports on 10.0.0.3. As already written the other servers I have running here on my Wireguard client also work and are accessible from the outside. My problem at the moment is the Docker ip. I suspect . But thank you very much for the help.

[gitzec]

in your case you must turn off network detection in sotf.

inside docker-compose.yml you see:

...
    image: jammsen/sons-of-the-forest-dedicated-server
    ports:
      - "8766:8766/udp"
      - "27016:27016/udp"
      - "9700:9700/udp"
...

this means: the ports 8766, 27016 and 9700 are opened on your docker host (10.0.0.3). it then forwards packets for this ports inside the docker subnet to the sotf container (172.17.0.3).

there should be no need for any special docker network configs.

🔎

1. check if the firewall of the wg server is open for the ports.
2. check if the firewall of your docker host on your client is open for the ports.
3. check if other game servers already use one or more of the three ports.
4. check logs of the container for anything related to ports.
5. check wg server logs for errors.
6. check wg client logs for errors.

a useful linux command to check if ports are open and by which service: sudo netstat -ltunp

[Lice2]

But the Ok well I thought that I have to forward the ports to the Docker ip. So it works now. In the Dedicated.txt I have to set to Lan Only. Now it can work. You just have to connect directly to my server. But that is exactly what I wanted.

Thank you very much for the help !!!!!!