search

mschnitzer / ark-survival-ascended-linux-container-image

A docker/podman container that is able to run an ARK: Survival Ascended on a Linux host.
92 stars 17 forks source link

How does registering to the in-game browser work? #18

Closed onelumin closed 1 year ago

onelumin commented 1 year ago

I got the container up and running but since I am running docker inside a virtual machine I forwarded ports 7777 and 27020 into the primary interface and allowed all outgoing connections via NAT forwarding. Unfortunately I still cant see my server number via the in-game browser. I double checked with netcat that 7777udp and 27020tcp are available in the vm where docker is sitting so I am wondering if there is any other port or interface that is needed to register the server. I am clueless about how the actual registration process works and which ports it needs to talk on though so if someone could shed some light onto this it would be very helpful.

mschnitzer commented 1 year ago

The server should announce itself to the master once it is started. How long did you wait before you checked the server browser?

I need more details of your setup. Is your setup running in the cloud or in your home network with a router in between?

How does the VM get access to the internet? (e.g. vMAC's through macvtap?)

Where did you configure what to forward ports? In general you should avoid messing with iptables when using docker, as docker is opening ports for you and configure iptables properly. This can otherwise lead to messy situations or where you just following the README from me where I explained the multiple IPv4 setup?

DarkVentHead commented 1 year ago

I got the container up and running but since I am running docker inside a virtual machine I forwarded ports 7777 and 27020 into the primary interface and allowed all outgoing connections via NAT forwarding. Unfortunately I still cant see my server number via the in-game browser. I double checked with netcat that 7777udp and 27020tcp are available in the vm where docker is sitting so I am wondering if there is any other port or interface that is needed to register the server. I am clueless about how the actual registration process works and which ports it needs to talk on though so if someone could shed some light onto this it would be very helpful.

Question: Have you tried opening ark from OUTSIDE your network, opening the console key (tilde `) and typing in "open x.x.x.x:7777" with x.x.x.x being your external ip. If this doesn't work. Something port wise isn't set up properly either with your ISP or your local setup / router / nat forwarding. If this doesn't work. There won't be any way for the ark server to reach out and add itself to the game browser in the first place.

Minor Questions: Are you sure you aren't double NATed? What type of network is in front of the vm that NAT forwarding is required?

mschnitzer commented 1 year ago

@onelumin has your problem been solved?

onelumin commented 1 year ago

@mschnitzer We just ended up connecting via the open command since I still could not get it to show up on the server browser. It works fine so I don't have too much motivation to dig deeper.

In case this is interesting to anyone else though, my setup is a arch linux host runing a virtio qemu arch linux guest with libvirt NAT forwarding directed from the public interface enp5s0 to the VM where ark-survival-ascended-linux-container-image is running. The server can be connected to sucessfully using the open command and everything works great, the only issue is that the server does not properly announce itself to the browser for some reason. I put the iptables of the host below where 192.168.122.10 is the IP of the qemu vms public interface and virbr0 is the libvirt bridge device.

The physical machine is running in a home network and 7777 needed to be forwarded.

Sorry I cant be of more help right now, and in any case thank you for the image, it has been smooth sailing other than this one small hitch.

# Generated by iptables-save v1.8.9 on Wed Nov  8 18:02:31 2023
*mangle
:PREROUTING ACCEPT [440:46539]
:INPUT ACCEPT [440:46539]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [481:63310]
:POSTROUTING ACCEPT [481:63310]
:LIBVIRT_PRT - [0:0]
-A POSTROUTING -j LIBVIRT_PRT
-A LIBVIRT_PRT -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
COMMIT
# Completed on Wed Nov  8 18:02:31 2023
# Generated by iptables-save v1.8.9 on Wed Nov  8 18:02:31 2023
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:LIBVIRT_PRT - [0:0]
-A PREROUTING -p tcp -m tcp --dport 1262 -j DNAT --to-destination 192.168.122.10:22
-A PREROUTING -p tcp -m tcp --dport 27020 -j DNAT --to-destination 192.168.122.10:27020
-A PREROUTING -p udp -m udp --dport 7777 -j DNAT --to-destination 192.168.122.10:7777
-A POSTROUTING -j LIBVIRT_PRT
-A POSTROUTING -s 192.168.122.0/24 -j MASQUERADE
-A LIBVIRT_PRT -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
-A LIBVIRT_PRT -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
-A LIBVIRT_PRT -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
COMMIT
# Completed on Wed Nov  8 18:02:31 2023
# Generated by iptables-save v1.8.9 on Wed Nov  8 18:02:31 2023
*filter
:INPUT ACCEPT [440:46539]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [481:63310]
:LIBVIRT_FWI - [0:0]
:LIBVIRT_FWO - [0:0]
:LIBVIRT_FWX - [0:0]
:LIBVIRT_INP - [0:0]
:LIBVIRT_OUT - [0:0]
-A INPUT -j LIBVIRT_INP
-A FORWARD -d 192.168.122.10/32 -o virbr0 -j ACCEPT
-A FORWARD -d 192.168.122.10/32 -o virbr0 -j ACCEPT
-A FORWARD -j LIBVIRT_FWX
-A FORWARD -j LIBVIRT_FWI
-A FORWARD -j LIBVIRT_FWO
-A FORWARD -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i virbr0 -o enp5s0 -j ACCEPT
-A FORWARD -i virbr0 -o lo -j ACCEPT
-A OUTPUT -j LIBVIRT_OUT
-A LIBVIRT_FWI -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A LIBVIRT_FWI -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A LIBVIRT_FWO -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A LIBVIRT_FWO -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A LIBVIRT_FWX -i virbr0 -o virbr0 -j ACCEPT
-A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A LIBVIRT_OUT -o virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A LIBVIRT_OUT -o virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A LIBVIRT_OUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
-A LIBVIRT_OUT -o virbr0 -p tcp -m tcp --dport 68 -j ACCEPT
COMMIT
# Completed on Wed Nov  8 18:02:31 2023