Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I am working on a game atm and started to research about an alternative solution to dedicated servers.
The reason I am doing this is that I have little administration knowledge and would prefer to spend the time in programming instead of learning that. Especially when it comes to security to the dedicated machine itself and not my application that runs on it.
So my question is whether there is a possibility of a server where you can just run your code written e.g. in golang and have less or easier administration and a much better or the same security?
It would be perfect if I just get an endpoint connection to my application when a client wants to communicate without the care of security concerns outside of my application.
I have looked on some services from aws and google (not tested for now) but with the whole range everything is confusing to me.
Information about the type of game:
realtime multiplayer
for now I use TCP with Flatbuffer to communicate (TCP should be also fine here)
server is written in golang and for the client for testing I use libgdx (java), but would probably change to something else when I solved other questions
with server I mean where the logic is run server-side and the communication between the client to the database is made through the server
If you really want to avoid maintaining a server for your software, consider dockerizing your server software, and run it on AWS Fargate. It will not necessarily be cheaper than a dedicated server, but you will not have to maintain any infrastructure or OS.
Short anwser, no.
Serverless architectures doesn't work well with TCP, because of various reasons. The First one to be that FaaS is made to be short lived - opening a TCP connection with sockets would create a long live for the function, thus making its costs go high.
Second, BaaS usually has a delay of some microseconds, and also doesn't support TCP connections.
But you see, with BaaS you can develop a turn-based multiplayer game, because the delay isn't that critical on these types of applications.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I have a VPN application which is written in C++ for Windows 7+ and uses OpenVPN as well as RAS for establishing connections and I need to allow only for some apps to be able to use vpn connection and others to use user's default connection/network (I also don't know what apps it will be, users need to configure it). So far I haven't found any hints on how to implement it, is it possible to do it at all on Windows? And if yes, how?
I'm not sure that you can do that. VPNs basically work like a secure TCP/IP router (or switch). They provide an IP-address on each side that is a "gateway" to the network on the other side. (Appropriate route commands must have been issued on both sides, which the VPN client software can do for its local machine.) I don't think that there is any way to restrict which applications can use a particular IP-address . . . but of course I could be mistaken. (MS-Windows does have many tricks up its sleeve.)
I think that you should take this to superuser.com or some other StackExchange site which is targeted towards system administration of a Windows environment, because your question is actually quite specific to that, and not to VPNs in general.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
Today I am thinking about connect two computer without tcp/ip. Actually i am searching: connection without ip; if i manage to connect without ip, these network is untraceable.
My full question is :
It is possible to connect two computer without tcp/ip over internet.
May these scenario impossible for the ISP. I don't know.
If possible, It can be competitor of Internet.
From the first line of Wikipedia on Internet:
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite (TCP/IP) to link several billion devices worldwide.
The internet is built upon the IP framework. You can't "not use" IP through the internet. That's like to say I want to use the post system without addresses. Without the IP framework, there is no way to identify devices from each other or have any standard format to route packets anywhere at all. This is not to say that it is the only way to establish networked communications, it's just the most popular and most used way.
Regarding the first part of your question: It is possible to connect two computer without tcp/ip? There are plenty of ways this is done e.g. Bluetooth, RS-232, proprietary RF communications and so forth.
Also, towards competitor of Internet is that really such a good idea? For once we have one system that is universally compatible with all devices around the globe (almost!). I don't think the rest of the world would be keen on a brand new system unless it is much much much better (in which it'll probably be implemented into the Internet Protocol Suite anyway).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I want to develop a server for an application of mine in C++. I'm not really familiar with networking concepts. This server is going be a simple one and I'll use one of the networking libraries out there. I just couldn't figure out the necessary keywords to research the following issue:
Let's say that there are 100 users on 100 different computers, all sharing the same internet connection, behind the same router. They all decide to open my client to connect to my server. How do you deal with this issue if you want to keep the connections open and on the same port.
For the purposes of your server, it doesn't make any difference whether those 100 connections are all coming from the same computer, from the same router, or from totally separate networks.
While the server side of the connection will use the same port for all of these, each connection will have a different combination of client side IP address and port. In the case you describe, where all 100 are behind the same router using the same IP address, the router will take care of making sure they all have different client side port numbers. You can read about network address translation (NAT) if you want to learn the details about one common way that is done.
This kind of server programming is not easy and requires network skills. You can have a look at this tutorial. It's C and unix, but it shows the function you'll need to use:
socket interface for network access
listening/accepting new connextion
forking new processes to handle the different clients (although in C++ you'd probebly look for multithreading which is more efficient for this kind of task).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I had to "sporadically" work with Heimdal / MIT Gssapi for kerberos authentication over past couple of years. I had to build an application that was to be used as a web-service running on a Linux box, and serve client applications like browsers, running on Windows and/or Linux Desktops and Workstations. Surely not the easiest of beasts to tame. Eventually when summarizing my work, I could record that the difficulties emanated due to challenges in multiple dimensions. Getting started with gssapi programming is truly a challenge just because of poor documentation, and practically non-existant tutorials. Googling mostly results in either some theoretical discussion on what's kerberos, or leads to content written with presumption that you already know everything besides some particular semantic issue.
Some really good hacks around here contributed to help me, I therefore suppose it would be a good idea to summarize the stuff, from a developer's perspective, and share it here as some sort of a wiki, to give something back to this fantastic place, and fellow programmers.
Haven't really done a wiki like this before, and I am surely no authority on GSSAPI nor Kerberos, so please be kind, but more than that please contribute and correct my mistakes. Site Editors, I am counting on you to do your magic ;)
Getting your project completed successfully will require 3 specific things to be done correctly:
Setup of your test environment
Setup of your libraries
Your code
As I said already, such projects are beasts, just because all the three haven't been put together on the same page anywhere.
Ok So let's begin at the beginning.
Unavoidable theory for a newbie
GSSAPI helps a client application to provide credentials for a server to authoritatively identify the user. Extremely useful because the server applications can modulate their served responses if they wish to, as per the user. Very naturally therefore both - the client and the server applications must be kerberized, or as some would state kerberos-aware.
The kerberos based authentication, requires both the client and server applications, to be members of a Kerberos Realm. KDC (Kerberos Domain Controller) is the designated authority that rules the realm. Microsoft's AD servers are one of the most popularly experienced examples of a KDC, though you can of course be using a *NIX based KDC. But surely without a KDC there can be no Kerberos business at all. Desktops, Servers & workstations joined into the domain identify each other as long as all of them remain joined into the domain.
For your initial experiments, setup the client & server applications in the same realm.
Though Kerberos Authentication can surely be also used across realms by creating trusts between KDCs of these realms, or even merging keytabs from different KDCs that do not trust each other. Your code will not really need any change to accommodate such different and complex-sounding scenarios.
Kerberos Authentication basically works via "tickets (or tokens)". When a member joins the realm, the KDC "grants tokens" to each of them. These tokens are unique; time and FQDN are essential factors for these tickets.
Before you even think of the very first line of your code make sure you have got these two right:
Pitfall #1 When you setup your development and test environment, make sure everything is tested and addressed as FQDN. For example if you want to check connectivity, ping using FQDN, not IP. Needless to say therefore, they must necessarily have the same DNS service configuration.
Pitfall #2 Make sure all the host systems - that are running your KDC, client software, server software have the same time server. Time synchronization is something that one forgets, and realizes to be amiss after a lot of hair-splitting, and head-banging!
Both, the client and server applications NEED kerberos keytabs. So if your application is going to run in a *NIX host, and be a part of a Microsoft Domain, you have to get a kerberos keytab generated, before we start to look at the remaining preparatory steps for gss programming.
Step-by-Step Guide to Kerberos 5 (krb5 1.0) Interoperability at is an absolute must-read.
GSS-API Programming Guide is an excellent bookmark.
Depending upon your *NIX distribution you can install the headers & libraries for building your code. My suggestion however is to download the source and build it yourself. Yes, you might not get it right at one go, but it surely is worth the trouble.
Pitfall #3 Make sure that your application is running in an Kerberos aware environment.
I really learnt this the hard way, but maybe because I am not so smart. In my earliest stages of gssapi programming struggle, I had discovered that kerberos keytabs were absolutely necessary for making my application kerberos-aware. But I simply couldn't find anything about how to load these keytabs in my application. You know why?!! Because no such api exists!!!
Because: The application is to be run in an environment which is aware of the keytabs.
Ok, let me make this simple: Your application that is supposed to do the GSSAPI / Kerberos things has to run after you have set environment variable KRB5_KTNAME to the path where you have stored the keytabs. So either you do something like:
export KRB5_KTNAME=<path/to/your/keytab>
or make use of setenv to set KRB5_KTNAME in your application sufficiently before the very first line of your code that uses gssapi is run.
We are now ready to do the necessary things in the application's code.
I understand there are quite a few other aspects that must be reviewed by the application developer, to write and test an application. I know of a few environment variables, that can be important.
Can anybody please shed some more light upon that?
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
This application sends data periodically to a server. What I need to do is setup a testing environment on the local developing machine so that I can check the correct packets are being sent in each situation. I thought a good approach would be a server VM set up on the local computer which would receive the packets and respond just like the real thing, but the problem is how do I route the packets of an application running on windows to a VM machine. I don't want to modify my application code. I just want to have windows pass on the packets it receives from the application to the VM or otherwise another application that will do the testing. Is this possible? If not, please let me know about any other solution(s) to this problem.
If you're running a decent VM you should be able to give it an IP address visible from the host, and configure it so that you can run web servers on it, ssh to it, etc.
Look at the networking features of your VM. Or find a tutorial on how to do this, such as this one for VirtualBox:
http://www.tolaris.com/2009/03/05/using-host-networking-and-nat-with-virtualbox/
Well it's some kind of a hack but you can use ARP Poisoning (man in the middle attack) to sniff packets. There is a tool named Cain & Abel which can do this for you. I've used this tool to sniff packets between two non-pc machines. Use at your own risk and if your anti-virus tool alerts, know that the tool has no virus but what it does is detected as one.
Edit: Please note that my approach doesn't require a VM server.