IP Bind
#1

Is it possible in the current or perhaps a future version to allow a single SAMP to bind to multiple IP's.

It sure would make it harder for script kiddies with booters if you could bind a server to listen on say 5 IP's vs the single one that I believe we're limited to now.
Reply
#2

Reasons this won't work:

All 5 IPs point to the same box. If the switch port is being flooded by DDoS, then all of the IPs will be useless

You'd have to tell people to join the server using a new IP out of the 5, which everyone will suck at doing

When you tell everyone to join via the other IP, the attackers will probably get the same message an attack that

For reasons I can't figure out now, they could probably end up using the unused IPs against you somehow.
Reply
#3

It's simple, hosts tend to null an IP when it gets hit, by creating 5 targets in my example its a shell game of them being able to knock all five down. Through load balancing it's possible to have xyz.yourserver.com:7777 to rotate if one is unresponsive to the next. Thus it's seamless for your player base.

Add in a host like ours that nulls in 5 minute increments (and checks if the attack still is ongoing) and it would create a system where the attacker has to do x number of attacks to take someone down. Most can afford 1 big booter but hard to expect them to start shelling out real cash to take down multiple IP's.
Reply
#4

Quote:
Originally Posted by V415
Посмотреть сообщение
It's simple, hosts tend to null an IP when it gets hit, by creating 5 targets in my example its a shell game of them being able to knock all five down. Through load balancing it's possible to have xyz.yourserver.com:7777 to rotate if one is unresponsive to the next. Thus it's seamless for your player base.

Add in a host like ours that nulls in 5 minute increments (and checks if the attack still is ongoing) and it would create a system where the attacker has to do x number of attacks to take someone down. Most can afford 1 big booter but hard to expect them to start shelling out real cash to take down multiple IP's.
You make a good point. With some REAL balancing and automation maybe it would be quite feasible.
Reply
#5

Yup not easy but it would be mint at frustrating the script kiddies. We've tried it but the holdup is that SAMP will only bind to one IP. It prevents the use of other ddos mitigation technologies such as GRE tunnels as well.
Reply
#6

Quote:
Originally Posted by V415
Посмотреть сообщение
Yup not easy but it would be mint at frustrating the script kiddies. We've tried it but the holdup is that SAMP will only bind to one IP. It prevents the use of other ddos mitigation technologies such as GRE tunnels as well.
What about using a specific IP for SA-MP, don't publish it, then set up packet forwarding on the other 4 IPs to all forward to the SA-MP?

Have no idea if that would work, its all theory...kinda thinking out loud
Reply
#7

Tried that with the forwarding and through a GRE tunnel but the SAMP client tries to connect to the individual IP while it shows up in the client with the server info, it doesn't actually connect, it sits in a revolving "unable to connect/timeout"
Reply
#8

This is what we actually need on a server. This could be a great addition.
Reply
#9

I was just thinking about something similar to this the other day and spoke to some of my colleagues about it. Would be an asset if implemented.
Reply
#10

This is something that does need to be implemented, with the ever growing number of kids with booters, and the lack of ability to stop attacks, something like this would make it that much harder for them to take our servers offline.
Reply


Forum Jump:


Users browsing this thread: