[Kemula]

Hello people.

I am very interested in knowing what other servers do to have more than one IP address pointing to their server, so that in case of attack, they can connect from another.

I have read about load balancers, but that infrastructure is based on having more than one server, which in SAMP is not viable since it is not possible to have more than one instance of the server (well, it is, but players in one server will not see the ones in the other.)

How do they do it?

Thanks!

EDIT: I do not mean to reconnect players from one IP to another. I'm trying to figure out how could I have multiples IP pointing to a same SAMP server, each one, with its mitigation. I've seen some people do this using OVH.

EDIT2: Diagram of what I'm looking for: https://imgur.com/a/83X6gkM (at host-level. All of the server using this technique are hosted in OVH)

[RogueDrifter]

If its attacked they either notify the players of the new server or they lock the server and rename it to "Connect to xxx.xxx.xx:xxxx"

Cuz afaik samp hasn't given the option to ReconnectPlayer(playerid); and probably never will.

[10MIN]

https://stackoverflow.com/questions/...acket-redirect
or
https://stackoverflow.com/questions/...een-interfaces
may be usefull

[Kemula]

Quote:

Originally Posted by 10MIN https://stackoverflow.com/questions/...acket-redirect or https://stackoverflow.com/questions/...een-interfaces may be usefull

Thank you for your response, however:

- Link 1 is a TCP port redirecting tool, so for SAMP it's useless (SAMP is UDP)
- Link 2 redirects the traffic from IP1 to IP2, but that would mask the real user IP.

The solution I'm looking for is more host-reseller related. All of the servers I've seen using this technique are hosted in OVH.

What I'm looking for would be something like this:
https://imgur.com/a/83X6gkM

[Sgt.TheDarkness]

If your IP addresses are binded on the same network interface, chances are a DDoS attack is going to take it offline anyways. There is no such mitigation method you speak of that involves using IP addresses on the same server.

I have seen someone do something similar but I'm not sure how well their endeavors were, if both IP addresses are forward facing and exposed, an attacker sees this as no different than the rest.

[SouheilSmith]

https://stackoverflow.com/questions/...acket-redirect
or
https://stackoverflow.com/questions/...een-interfaces
may be usefull

[xo]

You might be able to forward the UDP packets using iptables but that will end up masking your players' IPS thus breaking the functionality of most stuff

[Johny32]

That sounds like a good idea but I'm pretty sure it's gonna be hard to do something like that.
Personally, I never tried that but DDoS protection was my first priority when purchasing a dedicated server so maybe find a company with good firewall protection and especially gaming firewall protection which is different and better.

[Sgt.TheDarkness]

Quote:

Originally Posted by xo You might be able to forward the UDP packets using iptables but that will end up masking your players' IPS thus breaking the functionality of most stuff

This is correct, one could use source address forgery to stop this, but certain hosts do not even allow this as it's mostly used for malicious purpose, and you'd need to write the software to do so.