[crossfire] new metaserver

Mark Wedel mwedel at sonic.net
Fri Jun 10 00:27:27 CDT 2005 

  A few more notes/thoughts:

  For the server, switching to tcp is perhaps a good thing.  What I'd actually 
think is the best thing is there to be a small helper program that the server 
executes, and then talks to that helper program then a named socket (or perhaps 
just a pipe).  The server could send the helper program things like number of 
players and any other dynamic data (for the static date, the helper program 
could just read the settings file).

  This then eliminates the problem of costly or dead connections to the 
metaserver - only the the helper program would have any issue, and it can 
basically take as much time as it wants (if it takes 5 minutes to make the 
connection, not a big deal).  This helper program can also be quite small so the 
cost of the initial pipe creation isn't that big (and if it dies, not very 
costly for the server to restart).

  The one concern I have about tcp is number of active connections allowed to 
the meta server.  Most OS's put some limit on the number of open file 
descriptors any program can have - often set at 1024 or lower.  Thus, a 
perfectly valid DDOS attack is for a bunch of systems to just make connections 
to the metaserver and just keep the connection active.  Maybe this is unlikely - 
never really had an attack like that on existing server.  The metaserver can 
obviously enforce the idea of only 1 connection from 1 ip address, so getting 
1000+ hacked systems might be unlikely.

  But the fact is that if you want to make persistent connections, you can't do 
that to a web server script I don't believe.  OTOH, I'm not sure how quickly web 
servers will time out connections.  But it also just seems inefficient to have 
to execute an entire script for each update - having a persistent program is 
much more efficient in all its processing.  IT just means you can't run such a 
program on any web server.

  One possibility is a hybrid approach - trusted SMS can update the CMS. 
Servers can talk to the CMS directly.

  Just one other note - having something done first does not mean that is the 
way to go.  This is not any comment on Brendan's work, but the argument 'xyz has 
done this so you should use it' holds no weight to me.  This approach has 
certainly be used a few times in crossfire, and if that first approach isn't a 
good one, it just results in extra work, as that code has to be 
fixed/removed/redone/whatever.  If one takes this approach, then any code that 
anyone submits to crossfire should just be accepted, and that certainly wouldn't 
be a good thing.

  As said, this doesn't reflect on the code in the patch - I haven't looked over 
that closely enough to make any comment on it.  But I will make the comment that 
it seems to be missing the server -> metaserver notification piece, and IMO that 
is really the core piece, because that is the one where the most problems can 
arise (eg, you can't cause the server to block, you don't want a slow update 
time, but you still want to provide dynamic data.  The small helper program I 
mention above is probably the way to fix that, and actually should be pretty 
easy to do).

More information about the crossfire mailing list