Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: tunneling service for self-hosted one-off gaming session with strangers?
8 points by xeonmc on Nov 20, 2022 | hide | past | favorite | 13 comments
With the recent Tailscale Funnel announcement, I briefly had my hopes up of perhaps finally being able to host one-off game sessions without asking everyone else to install clients or register accounts.

Simply give them a one-off URL that they type into their gameclient and they connect to it exactly like a public server, which I can then disable after the session.

However, it seems that Tailscale Funnel it is limited to TCP connections, for security reasons I suppose.

I then looked at ZeroTier but it seems like yet another Hamachi-clone, all participants are still required to install clients.

Is buying a VPS/opening your home internet firewall really still the only way in 2022?

I know that Steam Networking allows for p2p connections via their backbone, but it requires the game itself to have the API programmed, you cannot tunnel third-party programs through it.

I feel like this is a glaring product void that inexplicably nobody seems to have noticed? One would think that a gaming-focused company like Discord would have picked up on such a use case by now (coordinating short self-hosted gaming sessions with strangers without configuration).




At the end of the day, your clients have to connect to a socket on a server somewhere. Either the server is in the cloud (ok, but who pays for that?), and your pc has a client on it that opens a tunnel from that cloud to your pc, or they have to connect to a socket on your home ip, for which you need to open a port in your router.

The only other thing that can exist, semantically, is nat hole-punching, which unless you have very good coordination with your friends can only be done through software (and also involves a server but less so).

Maybe reconsider why you can't forward ports on your router? If the server isn't listening for connections on that port it's undistinguishable from a closed port, and if it is then it is available as a game server.


I feel like no matter what, the game client acting as a server must have a hole in the firewall or a coordinating client.

> Simply give them a one-off URL that they type into their gameclient and they connect to it exactly like a public server, which I can then disable after the session.

What's the difference between this and a script that SSH's to your firewall and toggles a port's open-ness or alternatively a script that sends the required POST requests to authenticate and toggle your firewall (easily pulled out of the network dev tools in your browser as curl's)?

There's a hole in your firewall either way. What difference does it make if that hole that opens to your network is in tail-scales servers (with a public IP and port) or yours?

> I feel like this is a glaring product void that inexplicably nobody seems to have noticed?

I don't think this is a product void at all. The security cost of port forwarding to port in the non ephemeral range with no listening service is quite low.


> What difference does it make if that hole that opens to your network is in tail-scales servers (with a public IP and port) or yours?

Are we comparing clients knowing my ip vs not knowing my ip while connecting to my server? Because there's a huge difference. I would obviously want my ip to stay unknown if possible. With my ip you can roughly geolocate my server, DDOS it, try other ports like 80, 443, 22, 3306 to know more about it, etc.


I don't understand what you're trying to tunnel. Don't most games these days work online anyway and have built in firewall / router traversal, usually via a hosted server or some such?

Worst case, can't you rent a dedicated server? Those are usually pretty cheap and people can just connect to them by IP.


the use case is on-demand one-off sessions, so renting servers doesn't make sense.


Back in the day we used Hamachi for this. Looks like it's been acquired by LogMeIn (bleh), but perhaps the same functionality is there.

https://www.vpn.net/

Good luck!


Seconded. Sounds like Hamachi is exactly what OP needs.


I already mentioned Hamachi. You can't ask strangers to install crap for a one-off session.


You can ask them, it's just a question of whether they'd do it.

I remember getting other 13yos to install Hamachi so we could play AoM P2P back in 2009 or so, it seemed more than worth it at at the time. Why do you think there'd be friction with your friends to take the time to install an app if you're already taking the time to play games together?


Port-forwarding ?

Ngrok?

https://github.com/anderspitman/awesome-tunneling


I know how to spin my own VPS or port forward my own home setup. I'm trying to figure out an idiot-proof service stack that lets a non-techy, let's say, host a Quake server from a coffeeshop, with strangers that he just met in Discord, without persuading everyone to install "sketchy cli programs".

Tailscale Funnel comes close but they're restricted to basically just website traffic.


You could tunnel udp through tcp, but have to install additional software on each machine, and could see some issues with speed/reliability.


We play red alert with custom games by creating ssh tunnels to a public server. Not strictly necessary, but easy to do with ssh.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: