• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Programmer NEED GOOD TUNELLING SYSTEM

..
Post automatically merged:

M4rcin said:
Soon, just didn't have any actual stimuli to do so yet - but that's definitely a thing I want to explore.

This setup is incomplete, also this panel is only one of the tools you can set up on OVH, given you have full protection available (likely not on VPS).

Edit:
Another option worth consideration is using Don Daniello's service.
Click to expand...

I'm not going to use anyone's service, man, to go around offering contacts to sell products. Thanks.
Post automatically merged:

M4rcin said:
You are missing the thread's point, Kondrahs proxy actually increases ping, since rarely the proxy nodes are going to be located near you, effectively increasing the distance the connection travels.

A proxy solution like that serves the purpose of hiding the IP of the main server at the cost of decreasing connection quality (given your nodes are weak, and you will connect to a further node, after one near dies), so it feels completely counterproductive here.

PS: It is also a first point of failure on <64GB RAM server.
If you guys want to take credit for it, you should really fix the obvious inefficiencies it has ... I really hope the fix is not a paid service Ezzz style, that would be straight up scam.


No general solution (unless very costly) is going to work for these users, since your proxy nodes will usually extend the distance the connection travels.

If the user has issues with the connection, the best thing you can do is help profile it, and if it's bad routing - suggest a tunneling service like ExitLag, which allows to finetune routes.
Renting nodes everywhere will be less cost-efficient than buying licenses for each player who has issues.
Click to expand...

That's precisely why you get a VPS next to your main dedicated server; the tunneling will always favor it and keep the ping as low as possible.
Post automatically merged:

Gallus said:
If you have server for example in Berlin you can have one datacenter but 5 different companies and each of them will have different route when you connect to them because peering depends on company.

OVH is known for rather poor pings; generally by buying VPS in random hostings and setting it up as proxy you immediately get 10–20 ms better ping (of course as long as you dont live close to data center).

You see, point is that with this proxy system it doesnt matter if some VPS goes down for 1-5 minutes, it wont affect players connection in any way. In case of ExitLag if one server goes down you lose connection until it reconnects, its much worse.


Thats exactly point - you dont need any highly resilient server. You can buy 10–20 servers for $5 each and spend $50 and at the moment no attacker is able to take all of them down at once. If needed, you can quickly add more. Do you think single 1–10 Gbps server is better? Of course you can buy a better connection (and attacker can still take you down with more power) but it will cost hundreds of dollars compared to $50–100 you would spend on proxies from which you gain more than ddos protection.

Talking to you is like talking to wall, thats exactly why SOE has been having problems with attacks for year or longer, while other large servers have no issues at all. I guess after every attack you send tcpdump to OVH and ask them to fix edge firewall? Great solution

I will also add that CipSoft uses similar system and when you connect to their servers you get two or more connections like Cloudflare + Amazon. Even if one stops working you still have other one. Its same principle.


"When Cloudflare releases new code to its global network, we may restart servers, which terminates WebSockets connections."
Awesome solution


If I remember correctly timeout after which TFS <-> proxy session is closed is 30 seconds.
Click to expand...

That's why we use this option as well; if the proxy doesn't work properly, doesn't connect, or increases the ping while need decrease, the player chooses the option without proxy.
 

Attachments

Last edited:
Engradiel said:
..
Post automatically merged:



I'm not going to use anyone's service, man, to go around offering contacts to sell products. Thanks.
Post automatically merged:



That's precisely why you get a VPS next to your main dedicated server; the tunneling will always favor it and keep the ping as low as possible.
Post automatically merged:



That's why we use this option as well; if the proxy doesn't work properly, doesn't connect, or increases the ping while need decrease, the player chooses the option without proxy.
Click to expand...
Great. Of course single dedicated server would be better but to have real protection you would need 100 Gbps+ uplink and very powerful CPU for XDP/iptables, so unfortunately its not cost-effective for Tibia servers as costs start at $2000 and up. Advantage of Kondrah proxy is that you can use weak VPSes and it doesnt matter if one goes down/gets null-routed (btw, its enough to buy VPSes from providers that dont do that) you can also buy proxy services from companies that specialize in this. At moment this seems to be best solution for OTS.

Honestly even using Cloudflare WebSocket in combination with Kondrah proxy would be okay, although its hard to say when Cloudflare might come to you and say pay us $1000/month for using it this way
 
Gallus said:
Great. Of course single dedicated server would be better but to have real protection you would need 100 Gbps+ uplink and very powerful CPU for XDP/iptables, so unfortunately its not cost-effective for Tibia servers as costs start at $2000 and up. Advantage of Kondrah proxy is that you can use weak VPSes and it doesnt matter if one goes down/gets null-routed (btw, its enough to buy VPSes from providers that dont do that) you can also buy proxy services from companies that specialize in this. At moment this seems to be best solution for OTS.

Honestly even using Cloudflare WebSocket in combination with Kondrah proxy would be okay, although its hard to say when Cloudflare might come to you and say pay us $1000/month for using it this way
Click to expand...
It turns out I use the best DDoS protection company in Brazil, Ecxon. So direct DDoS attacks on the data center aren't a problem; I pay $500 a month.

My real problem is network fluctuations that cause lag and kicks for some players. That's why I'm using tunneling.


The problem is that we debate random issues and don't clarify our variables.All the confusion in the debate stems from the fact that I haven't explained my situation and variables exactly so we can adjust the information.
 
Last edited:
Engradiel said:
It turns out I use the best DDoS protection company in Brazil, Ecxon. So direct DDoS attacks on the data center aren't a problem; I pay $500 a month.

My real problem is network fluctuations that cause lag and kicks for some players. That's why I'm using tunneling.


The problem is that we debate random issues and don't clarify our variables.All the confusion in the debate stems from the fact that I haven't explained my situation and variables exactly so we can adjust the information.
Click to expand...
In that case great, Excon really does have very good firewall. I think discussion was worthwhile anyway, it warns against using standard OVH
 
Okay, the OTC proxy tunnel system is active and we'll see how it performs over the next few weeks and I'll give feedback here.

Now I'm about to solve another problem with the non-OTC client that I need to use as a proxy somehow.

Engradiel

Programmer Thread 'Kondrah Proxy Launcher.exe (NO OTC)'

Hello friends, I know Kondrah can no longer help and is unavailable.

I'm using his system for OTC which is active and working well, as it makes the connection more stable and also improves ping.

However, I have a server running version 8.60 and some players are still playing through the old Tibia client, and I need a solution for this group.

Some players are starting to experience lag and kicks even though their dedicated server is working well and their connection is also good.

Everything indicates that it's something with the internet provider or the route, and this is the group I...

If anyone can help, I would be very grateful.
 
Engradiel said:
Okay, the OTC proxy tunnel system is active and we'll see how it performs over the next few weeks and I'll give feedback here.

Now I'm about to solve another problem with the non-OTC client that I need to use as a proxy somehow.

Engradiel

Programmer Thread 'Kondrah Proxy Launcher.exe (NO OTC)'

Hello friends, I know Kondrah can no longer help and is unavailable.

I'm using his system for OTC which is active and working well, as it makes the connection more stable and also improves ping.

However, I have a server running version 8.60 and some players are still playing through the old Tibia client, and I need a solution for this group.

Some players are starting to experience lag and kicks even though their dedicated server is working well and their connection is also good.

Everything indicates that it's something with the internet provider or the route, and this is the group I...

If anyone can help, I would be very grateful.
Click to expand...
There is proxy for tibia client attached on bottom of this post
Gesior.pl

Post in thread 'WebSockets proxy'

Update on OTCv8 proxy and WebSockets (+CloudFlare.com/gcore.com free WebSocket protection at end of post)

I added WebSockets support in OTCv8 proxy last week - code with multiple OTCv8 proxies, not one - with "Claude 4.5 Opus" AI in less than one hour using free Antigravity IDE ( Google Antigravity (https://antigravity.google/) ) and just 3 crashes/problems with connection (3 prompts to AI to 'fix it').

I did not make PR yet, as I did not test it on any 100+ OTS - 100+ OTS would report much more crashes than my home PC tests.
If anyone is interested in current state of OTCv8...
  • Like
  • Love
 
Gallus said:
There is proxy for tibia client attached on bottom of this post
Gesior.pl

Post in thread 'WebSockets proxy'

Update on OTCv8 proxy and WebSockets (+CloudFlare.com/gcore.com free WebSocket protection at end of post)

I added WebSockets support in OTCv8 proxy last week - code with multiple OTCv8 proxies, not one - with "Claude 4.5 Opus" AI in less than one hour using free Antigravity IDE ( Google Antigravity (https://antigravity.google/) ) and just 3 crashes/problems with connection (3 prompts to AI to 'fix it').

I did not make PR yet, as I did not test it on any 100+ OTS - 100+ OTS would report much more crashes than my home PC tests.
If anyone is interested in current state of OTCv8...
  • Like
  • Love
Click to expand...
The problem is that nobody knows how to compile it or how to make it work.
 
Gallus said:
Yeah, you are probably right. @gunz has been using this solution for long time, maybe he can comment on it

Actually, I see he already did
Click to expand...
We've been using this approach as optional for couple of years, some players reported better ping. However, we finally managed to switch product called Cloudflare Spectrum which does not need any intermediate layer. (it's kind tricky to deal suitable price) We're also working on dedicated L7 countermeasures for tibia protocol.
 
gunz said:
We've been using this approach as optional for couple of years, some players reported better ping. However, we finally managed to switch product called Cloudflare Spectrum which does not need any intermediate layer. (it's kind tricky to deal suitable price) We're also working on dedicated L7 countermeasures for tibia protocol.
Click to expand...
What is the spectrum value of Cloudflare?
 
gunz said:
We've been using this approach as optional for couple of years, some players reported better ping. However, we finally managed to switch product called Cloudflare Spectrum which does not need any intermediate layer. (it's kind tricky to deal suitable price) We're also working on dedicated L7 countermeasures for tibia protocol.
Click to expand...
Great! I know several servers are already using Cloudflare Spectrum and are happy with it, could you tell me roughly how much price is?
 

Similar threads

Engradiel
Programmer Kondrah Proxy Launcher.exe (NO OTC)
Replies
0
Views
308
Engradiel
Engradiel
Stellow
Hoster Pay-Per-Hour Tibia Hosting (No VPS, No Setup, No Compilation) - Try for FREE
Replies
12
Views
681
Mapperforfun
Mapperforfun
Back
Top