Comment by 123pie123
4 years ago
I've no idea how complex this is to code or if it will work for you
but I'll throw the idea out to see if anyone else could improve on it etc..
initial strawman draft idea: have a front door service that just verifies your gamers (eg log on server) This will need to be protected by a Ddos but the throughput shouldn't be large. once authenticated your clients IP address is then passed to some sort of software based firewall protecting each of the main game servers
The firewall would need to be able to handle all the DDoS traffic as well, since your current idea would still pass the game server's IP back to a client. This is doable if you're hosting on a cloud provider and let their firewalls filter the traffic before hitting the game server.
Embark Studios recently open sourced (in alpha) a UDP proxy[1] designed for games that lets you implement a load balancing layer. This allows you to remove servers in the load balancing layer in the event that it comes under attack, allowing the game server to stay up and only having to disconnect a portion of players connected to the attacked loadbalancer. Having a proxy layer is also how Steam protects game servers using the Steam Datagram Relay[2].
[1]: https://github.com/googleforgames/quilkin [2]: https://partner.steamgames.com/doc/features/multiplayer/stea...