Their approach is quite simple and effective, it is what I suggest game developers do. For reference, it goes somewhat like this:
The clients connect to a relay server that just forwards the packets back and forth between the client and the real server. The client never gets to know the real server IP, preventing attackers from DDoSing the servers. If the connection to the relay server drops (which can easily happen if the attacker DDoSes the relay server instead), it can easily resume the connection with any other relay server, and the real server never notices it dropped.
This relies on the fact that there are too many relay servers to DDoS at once, and attackers never get to know the real server running the game code, so they can't make it unreachable.
Documentation seems to say that they let you use the network from any platform as long as you have a Steam release. The bigger concern is that this requires linking with a closed source library, which means the open source version of the client could no longer connect to our servers without linking to a closed source blob.
That is sort of a non starter for us without some workaround like maybe hosting our own relays for the open source clients.
I actually received a nice email from someone at Valve about this following this post and we are currently evaluating if we can use it: https://partner.steamgames.com/doc/features/multiplayer/stea...
Their approach is quite simple and effective, it is what I suggest game developers do. For reference, it goes somewhat like this:
The clients connect to a relay server that just forwards the packets back and forth between the client and the real server. The client never gets to know the real server IP, preventing attackers from DDoSing the servers. If the connection to the relay server drops (which can easily happen if the attacker DDoSes the relay server instead), it can easily resume the connection with any other relay server, and the real server never notices it dropped.
This relies on the fact that there are too many relay servers to DDoS at once, and attackers never get to know the real server running the game code, so they can't make it unreachable.
SDR works well and the latency is decent, but this would probably force you to drop the non-steam release or make some of the servers steam-only?
Documentation seems to say that they let you use the network from any platform as long as you have a Steam release. The bigger concern is that this requires linking with a closed source library, which means the open source version of the client could no longer connect to our servers without linking to a closed source blob.
That is sort of a non starter for us without some workaround like maybe hosting our own relays for the open source clients.
Ah! I was going to this actually. I discovered it when Bungie switched Destiny2 over to use it.