The meta server does not check whether the 'reported
hostname' is actually accessible. This results in many
games on the public meta server that are not actually
public.
A simple check could already help:
* Contains 'localhost' -> reject
* Contains no dot -> reject
Logged In: YES
user_id=831677
Raising the priority.
I see too many inaccessible games. (I think mostly by
accident, not intentionally)
Logged In: YES
user_id=39876
It could even do a DNS lookup to check if the hostname is
valid or even try to connect to the specified port and check
if a pioneers server is actually running at that port (if
the protocol allows this; otherwise that might be useful to
add to the protocol).
Logged In: YES
user_id=831677
Lowering the priority.
In 0.10.1 the server will be registered with its own
hostname, which will result in less games with DNS names
that cannot be resolved.
It was discussed on the pio-develop list (some time ago)
that the metaserver should not initiate connections (it
could cause DDoS attacks), so it is still possible to
register unreachable hosts (caused by firewalls) but no
longer names like 'localhost'.
Logged In: YES
user_id=39876
I'm a bit confused. What does "with its own hostname" mean?
Where do you get the server's hostname from?
Logged In: YES
user_id=831677
When the server connects to the metaserver, the metaserver
does a hostname lookup, based in the incoming connection.
In 0.9 the server always sent a hostname override, that has
been removed in 0.10.1 now.
Looking at the current list in the metaserver, it works
perfectly.
However, we are now back to an old problem: servers, who are
behind closed firewalls, and who register themselves at the
metaserver.
Logged In: YES
user_id=39876
OK, so the metaserver does a reverse DNS lookup of the
server's public (i.e., accessing) IP address.
Why not do the following:
If the server has provided a hostname, perform a DNS lookup
on this hostname and check if it maps to the server's IP
address. If it does, use that hostname. Otherwise, if a
reverse DNS lookup of the IP address resolves to a hostname
and that hostname resolves back to the IP address, use that
hostname. Otherwise, just use the IP address.
This way, people using DynDNS (e.g., from MyDyn.de) can
provide their DynDNS hostname.
This still doesn't solve the problem of firewalled servers,
true. The only way would be to initiate a connection to the
announced port and to check if there is a pioneers server
instance running. This would enable some kinds of DoS/DDoS
attacks, as you mentioned. But the connection only goes to
the connecting IP address, not to an arbitrary IP address.
This is a minimal risk, I suppose. By using some kind of
throttling in the metaserver (i.e., at most 1 connection
attempt in 3 seconds), this shouldn't be a problem at all.
The connection check might be a metaserver option, which
could be disabled, if it should ever cause any problems
(which I doubt).