Tanks Random Information

Troubleshooting NGINX Reverse Proxy Setup for Game Servers

Posted on

by

TankFurter

in

,

This guide aims to help you systematically troubleshoot your NGINX reverse proxy setup for a game server. Follow the outlined steps below to diagnose and resolve potential issues.

1. Verify Network Connectivity

Ensure both the NGINX proxy server and the game server can communicate effectively.

a. Check IP Addresses

  • Linux (NGINX) Server: Use the following command to find the IP address:ip a
  • Windows Game Server: Find its IP address by opening Command Prompt and running:ipconfig

b. Ping Test

  • From Linux to Windows:ping <WINDOWS_SERVER_IP>
  • From Windows to Linux:ping <LINUX_SERVER_IP>
  • Expected Result: Successful replies. If pings fail:
    • Check network cables or Wi-Fi connections.
    • Verify that both servers are on the same network/subnet.
    • Ensure IP addresses are correct.

2. Check Firewall Settings

Firewalls may be blocking necessary traffic between servers.

a. On Linux (Using UFW)

  • Check UFW status:sudo ufw status
  • Allow required ports:sudo ufw allow <PROXY_PORT>/udp sudo ufw allow <GAME_PORT>/udp
  • Reload UFW:sudo ufw reload

b. On Windows 10

  • Open Windows Defender Firewall: Navigate to Control Panel > System and Security > Windows Defender Firewall > Advanced Settings.
  • Create Inbound Rules:
    • For Proxy Port:
      • Click Inbound Rules > New Rule.
      • Select Port > Next.
      • Choose UDP and enter <PROXY_PORT> > Next.
      • Allow the connection > Next.
      • Select appropriate profiles (Domain, Private, Public) > Next.
      • Name the rule (e.g., “NGINX Proxy Port”) > Finish.
    • Repeat the steps above for <GAME_PORT>.

3. Verify NGINX Configuration

Ensure NGINX is set up correctly to proxy traffic to the game server.

a. Locate Configuration File

  • Typically found at /etc/nginx/nginx.conf or within /etc/nginx/conf.d/.

b. Example Stream Configuration

stream {
    upstream game_backend {
        server <WINDOWS_SERVER_IP>:<GAME_PORT>;
    }
    server {
        listen <PROXY_PORT> udp;
        proxy_pass game_backend;
    }
}
  • Replace placeholders accordingly:
    • <WINDOWS_SERVER_IP>: IP of the Windows game server.
    • <GAME_PORT>: Port your game server listens on.
    • <PROXY_PORT>: Port clients connect to on the NGINX server.

c. Test Configuration Syntax

sudo nginx -t
  • Expected Output:nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
  • If Errors: Review and correct any configuration file issues, then retest.

4. Restart NGINX to Apply Changes

  • Restart the NGINX service:sudo systemctl restart nginx
  • Check NGINX status:sudo systemctl status nginx
  • Ensure it’s active and running.

5. Confirm NGINX is Listening on the Correct Ports

  • Use ss or netstat to verify listening ports:sudo ss -tuln | grep <PROXY_PORT>
  • Expected Output:udp UNCONN 0 0 0.0.0.0:<PROXY_PORT> 0.0.0.0:*
  • If Not Listening: Recheck the NGINX configuration.

6. Test Connectivity from NGINX to Game Server

  • Use Netcat to test UDP connectivity:sudo apt install netcat -y nc -u -zv <WINDOWS_SERVER_IP> <GAME_PORT>
  • Expected Output:Connection to <WINDOWS_SERVER_IP> <GAME_PORT> port [udp/*] succeeded!
  • If Connection Fails:
    • Ensure the game server is running and listening on <GAME_PORT>.
    • Double-check firewall settings.

7. Verify Game Server is Active and Listening

  • On Windows Game Server, run:netstat -an | findstr <GAME_PORT>
  • Expected Output:UDP 0.0.0.0:<GAME_PORT> *:*
  • If Not Listening: Start the game server and verify the configuration.

8. Review NGINX Logs for Errors

  • Access Logs:sudo tail -f /var/log/nginx/access.log
  • Error Logs:sudo tail -f /var/log/nginx/error.log
  • Look for any error messages or warnings that might indicate issues.

9. Test External Access Through the Proxy

  • From a client device, connect to the game using the proxy server’s IP (<PROXY_IP>) and proxy port (<PROXY_PORT>).
  • If Connection Fails:
    • Ensure the client is using the correct IP and port.
    • Check NGINX logs for incoming requests.
    • Confirm the game server accepts connections from the proxy.

10. Additional Checks and Considerations

a. Disable Firewalls Temporarily for Testing

  • On Linux:sudo ufw disable
  • On Windows: Temporarily turn off Windows Defender Firewall from the Control Panel.
  • Note: Re-enable firewalls after testing and adjust rules accordingly.

b. Check Network Address Translation (NAT)

  • If servers are on different networks, ensure routers/firewalls allow necessary traffic and set up port forwarding as needed.

c. Check SELinux or AppArmor Restrictions (Linux)

  • For SELinux:sudo setenforce 0
  • For AppArmor:sudo aa-status
  • If disabling helps: Configure SELinux/AppArmor policies appropriately.

d. Confirm Correct Upstream Configuration in NGINX

  • Ensure no typos in IP addresses or ports.
  • Verify the upstream block references the correct server.

Summary Checklist

  • Network Connectivity: Verify IP addresses and perform ping tests.
  • Firewall Settings: Ensure necessary ports are open on both Linux and Windows.
  • NGINX Configuration: Validate syntax and check stream and proxy settings.
  • Service Status: Restart NGINX and confirm it’s actively listening on intended ports.
  • Server Connectivity: Test connectivity using netcat.
  • Game Server Status: Ensure the game server is running and listening.
  • Log Analysis: Review access and error logs for clues.
  • Client Connectivity: Test connection from a client device.
  • Advanced Configurations: Address NAT, SELinux/AppArmor, and other network policies.
  • Iterative Testing: After each change, retest connectivity.

Leave a Reply

Your email address will not be published. Required fields are marked *