Welcome to the PufferPanel community forums! If you need help please register an account and post in the Support category.

Issue with SRCDS and assignment of IPs



  • Hello!

    I'm running a pufferpanel/scales setup on a dedicated server with 3 IPs and running into a few issues to do with assigning IPs/Ports with Docker.

    PRIMARY IP reffers to the servers eth0 ip. This is reserved for the main server processes such as Nginx
    SECONDARY IP reffers to the server eth0:0. This is used for game servers
    third ip is not needed.

    When setting up TF2 server I'm able to get it running on the correct IP and port (as in I can join it from the server browser) however in the server console I get the following output:

    ... junk...
    Network: IP 172.17.0.3, mode MP, dedicated Yes, ports 27015 SV / 27005 CL
    ... junk...
    Connection to Steam servers successful.
       Public IP is PRIMARY SERVER IP.
    ... more junk...
    

    So when starting the server the TF2 server initially clings on to the internal IP of (what I assume) docker allocates. This is then somehow routed by docker to the secondary IP for users to connect to. But my issue is when people go to "view game info" or "join a friend" on steam it tries to connect them to the primary IP.

    I've tried using launch parameters for scrds such as +ip {secondary ip}, +port +strictportbind with no solution and when doing so it says something else is bound to that ip/port or that its unavailable.

    Output of docker ps -a:

    CONTAINER ID        IMAGE                          COMMAND             CREATED             STATUS              PORTS                                                              NAMES
    fb62eb475073        pufferpanel/srcds:latest       "/bin/bash"         25 minutes ago      Up 35 seconds       SECONDARY:27015->27015/tcp, SECONDARY:27015->27015/udp   pp-username
    

    So my issue is how do I bind the SRCDS server to the correct IP when it can only see an internal docker IP? If I use +ip 172.17.0.3 surely this will just give me the same issues but with my public ip as the internal which again wont allow users to connect to.

    Edit:
    The only solution I can really think of is somehow bridging my docker container to the secondary IP some how so I can use the +ip command with srcds but wouldn't srcds just use the internal IP if it was basing it of this? halp

    Edit 2:
    Tried using +ip 172.17.0.3 and still get a public IP of the primary IP



  • So been doing a little bit of research into how docker and stuff actually works and also noticed that a few minecraft servers we have running on the primary ip can no longer connect to the mysql server on the master. I assume this is because localhost now reffers to the docker instance' ip however would there be some form of way to link my hosts MySQL server to the server without exposing my host to the public (ie i want my mysql server to be local)?



  • As far as I can determine, you can have mysql listen on all addresses or a specific address, not multiple specific addresses. Your best bet is to listen on all addresses and filter(with iptables) connections to your external ip on port 3306. Your minecraft server plugins will have to connect to mysql on your docker ip in the 172.* range. You can find it with "ip addr".



  • just allow the access from 172.17.0.% from the mysql user, since mysql with docker use ip range from 172.17.0.1 to 172.17.0.255

    Otherwise bind your db to the macchine ip and connect normaly



  • I thought we had docs for this, but I cannot find them.

    Your solution will be to bind MySQL to your docker's gateway IP (you can look at ip addr for the docker interface), and have your host machine and docker containers connect to that IP. Since that interface is internal, it won't allow external connections, but will allow docker containers and the host to all use the same database.

    As a note though, our panel user may not work correctly as we create it using localhost/the current IP during the install, and plugins that use MySQL may also have such problems. You will have to update within the database the new acceptable hosts (172.17.0.%) for those accounts to work.



  • Thanks for the replies but I managed to get it working by just binding mysql to all interfaces then using iptables to drop all requests from external networks.

    Now its just getting SRCDS to bind to the correct IP which I'm really confused with as I don't do much networking. As far as I can tell you are actually giving the docker instance the correct IP and binding it to the local machine with -p however when its connecting to steam its not actually getting the proper IP and since its bound in docker with the -p the docker container cant actually see that it has the secondary ip it just sees its internal one, maybe this could be resolved by using bridges?



  • When traffic goes out, it is up to the interfaces to decide which IP to use. Our binds only insure that it listens on the correct port. In general, outbound would use the primary IP/interface and it's up to the software to decide if you can bind differently. Generally, servers won't have those options.
    That kind of issue would not be something we could fix, because it's not within the scope of what we can control. You'd need to see if docker would let you specify that IP (google for me is getting mixed results, like it's partly implemented but not perfect)


Log in to reply
 

1
Online

666
Users

708
Topics

3.2k
Posts

Looks like your connection to PufferPanel Community was lost, please wait while we try to reconnect.