Help linux centos home server
 

Hi dear users,


After half year learning the linux basics and protocol basics, i come today asking for help from more experienced users.
I have a game server, wich NEEDS an public ip address, wich means i already tried DMZ on my router, and didnt work. So, i need to setup my centos with a public ip address. Wich is actually easy, if we have a modem, not a router doing NAT. But unfortunatly thats what i have, i have a router with 1 external ip assigned to it, and it doint nat to several computers. Now, this is were my problems start, i tryed alot of things, but my knowledge is not enough. What i wanted is to assigned a public ip to my centos and keep the router doing nat. I tryed out an android app, wich gives me an external ip while connecting to the router. So how can i do the same thing but in my centos server? I hope i provided every info, and someone could help me. If not, just ask, ill answer asap. At this moment, i have no configuration done waiting for instructions.

I have a very vague understanding of what truly is the whole problem; but in the hope of helping you with few hints allow me to try.

Public IP is determined by the availability of it and the router (assuming it is your dhcp server) is authorized to issue that. How many public IPs are you granted by the ISP ?

Fixing one system to a dedicated public IP can be done by assigning an IP to the system's MAC address; this is easily configured static from/in the router itself. The same thing you may do if you wish to assign/dedicate particular subnet address into single machine.

Hope this at least throws a little shed over the problem.

Hope it helps. Good luck.

Actually im very glad for your answer. Just allow me to remind that i have very basic knowledge on this matter. Ok, so this said, my ISP only grants me 1 public ip, wich is assigned to the router. I cannot ask for another IP, for economical reasons, or i would have this solved. As for your ideas, maybe its best to try the second one, wich i dont have to touch the router, do you know of the existance of some kind of tutorial, wich i can follow and try that?

this game server, does it have a set range of ports that the user connects or a single port? in either case just setup port forwarding on the router and be done with it. zero reason for the game server to be exposed publicly.

this is not different then setting up for external access via ssh to your server.

Thats another problem for me. This game server uses 2 servers, 1 for the authentication and 1 for the gameserver, i can do that for the authentication, but i cannot do that for the gameserver, cause the first sends a connection to the client, saying the IP in wich is the gameserver. So both, the authentication and gameserver, needs a public ip. It cannot be done by dmz or portfowarding. Im sorry for this being so difficult, thats why i come to you guys.

Surely you can just forward the ports for both servers using your router? I have, for example, forwarded port one port to SSH on one machine and port 80 to a VM with Apache running -- anyone connecting from the outside doesn't need to know whether they're different machines or not.
with game servers you sometimes have problems because each client is given a different port to connect to but this can usually be got around by forwarding a range of ports which I've always seen as an option on the routers I've used.
I think the DMZ is supposed to expose all ports and ought to be a good answer but my experience is that, unless my understanding of what the DMZ is is flawed, they simply do not work as advertised on home routers.

Yes, i think you are right about the DMZ in home router! So what you are sugestioning is that i put the loginserver in a VM, loginserver is actually the more lighter, and the gameserver in the dedicated machine, with the router portfowarding to it. Seems pretty liable to do, and actually is quite more safer then having all together in the same machine. If there is no other way, then this is actually a fix to my problem. Ill listen a few more users, and try whatever i can. although you take a +1 already :)

No, I'm not suggesting you put the loginserver in a VM I though you said it was a separate machine? If these are just server processes on the same machine then they can use the same IP and you just forward the relevant ports.
Why can't you forward the relevant ports in your router's config?

exactly. any "service" this includes your game server and authentication server use PORTS, this is exactly what port forwarding is for.

how about some details, what kind of game server is this, and what specific ports are you needing to gain access?

Well, ill try to expose the best i can. So the LoginServer and GameServer need a public ip, the client connects to the loginserver and once the authentication is done, it sends to the client the public ip of the gameserver. Between these 2 there is another process wich is called connector, that takes care of it. If i put the private ip in the gameserver, for example, 192.168.10.100, once the authentication is made, the loginserver will send to the client that private ip, therefor it will not connect. I tryed it before, but doesnt work. the Login and gameserver needs to bind to a public ip. it wont work just by portfowarding. So again, i need a way to have a public ip assigned to the server machine, behind a router doing nat. I know it sounds impossible, and for me it is, but it has to be a way, its like the android app i mentioned, that app gives an public ip even connected to the router. I need to do something like that in the centos.

And i apologise, i cant name the gameserver. and the ports are 4001 for loginserver and 4110 for gameserver. These are just an example, the ports are not hardcoded, they are in a config file, wich is read once i start them

well, no answer for me i presume. Its ok, thanks for trying.

How do you tell the LoginServer the IP address of the GameServer? Would you not just replace the internal IP with the external one in the LoginServer's config file? (leaving the relevant ports forwarded in your router, of course)
This Android app you mention -- I take it you mean that it shows you the external IP address of your home network as given by your ISP? If so then it will likely attach to a website called something like whatsmyip.com and open a page there which shows the IP of any machine connecting to it. I've not used one of these sites as I set my own up so I can't give you a reliable name for one.

yes 273 has it correct. again this is exactly what port forwarding is for. this is 100% its design. this way you can have MULTIPLE SERVICES, read that SERVERS, behind a SINGLE WAN side IP address.

it sounds to me like you are either making this much more complicated then it needs to be, or you are trying to run an illegal game server for something like World of Warcraft or the like.

again properly configured port forwarding will resolve this issue for you 100%. if your router is not capable of performing the desired task, then you need to upgrade/replace your router with something that can perform proper port forwarding.

I forgot about that I fear you may be correct. That or using a game which needs a 'net connection offline.
In the latter case the answer is to ask for your money back if it doesn't work on your system.

Im not making this more difficult then it is, im trying to explain the best i can. So please stop thinking about the portfowarding, that doesnt work. If i configure the loginserver and gameserver with the private ip and redirect the connections to them, in the router, what will happen is that the game client when connecting to authorization in loginserver, will be capable of connect with this way, BUT then after the authentication, it preceds to the game server, and the loginserver will send the ip assigned to the gameserver and outside clients will not connect... i cant explain better then this, and if you keep insisting in the solution of portforwarding, then i prefer to go to another forum and try my luck. And noone said nothing about illegal servers, its a project on the run, and the programmers dont want the name to come outside before the beta. Thanks for trying...