Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
quilkin
Quilkin is a non-transparent UDP proxy specifically designed for use with large scale multiplayer dedicated game server deployments, to ensure security, access control, telemetry data, metrics and more.
Have you looked into using a serverless pub/sub model, like Cloudflare's Workers KV? The example they give is a simple IRC-like distributed chatroom (https://github.com/cloudflare/workers-chat-demo), but theoretically it may work for games too.
Player state can be stored in a decentralized key-value store that Cloudflare manages. They absorb all the DDoS and handle replication between edge nodes. You don't see any of that. https://www.cloudflare.com/products/workers-kv/
Or maybe it was their Durable Objects product... I forget how that's different from Workers KV: https://developers.cloudflare.com/workers/learning/using-dur...
Then each game client uses a worker to access that KV, and Cloudflare will route that worker to its nearest edge node and retrieve the state from there (which was previously replicated a moment ago, internal to Cloudflare's infrastructure).
https://workers.cloudflare.com/
I don't know if this would result in acceptable latency, but it could help with DDOS at least.
Have you looked into using a serverless pub/sub model, like Cloudflare's Workers KV? The example they give is a simple IRC-like distributed chatroom (https://github.com/cloudflare/workers-chat-demo), but theoretically it may work for games too.
Player state can be stored in a decentralized key-value store that Cloudflare manages. They absorb all the DDoS and handle replication between edge nodes. You don't see any of that. https://www.cloudflare.com/products/workers-kv/
Or maybe it was their Durable Objects product... I forget how that's different from Workers KV: https://developers.cloudflare.com/workers/learning/using-dur...
Then each game client uses a worker to access that KV, and Cloudflare will route that worker to its nearest edge node and retrieve the state from there (which was previously replicated a moment ago, internal to Cloudflare's infrastructure).
https://workers.cloudflare.com/
I don't know if this would result in acceptable latency, but it could help with DDOS at least.
The firewall would need to be able to handle all the DDoS traffic as well, since your current idea would still pass the game server's IP back to a client. This is doable if you're hosting on a cloud provider and let their firewalls filter the traffic before hitting the game server.
Embark Studios recently open sourced (in alpha) a UDP proxy[1] designed for games that lets you implement a load balancing layer. This allows you to remove servers in the load balancing layer in the event that it comes under attack, allowing the game server to stay up and only having to disconnect a portion of players connected to the attacked loadbalancer. Having a proxy layer is also how Steam protects game servers using the Steam Datagram Relay[2].
[1]: https://github.com/googleforgames/quilkin