I had recently re-installed Windows as Falcon4AF is the only needed apps that do not
have
better equivalence on Linux, and the Wine emulation is not
perfect with DX9. The reason to create a VPN on Win32 come from the need to permit to all
gamers of our association
PVI to connect in one network gaming with the F-16 combat flight
simulator
Lead-Pursuit Falcon4 Allied Force. Here in Italy many users had subscribed to a provider
Fastweb
that offer a bidirectional fiber optic LAN connection with a speed of
10 Mbps. The problem is that the connection is a LAN connection, so they
give private IP address, and the NAT/Firewall shelf is at provider
buildings. Users have no configuration access to Port Forwarding. Every
Falcon4AF client (also if you do not host a game), operate as a server, listening
on 2934 and 2935 UDP port to exchange packets with all the players.
Using a VPN, we create a geographical LAN, so:
1 - we can all use private address, and inside the VPN no port forwarding is required.
2 - in this manner two or more computers can share the same public IP
address, like a dedicated Falcon server and a computer used for human flight in the same house.
3 - as a side effect the VPN encrypt all the traffic inside a pipe, and
so no one can see, sniff or log our traffic. So we can share
files,
using the simple and insecure Windows File Sharing protocols but
protected in the VPN pipe. Win32 File Sharing normally is a LAN only
protocols, isn't possible to use it on the internet. Used inside a VPN,
it can be
used as a geographical protocol. With this method we exchange
Briefing,
ACMI files, tools, joystick and Mumble/Teamspeak profiles, shot images,
movies, gigabytes scenery, and so on ...
Falcon4AF is an old application that is written with a technology that run well on Windows only, and
Win32 miss a secure VPN implementation. So we had to choose one
available on the net.
We do not choosed Hamachi because it is not open source, so:
1 - When you connect your computer through Hamachi client, it connect
to Hamachi server. All traffic pass through the Hamachi servers. We do not
know what they do with our packets, they can sniff, copy, save, log,
... so a privacy threat is on. Surely they have back-door, because they
keep the program closed source.
2 - The Hamachi servers are often very overloaded. You will experience lag,
lot of latency, freeze and so on. The problem here is that thousands of
clients from around the world connect to few Hamachi servers.
3 - We have at least ONE network connection that is an ADSL, so we can
manage that NAT/PortForwarding configuration. We use the PC behind that
connection to host the VPN, we all connect to that VPN server, and then anyone of us can host the Falcon4AF campaign/TE.
We choose
OpenVPN because:
1 - it is opensource
(so no back-door)
2 - is cross-platform (work on Linux too)
3 - is very well
documented and supported.
4 - permit to choose where to put the server for the VPN.
We use a dedicated fixed IP VPN server with 4Mbps bidirectional
bandwidth, that is always free for us and so very responsive, but is
not required, sometimes someone with managed ADSL router host the VPN.
On the NAT/Firewall of the VPN server only, you need to forward the OpenVPN UDP port
1194 as standardized by
IETF RFC.
OpenVPN is very generic, work in different operative system, can
emulate a L2 VPN or L3 VPN, point to point or multi-point, support
routing and lot of advanced net options. The configuration can be a little
difficult if you do not know much of IP protocols and Ethernet LAN. I
read the
HowTo on the Web site,
tried the steps with two friends, and wrote this simple step by step
guide for Falcon4AF on Win32 only. Now we use OpenVPN two days a week
for
our net flight. From the documentation does not seem OpenVPN have a
limit on the number of clients that can connect all together. In the
configuration file you can limit to 100 or what you want. We
really tried in 15 player maximum from all around Italy.
EFA home page