Linux GUIs are so slow

[Red Squirrel]

Originally posted by: Nothinman

The game server is on a VM on the same server so think it's doable.

Not without you jumping through some fairly big hoops. For all intents and purposes a VM that's setup to use a bridged network interface should be considered a seperate entity on the network. If you switch it to NAT then it'll be fairly simple.

Actually the setup is odd. Right now one interface is NATed, and is the one I RDP through (I SSH tunnel in to the main server then do RDP through the tunnel) and the other interface is bridged. If I can do it, I'd stick with one NATed interface and go from there. Just need to read up on how it would be done.

Oh and as for the original issue opening up port 53 to both DCs fixed the problem. (the DCs act as DNS) I also opened up local host completely.

See? ...[/quote][/quote]Never said I did not believe you, I just find it weird that DNS would have anything to do with performance on a typically non network application.

 

[Nothinman]

If I can do it, I'd stick with one NATed interface and go from there. Just need to read up on how it would be done.

Read up on what? If you've already got the NAT setup you just need to forward a few ports.

Never said I did not believe you, I just find it weird that DNS would have anything to do with performance on a typically non network application.

X is always networked, whether it's TCP to another machine on a network or using a local unix socket. Only very recently were things like direct rendering implemented and those are only for things that need very low latency like GL apps.

 

[Red Squirrel]

Originally posted by: Nothinman

If I can do it, I'd stick with one NATed interface and go from there. Just need to read up on how it would be done.

Read up on what? If you've already got the NAT setup you just need to forward a few ports.[/b]

The NAT is done by VMWare, I still need to read up on how to do a NAT in iptables to forward to that internal IP. I'm no expert I can't "just do it" without reading up on it first.

What I'm hoping to do is have 1 IP translate to the NAT internal IP that vmware creates. Then I can add my port/ip rules as well. So all traffic from 123.321.123.10 would go to 10.1.1.10 for example, traffic from 123.321.123.9 and down would stay on the server.

 

[Nothinman]

The NAT is done by VMWare, I still need to read up on how to do a NAT in iptables to forward to that internal IP. I'm no expert I can't "just do it" without reading up on it first.

With 2 minutes of poking around I found /etc/vmware/vmnet8/nat/nat.conf and the last two sections of that file are for forwarding ports complete with examples.

 

[Red Squirrel]

Originally posted by: Nothinman

The NAT is done by VMWare, I still need to read up on how to do a NAT in iptables to forward to that internal IP. I'm no expert I can't "just do it" without reading up on it first.

With 2 minutes of poking around I found /etc/vmware/vmnet8/nat/nat.conf and the last two sections of that file are for forwarding ports complete with examples.

That part is done already but to do what I want I need to do it in iptables.

ex: I have 10 IPs. All traffic to those IPs gets routed normally but one. That one gets forwarded to the IP of the VMware nat. Essentially I will have 2 NATs. To save on resources I may experiment with going "host only" instead as NAT for the vmware interface.

By routing traffic through IPtables then I can set block rules and what not. Right now if I set block rules they don't work as the vmware interface is actually treated as if it was a totally different PC.

So yeah it's more complicated then that. I'll have to read up on iptables NATing. I believe I had found something but the code did not work as I use the iptables-restore format for my config file, but I want to convert that config file to just a bash script as it will be more universal and easier to manage. Then what I read previously should work.

 

[Crusty]

So 9 IPs are used on the host box and you want the 10th one to be assigned to one of the virtual machines running on said host box?

If so I fail to see why anything more then setting up the port forwards in the vmware NAT is needed, nothing else will be able to get through other then the ports you want because of the NAT. Just run a firewall on the guest virtual machine like you should be anyways to restrict it even further if you want to firewall outgoing traffic etc...

 

[Red Squirrel]

Originally posted by: Crusty
So 9 IPs are used on the host box and you want the 10th one to be assigned to one of the virtual machines running on said host box?

If so I fail to see why anything more then setting up the port forwards in the vmware NAT is needed, nothing else will be able to get through other then the ports you want because of the NAT. Just run a firewall on the guest virtual machine like you should be anyways to restrict it even further if you want to firewall outgoing traffic etc...

That's what I'm doing now. Problem is, the guest is Windows... there are no decent firewalls in Windows that let me configure stuff like iptables can. So I want to route it through Linux so I can use IPtables to add rules.

 

[Crusty]

What are you doing that the Windows Firewall can't do? Or what features is it lacking that you need?

 

[Red Squirrel]

Originally posted by: Crusty
What are you doing that the Windows Firewall can't do? Or what features is it lacking that you need?

Being able to block IPs via command line, unblock via command line, interface with fail2ban (or similar app, may make it built into the game server), and lot of stuff it can't do.

 

[Nothinman]

You may be able to apply netfilter rules directly to the vmnet device that's doing the NAT, but I've never tried it.