I mean, that's really the only way. A DDOS is about exhausting resources so the best plan of action is to have more resources than your opponent can drain or proxy your stuff through someone who has the resources
We had to rent 60 Euro per month server half a Europe away instead of 5 Euro per month server in Eastern Europe because it was the closest and cheapest server with protection against kind of ddos attacks that we were experiencing.
@@firebadnofire9768 Or obfuscate the public-facing IP so it's harder for potential attackers to even find the info they need to DDOS it. Also, by routing traffic through all their datacenters, even if an attacker manages to DDOS the fake IP, their botnet would be connecting to a bunch of different Steam servers rather than one single server, spreading out the attack and making it less effective
You can also tell if you're looking at an SDR fake IP by checking if it starts with 169.254... as that's a reserved range of IPs that have no meaning on the open internet. They're similar to the 192.168... IPs used for LANs.
@@ches2839 my 2015 imac usieng a mac ip address: am i a joke to you!? i don't find it very funny you know. well bescue its a mac useing a mac ip. BESCUE APPLE DESKTOP BRUH.
also now with starlink statilte intenet witch means no lindlines to woory aobut geting jamed anymore. also very very hard to pin pont or track wihout me bacly telling you where i'm am anyway.
This explain why the past few years when joining a casual valve server. I noticed the game is more responsive compared to the community counter part. I thought i was crazy.
1:10 kinda, isp connects to other isps, government channels, university networks, and then likely to a datacenter. I get putting ISP in a cloud makes it simpler, but it also buries the lede for why routing matters.
yeah it would've made more sense for me to have broken it out further, that way more of the "hops" increasing latency could have been seen whilst i was talking about them. absolutely valid criticism
...So, it may be true that your packets are being sent to governments/universities (I assume you mean for tracking purposes?), but that doesn't mean that your traffic is being slowed down, or even that there are extra hops. Those are most likely to be side branches, as in additional destinations that your packet is being sent to for logging. The only benefit of adding an extra hop would be to perform a man-in-the-middle attack, but since almost all internet traffic is encrypted, it's very hard to do anything with it. ISPs work VERY hard to minimize the numbers of hops necessary, because the computers involved in a "hop" aren't cheap!!
My favorite blue three-letter named video maker is talking about online multiplayer networking! Always hype for these videos! I wish other games also got networking stuff about them explained by people who make videos about said games.
Even if the route is not actually lower latency, the improved reliability easily makes up for it. TF2's interp system is surprisingly capable despite its flaws so a consistent connection with low jitter can be better than one where minimum latency is lower but jitter is high -- which is a common issue seen with "interference" from DoS traffic
Fun fact: a DDoS attack would mostly focus on volumetry and try to saturate the metro region's transit capacity of Valve's edge connections, which would hinder player connectivity and make it unplayable. The actual servers and application nodes IPs are actually irrelevant when under a volumetric attack since everything would go down either way. What they're really trying to achieve with SDR is to seamlessly re-route user connections through different metro regions and to avoid dealing with endless firewall rules for each cluster as soon as they're being brought up or down from service. Hope that helps. Cheers.
By doing it the way they do, they ensure that even if an attacker manages to saturate one datacenter, your game can just switch over to the next closest data center as it's entry into the SDR network. You might experience a single lag spike while the transfer occured, but then it would be smooth sailing. An attacker simply wouldn't have enough resources to saturate more than a couple of datacenters, and Steam has several hundred.
Valve has implemented this across their games including cs. The problem (although small) is that you don't get to choose which location it connects to. I've had moments where I was rerouted through Sweden for a server in Austria when I lived in Greece. The software especially glitches if for some reason you have high ping across all their servers (which happens a lot to me when I send lots of traffic to another server due to my low upload link). If valve would allow the user to select which servers to connect to, this feature would really be perfect.
I really hope they eventually fix the favourite issue somehow, I'd love to use it on my community server but I think breaking favourites (and I think joining off friends breaks too?) is too big of a downside ._.
As long as the server you're connecting to isn't closer geographically than the nearest Steam data center, I suspect SDR will almost always be at least a couple milliseconds faster than normal routing. The nearest Steam datacenter to where I live is less than an hour away by car, so there are very very few servers closer than that.
This is interesting! I wonder if third parties have access to this, I'll have to do some research. I'm making my own game with multiplayer and this is really enticing.
It might be possible to make a server with SDR that is favoritable using a webdomain and a LOT of elbow grease. Gotta look into that, as that could be a really cheap, secure and elegant solution to host servers
I'm not sure if this is all accurate, I've joined servers where there's been weird lag and hitching and this is a semi-regular occurrence. Usually when this happens you hear a constant "soft fabric rustling" sound, this usually persists until the server restarts or empties out.
It's a pity that Valve doesn't allow you to import your PGP keys to create a secure Internet connection with end-to-end encryption in Casual. At least Valve servers work with low ping, with the exception of MVM servers which like to lag. Sometimes when searching for community servers, there are servers with a ping of 60 to 33 ms. But once you connect to them, the ping becomes from 100 to 200 ms. I don't understand why this happens.
This is kinda ironic because I’ve noticed and directly found DDOS/ping attacker accounts (of which also have aimbot capabilities) since two years ago and been finding it happening now and then still to this day
Most of these were exploiting bugs in the game itself to cause servers or clients to crash or lag tremendously. DDOS protection can only stop packet spam, not exploits like those.
I wonder if valve would fix the latin servers, because I'm from Peru and when I join Chilean serves my ping skyrockets and goes over 200, the same happens to Chileans when entering Peruvian servers (as well as Brazil, Argentina, etc)
Then thats a node issue between Chile and the rest of the countries in the region. Malaysia had this issue when the cable between Singapore and Malaysia had problems so logging to Steam for a whole 2-3 months had a 1/3 chance of failing logging in.
wonder how the cs:go servers worked then, because I know hackers would ddoss the server, because I had great internet and would sometimes survive the timeout with it and they would have to do a second, longer round of ddossing after.
ok but i have been in unplayable valve servers in the past 3 years where everyone else also had the same issue (havent experienced ddos attacks in at least a year tho)
I've heard of this somewhere.. Anyway: 0:01 : Yes, very often! It sucks harder than a black hole! Maybe in Amuhrica your connection's great, but not so much here in Europe.
i dont get why these measures needed to be provoked to exist done like i get it protection what i meant is in wich mind a group of idiots think is correct attack g ame servers and avoid everyone to play like if they own the game, you see a game you play it and you leave if you dont like it i never saw such a case of group of people taking down servers or ruining experience just because they feel like they own the game, i wish i would have saw those attacks in games like riot games but see was used just for tantrums is phatetic
A few months ago i had a man child who always rage hacked and then ddosed the sever when he was about to get kicked. Thx valve for this blessing, well he still can rage hack tho 🤣 (he rage hacks for 2 years and fanaly got a vac ban wow vlave)
ddos protection solutions be like
step 1: have a billion dollar cloud network
I mean, that's really the only way. A DDOS is about exhausting resources so the best plan of action is to have more resources than your opponent can drain or proxy your stuff through someone who has the resources
@@firebadnofire9768 for you to proxy stuff you need to also have the resources to read the traffic so you can forward it
We had to rent 60 Euro per month server half a Europe away instead of 5 Euro per month server in Eastern Europe because it was the closest and cheapest server with protection against kind of ddos attacks that we were experiencing.
@@firebadnofire9768 Or obfuscate the public-facing IP so it's harder for potential attackers to even find the info they need to DDOS it.
Also, by routing traffic through all their datacenters, even if an attacker manages to DDOS the fake IP, their botnet would be connecting to a bunch of different Steam servers rather than one single server, spreading out the attack and making it less effective
I think it's obvious that aar is protecting the tf2 servers with his bare hands, thank you aar
Don't forget about the janitor
He's always checking if the servers are plugged in
with that play footage i dont think so
Did someone say bear hands? ~~ Saxton Hale.
Ah, is that what the Steam overlay "routed through [another server region]" notification is about? That's cool.
You can also tell if you're looking at an SDR fake IP by checking if it starts with 169.254... as that's a reserved range of IPs that have no meaning on the open internet. They're similar to the 192.168... IPs used for LANs.
megagyatterbomb in the comments
I'm glad MAC will never release, you're a terrible person. -Proton
@@ches2839 my 2015 imac usieng a mac ip address: am i a joke to you!? i don't find it very funny you know. well bescue its a mac useing a mac ip. BESCUE APPLE DESKTOP BRUH.
also now with starlink statilte intenet witch means no lindlines to woory aobut geting jamed anymore. also very very hard to pin pont or track wihout me bacly telling you where i'm am anyway.
It's interesting to see what ips are reserved for what. All ties together
This explain why the past few years when joining a casual valve server. I noticed the game is more responsive compared to the community counter part. I thought i was crazy.
same
1:10 kinda, isp connects to other isps, government channels, university networks, and then likely to a datacenter.
I get putting ISP in a cloud makes it simpler, but it also buries the lede for why routing matters.
yeah it would've made more sense for me to have broken it out further, that way more of the "hops" increasing latency could have been seen whilst i was talking about them. absolutely valid criticism
...So, it may be true that your packets are being sent to governments/universities (I assume you mean for tracking purposes?), but that doesn't mean that your traffic is being slowed down, or even that there are extra hops. Those are most likely to be side branches, as in additional destinations that your packet is being sent to for logging. The only benefit of adding an extra hop would be to perform a man-in-the-middle attack, but since almost all internet traffic is encrypted, it's very hard to do anything with it. ISPs work VERY hard to minimize the numbers of hops necessary, because the computers involved in a "hop" aren't cheap!!
I mean yea but this is basics not an into to networking class
My favorite blue three-letter named video maker is talking about online multiplayer networking! Always hype for these videos! I wish other games also got networking stuff about them explained by people who make videos about said games.
Even if the route is not actually lower latency, the improved reliability easily makes up for it. TF2's interp system is surprisingly capable despite its flaws so a consistent connection with low jitter can be better than one where minimum latency is lower but jitter is high -- which is a common issue seen with "interference" from DoS traffic
this is one of the reasons why steam is the best game launcher, because it also provides a service to handle networking for you
Fun fact: a DDoS attack would mostly focus on volumetry and try to saturate the metro region's transit capacity of Valve's edge connections, which would hinder player connectivity and make it unplayable. The actual servers and application nodes IPs are actually irrelevant when under a volumetric attack since everything would go down either way. What they're really trying to achieve with SDR is to seamlessly re-route user connections through different metro regions and to avoid dealing with endless firewall rules for each cluster as soon as they're being brought up or down from service. Hope that helps. Cheers.
By doing it the way they do, they ensure that even if an attacker manages to saturate one datacenter, your game can just switch over to the next closest data center as it's entry into the SDR network. You might experience a single lag spike while the transfer occured, but then it would be smooth sailing. An attacker simply wouldn't have enough resources to saturate more than a couple of datacenters, and Steam has several hundred.
Thank you Aar, very cool
Valve has implemented this across their games including cs. The problem (although small) is that you don't get to choose which location it connects to. I've had moments where I was rerouted through Sweden for a server in Austria when I lived in Greece. The software especially glitches if for some reason you have high ping across all their servers (which happens a lot to me when I send lots of traffic to another server due to my low upload link). If valve would allow the user to select which servers to connect to, this feature would really be perfect.
there are sdr commands in the console. u can even force only japan/america/europe servers which is funny
@damiannowak3811 really? Could you give me a link to a guide?
L4D2 still does not have SDR
Its just cs, dota and tf2
@varsik289 really? I thought they did.
I have good feelings about this year for tf2. A new Aar upload!
nice video man straight to the point
I had no idea this could be used to connect to friends, but it makes so much sense now!
i love data networking and had no idea such technology was implemented into something like tf2, thanks for the awesome video!
Wow, you know its a new year when Aar uploads something other than gingerbread videos.
Brooo I missed you so much! Good to see you upload content, even tho I quit playing tf2 about a year ago.
Oh nice work I didn't realize this was a thing very cool thanks for the info
hell yes a new aar upload
fascinating and straight to the point. reminds me of 2kliksphilip's style
"how standard dynamic range prevents ddos attacks and lowers ping"
I really hope they eventually fix the favourite issue somehow, I'd love to use it on my community server but I think breaking favourites (and I think joining off friends breaks too?) is too big of a downside ._.
As long as the server you're connecting to isn't closer geographically than the nearest Steam data center, I suspect SDR will almost always be at least a couple milliseconds faster than normal routing. The nearest Steam datacenter to where I live is less than an hour away by car, so there are very very few servers closer than that.
he's alive!
I always wondered what was that message, and this video explained it perfectly, thanks
(also what hud do you use it looks nice)
HES BACK :D
That's pretty sick
thank you blue cat for the information
Although not feasibly possible to do, it would be interesting to compare hop count with and without SDR.
You dropped this video right as Synergy mod for HL2 updated to support this specific function, lol.
OH MY GOD. OH MY GOD YOU'RE STILL FUCKING ALIVE OH MY GOD
For a minute I thought it was about the shortwave radio (software defined radio).
aar tf2
This is interesting! I wonder if third parties have access to this, I'll have to do some research. I'm making my own game with multiplayer and this is really enticing.
AAR LIVES
It might be possible to make a server with SDR that is favoritable using a webdomain and a LOT of elbow grease.
Gotta look into that, as that could be a really cheap, secure and elegant solution to host servers
I'm not sure if this is all accurate, I've joined servers where there's been weird lag and hitching and this is a semi-regular occurrence. Usually when this happens you hear a constant "soft fabric rustling" sound, this usually persists until the server restarts or empties out.
Another day, another Valve W. How many more Ws can Valve collect ??
Look mom, I'm on TV!
Nice to see more nerd shit and explanations of how tf2 or just PC/server stuff works
is this what l4d1 and 2 do when you host a local server?
Unturned game have this same fakeip option on servers months ago
Good vid nice unusuals
Does it mean that with this protection quickplay servers couldn’t be included in the browser search like in good ol days?
It's a pity that Valve doesn't allow you to import your PGP keys to create a secure Internet connection with end-to-end encryption in Casual.
At least Valve servers work with low ping, with the exception of MVM servers which like to lag. Sometimes when searching for community servers, there are servers with a ping of 60 to 33 ms. But once you connect to them, the ping becomes from 100 to 200 ms. I don't understand why this happens.
"lower latency" is not that significant, at best its usually the same as without proxying, it also really depends where the user is located
So what you’re saying is my computer is steam powered? Nice
call of duty could really use some of that stuff for older titles (i don't play cod but i do know that older games are not safe to play)
This is kinda ironic because I’ve noticed and directly found DDOS/ping attacker accounts (of which also have aimbot capabilities) since two years ago and been finding it happening now and then still to this day
Most of these were exploiting bugs in the game itself to cause servers or clients to crash or lag tremendously. DDOS protection can only stop packet spam, not exploits like those.
I wonder if valve would fix the latin servers, because I'm from Peru and when I join Chilean serves my ping skyrockets and goes over 200, the same happens to Chileans when entering Peruvian servers (as well as Brazil, Argentina, etc)
Then thats a node issue between Chile and the rest of the countries in the region.
Malaysia had this issue when the cable between Singapore and Malaysia had problems so logging to Steam for a whole 2-3 months had a 1/3 chance of failing logging in.
@vyruss9348 we have this problem like a year or two
so that's what i'm seeing when i play cs2 on the steam overlay.
i love learning about computers and networking and contributing to the algorithm by writing a youtube comment
wonder how the cs:go servers worked then, because I know hackers would ddoss the server, because I had great internet and would sometimes survive the timeout with it and they would have to do a second, longer round of ddossing after.
ok but i have been in unplayable valve servers in the past 3 years where everyone else also had the same issue (havent experienced ddos attacks in at least a year tho)
I've heard of this somewhere.. Anyway:
0:01 : Yes, very often! It sucks harder than a black hole! Maybe in Amuhrica your connection's great, but not so much here in Europe.
So it's like exitlag but if it actually worked
software definded radio...? idk i didnt watch the video yet
Here i was thinking we were gonna talk about Standard Dynamic Range color 🙄 smh aar
Uh... yeah, I absolutely have experienced that?
Man we need this in left 4 dead 2 😢 you join any l4d2 match on official servers and half way through its getting ddosed
Nice
Someone needs to make a DDNS plugin for fake IPs so that we can add SDR servers as a domain name
seconding the snot out of this
Oh so that's what's cs was using
As usual, Valve being the only billion dollar gameing company, who actually cares about there consumers.
Not the software defined radio video *sob*
hello Aar
Praisth GabeN.
wait what it wasnt just me?
allahs chosen tf2ber
0:00 actually I have a few times
short answer: witchcraft
But remember this:
A player with less than 5 ping is cheating! AFAIK, 5 is the lowest legit ping that TF2 can display.
i watched this whole thing and i dont even play tf2
i dont get why these measures needed to be provoked to exist done like i get it protection what i meant is in wich mind a group of idiots think is correct attack g ame servers and avoid everyone to play like if they own the game, you see a game you play it and you leave if you dont like it
i never saw such a case of group of people taking down servers or ruining experience just because they feel like they own the game, i wish i would have saw those attacks in games like riot games but see was used just for tantrums is phatetic
We got steam vpn before gta 6
No way valve made ping dlss
hi aar
those who sdr:
Does it look like Igaf 🙏💔
neat
tf2 content be crazy these days
epic
A few months ago i had a man child who always rage hacked and then ddosed the sever when he was about to get kicked. Thx valve for this blessing, well he still can rage hack tho 🤣 (he rage hacks for 2 years and fanaly got a vac ban wow vlave)
this has nothing to do with ddos.
also valve servers are vulnerable to DrDDoS and are actively helping in performing DDoS attacks on multiple servers.
winning
Small googoo-gaga children be like "#FixTF2" while bots, lag and queue times have already fixed 2024
Show this to the other tf2 also 😂
Czy to freddy fazbear ?
Aar Aar Aar Aar Aar...
Does it also lower the age of consent?
Uhhh--
Thank you Aar, very cool