Recent content by Jest

Sorry about that, not only did it affect us but also a majority of the Chicago datacenter due to it being an upstream issue beyond our control.
It was resolved automatically by the upstream providers.

Just an update that we are indeed still here and taking orders.
Had someone recently ask since we haven't posted in quite some time.

We are also having a major sale in our San Jose, California area.
If you are interested in a server in this location, let us know and we'll work out a lifetime discount.

Is there a server zip or similar setup for dedicated servers that can not run the installer due to not having a GUI ?

Thanks for the feedback, for our Invasion servers:
add_map random_multi_plain_medium
add_map random_multi_plain_large
add_map random_multi_steppe_medium
add_map random_multi_steppe_large

Have been removed from our servers.

Those that have players on them have not been restarted yet so the change won't take effect yet, but will once it empties out and we restart it.

None reported so far, thanks!

Thanks! That worked perfectly.

Thanks for the quick update!
Is this okay to use for 1.171?

We have version 1.171 available now as well.

What do you think of the free public servers?
Any changes in the configuration for Invasion that should be made?
What about our duel servers?

Just an update, it seems the Full 1.170 Server Release is working quite well, almost all of our public free servers are full on invasion mode (we left some duel servers up as well as those are always needed as well).
If you order a server, it will currently contain the Full 1.170 server release and ready to play on, but we still have all of the older versions still in Game Updates just in case as we have noticed some servers have not yet updated that are running modules that might not work in 1.170.

Thanks for the heads up and forward thinking!

With version 1.170 being released in less than a day, we have the 1.170 server patch ready to go under Game Updates, so your server is join-able the moment 1.170 is released if you choose to update.
Our free public servers have already been updated.
We also have RC2 for 1.170 as well with Invasion mode working.
We will also have the true release 1.170 server package available once released.

You can read more here:
https://forums.taleworlds.com/index.php/topic,359496.0.html

Wanted to mention that we found two fixes for application layer issues a while back and wanted to share them.

One is to drop inbound TCP traffic to the Warband server, invalid packets were being sent from malicious users and many times it was TCP based, which Warband doesn't listen for but seems to still process enough to create increased latency only on that game server(WinMTR or Ping will show a much lower ping while in game latency increased based on the size of the attack). 

The other was fixed in a later version of Warband it seems(not 100% sure which version implemented it but was after 1.15, 1.168 is available under Game Updates and while it does not make any changes to the Native folder, the new binaries seem to improve stability and are compatible with all Modules so far tested.
UDP based packets were still an issue, but a combination of the new binaries and custom filtering has reported to have made things much more stable in the past year.

Warband Servers not under an unpatched attack will ping in game the same as a direct network layer ping, which our top tier network providers keep under-subscribed for stable low ping.
Large enough DDoS attacks are still an issue for any game server provider, but as upgrades in DDoS protection have become available, we've upgraded as well.

AlphA-FR said:

1.168?
What news ?

Click to expand...

Was also wondering where to obtain the dedicated server files for 1.168, I could only find the client files.

We've discussed this in the support tickets that were opened for those that were affected and reported issues, we found that DoS attacks were behind the issues, and in some cases network saturating DDoS attacks.

Application layer DoS:
Sometimes just a few IPs will connect to the join port of a Warband server, with around 1-20ms of delay between each packet on a repeating random timer, until the server stops responding or becomes laggy enough to become unplayable. At this point it seems a restart is required on the Warband server application to fully bring performance back to normal after the attack is stopped.
In some cases depending on the attack method this will show up in the Warband logs as well as "someusername has joined the game with ID: 01234567" at an extremely fast rate(1-20ms between each one).
DoS protection is difficult in this case, as the attack mimics a proper connection to the server from a client, or a query; filtering this would mean no one could join the server unless their IP is whitelisted when/if filtering is applied.

In other cases it behaves more like a DDoS attack and is from various random IPs to the join port and does not show up in the log(UDP or TCP can be used).  This method seems to require more unique IPs and more bandwidth from the attacker to have a noticeable effect on server performance, and only affects the targeted game server still.  No information shows up in the logs in this case, but the warband engine still seems to respond in some way to this.

Network level DDoS:
Actual DDoS saturation attacks are automatically handled by the datacenter and DDoS protection, and will show up as packetloss in WinMTR to the host, usually 100%(though in some cases this is just the Firewall, we can explain more in support tickets as it depends on the location).  When this happens the server won't show up at all in the server list until the attack is filtered, and FTP most likely won't work as well.

DDoS protection and onsite monitoring we've always had in place since day one, and get notifications when they happen from the datacenter, but the DoS attack attacks on the application level and leaves a server online generally, and only affects that one Warband server(WinMTR will show no packet loss and low latency, in game latency will be impossibly high and unplayable).
The DoS attacks are small enough in bandwidth/pps that they do not saturate the network and do not provide an alert and are very hard to filter out from normal legit traffic.

We've had some clients who reported the issue continued after they tried another provider or home hosted, so I don't believe there is currently a solid defense against the application level exploit.
If there is one, we will gladly add/patch\filter for it.

If you have had issues, please open a support ticket and we'll look into it and see what can be done.  If for any reason you want to cancel the server, we still offer pro-rated refunds on the remaining paid time so you are never stuck with a service you don't like.