forked from spinesystemspublic/documentation
Denys Fedoryshchenko
49 lines
1.3 KiB
Markdown
49 lines
1.3 KiB
Markdown
# Gaming service
|
|
|
|
## Configure pppoes
|
|
|
|
/etc/api.conf
|
|
|
|
```sh
|
|
apikey=SecretTokenRandom
|
|
allowip=10.168.100.
|
|
```
|
|
|
|
allowip must be set to ip of your nat
|
|
|
|
## Configure radius
|
|
|
|
Configure for gaming service radius attribute "Login-LAT-Service" with value "gaming"
|
|
|
|
## Configure nat
|
|
|
|
* Run several instances of pppoe gaming pollers that will retrieve list of gaming users
|
|
|
|
```sh
|
|
gamingclient -u http://pppoeip:apiport/ -k SecretTokenRandom
|
|
```
|
|
|
|
apiport by default 9000, might be different in some cases
|
|
|
|
* Configure ipset for gaming users
|
|
|
|
```sh
|
|
ipset create gamingclients hash:net timeout 120
|
|
```
|
|
|
|
Also add relevant rules to nat users to different pool, for example:
|
|
|
|
```sh
|
|
iptables -t nat -A POSTROUTING -m set --match-set gamingclients src -j SNAT --to-source $GAMING --persistent
|
|
```
|
|
|
|
where $GAMING is ip of your gaming pool (1.2.3.1-1.2.3.10 for example)
|
|
|
|
### How it works?
|
|
|
|
* User login and get gaming service attribute from radius
|
|
* API daemon will detect such user and put in special list available over API HTTP GET request
|
|
* Gaming poller will retrieve list of users and put them in ipset each X seconds
|
|
* NAT will detect users in ipset and will put them in gaming NAT pool by evaluating SNAT rule to gaming
|
|
* If user will be disconnected, gaming poller will not readd user, and it will be removed from ipset after 120 seconds by ipset timeout
|