问题描述
我正在尝试在我的 RaspBerry Pi 上设置一个 VPN 服务器,并通过本地桥接到我家的 LAN,以便我住在别处的兄弟们可以在他们的 iPhone 上和我一起玩文明 6。我已根据此 guide 设置了 VPN 和桥接器,并且能够连接到 VPN,甚至可以在 iPad 和 iPhone 之间玩多人游戏。
但这里有一个问题:我只能在游戏主机设备(在这种情况下是我的 iPad)连接到 VPN 并且另一台设备(我的 iPhone)连接到我的 WiFi 时玩多人游戏。当两个设备都连接到 VPN 时,无法玩游戏。连接WiFi的设备(iPhone)尝试成为游戏主机时也无法进行游戏。
在使用 Wireshark 进行调查后,我发现游戏大厅依赖 UDP 广播,而 VPN 以某种方式搞砸了。我不精通网络,但我在这里学习并愿意编辑这篇文章,使其对尽可能多的其他非网络专家有用。谢谢。
更新:我希望这 question 密切相关
详情:
- 我的服务器使用 SoftEther (4.34),安装在 RaspBerry Pi 3 B+ 上
- 我的 RPi 通过以太网直接连接到我的路由器
- VPN 类型为 L2TP 以允许 iOS 设备连接
- 这是我服务器的配置文件
declare root
{
uint ConfigRevision 38
bool IPsecmessagedisplayed true
string Region US
declare DDnsClient
{
bool disabled false
byte Key removingForPrivacy
string LocalHostname raspBerrypi
string ProxyHostName $
uint ProxyPort 0
uint ProxyType 0
string ProxyUsername $
}
declare IPsec
{
bool EtherIP_IPsec true
string IPsec_Secret removingForPrivacy
string L2TP_DefaultHub CivHub
bool L2TP_IPsec true
bool L2TP_Raw true
declare EtherIP_IDSettingsList
{
declare *
{
byte EncryptedPassword removingForPrivacy
string HubName CivHub
string UserName ben.stringer
}
}
}
declare ListenerList
{
declare Listener0
{
bool disableDos false
bool Enabled true
uint Port 443
}
declare Listener1
{
bool disableDos false
bool Enabled true
uint Port 992
}
declare Listener2
{
bool disableDos false
bool Enabled true
uint Port 1194
}
declare Listener3
{
bool disableDos false
bool Enabled true
uint Port 5555
}
}
declare LocalBridgeList
{
bool DoNotdisableOffloading false
declare LocalBridge0
{
string DeviceName eth0
string HubName CivHub
bool Limitbroadcast false
bool MonitorMode false
bool nopromiscuousMode false
bool TapMode false
}
}
declare ServerConfiguration
{
bool AcceptOnlyTls true
uint64 AutoDeleteCheckdiskFreeSpaceMin 104857600
uint AutoDeleteCheckIntervalSecs 300
uint AutoSaveConfigSpan 300
bool BackupConfigOnlyWhenModified true
string CipherName AES128-SHA
uint CurrentBuild 9745
bool disableCoreDumpOnUnix false
bool disableDeadLockCheck false
bool disableDosProction false
bool disableGetHostNameWhenAcceptTcp false
bool disableIntelAesacceleration false
bool disableIPsecAggressiveMode false
bool disableIPv6Listener false
bool disableJsonRpcWebApi false
bool disableNatTraversal false
bool disableOpenVPNServer false
bool disableSessionReconnect false
bool disablesstPServer false
bool DontBackupConfig false
bool EnableVpnAzure false
bool EnableVpnOverDns true
bool EnableVpnOverIcmp true
byte HashedPassword removingForPrivacy
string KeepConnectHost keepalive.softether.org
uint KeepConnectInterval 50
uint KeepConnectPort 80
uint KeepConnectProtocol 1
uint64 LoggerMaxLogSize 1073741823
uint MaxConcurrentDnsClientThreads 64
uint MaxConnectionsPerIP 256
uint MaxUnestablishedConnections 1000
bool NoHighPriorityProcess false
bool NoLinuxArpFilter false
bool NoSendSignature false
string OpenVPNDefaultClientOption dev-type$20tun,link-mtu$201500,tun-mtu$201500,cipher$20AES-128-CBC,auth$20SHA1,keysize$20128,key-method$202,tls-client
string OpenVPN_UdpPortList 1194
bool SaveDebugLog false
byte ServerCert removingForPrivacy
byte ServerKey removingForPrivacy
uint ServerLogSwitchType 4
uint ServerType 0
bool StrictSyslogDatetimeFormat false
bool Tls_disable1_0 false
bool Tls_disable1_1 false
bool Tls_disable1_2 false
bool Tls_disable1_3 false
bool UseKeepConnect true
bool UseWebTimePage false
bool UseWebUI false
declare GlobalParams
{
uint FIFO_BUDGET 1000000
uint HUB_ARP_SEND_INTERVAL 5000
uint IP_TABLE_EXPIRE_TIME 60000
uint IP_TABLE_EXPIRE_TIME_DHCP 300000
uint MAC_TABLE_EXPIRE_TIME 600000
uint MAX_BUFFERING_PACKET_SIZE 480000
uint MAX_HUB_LINKS 1024
uint MAX_IP_TABLES 65536
uint MAX_MAC_TABLES 65536
uint MAX_SEND_SOCKET_QUEUE_NUM 128
uint MAX_SEND_SOCKET_QUEUE_SIZE 320000
uint MAX_STORED_QUEUE_NUM 384
uint MEM_FIFO_REALLOC_MEM_SIZE 65536
uint MIN_SEND_SOCKET_QUEUE_SIZE 80000
uint QUEUE_BUDGET 1024
uint SELECT_TIME 256
uint SELECT_TIME_FOR_NAT 30
uint STORM_CHECK_SPAN 500
uint STORM_disCARD_VALUE_END 1024
uint STORM_disCARD_VALUE_START 3
}
declare ServerTraffic
{
declare RecvTraffic
{
uint64 broadcastBytes 42604084
uint64 broadcastCount 207782
uint64 UnicastBytes 2030208533
uint64 UnicastCount 4625668
}
declare SendTraffic
{
uint64 broadcastBytes 41891871
uint64 broadcastCount 204651
uint64 UnicastBytes 552591599
uint64 UnicastCount 1107498
}
}
declare SyslogSettings
{
string HostName $
uint Port 514
uint SaveType 0
}
}
declare VirtualHUB
{
declare CivHub
{
uint64 CreatedTime 1609918077585
byte HashedPassword removingForPrivacy
uint64 LastCommTime 1609995876361
uint64 LastLoginTime 1609942021302
uint NumLogin 20
bool Online true
bool RadiusConvertAllMsChapv2AuthRequestToEap false
string RadiusRealm $
uint RadiusRetryInterval 0
uint RadiusServerPort 1812
string RadiusSuffixFilter $
bool RadiusUsePeapInsteadOfEap false
byte SecurePassword removingForPrivacy
uint Type 0
declare AccessList
{
}
declare Adminoption
{
uint allow_hub_admin_change_option 0
uint deny_bridge 0
uint deny_change_user_password 0
uint deny_empty_password 0
uint deny_hub_admin_change_ext_option 0
uint deny_qos 0
uint deny_routing 0
uint max_accesslists 0
uint max_bitrates_download 0
uint max_bitrates_upload 0
uint max_groups 0
uint max_multilogins_per_user 0
uint max_sessions 0
uint max_sessions_bridge 0
uint max_sessions_client 0
uint max_sessions_client_bridge_apply 0
uint max_users 0
uint no_access_list_include_file 0
uint no_cascade 0
uint no_change_access_control_list 0
uint no_change_access_list 0
uint no_change_admin_password 0
uint no_change_cert_list 0
uint no_change_crl_list 0
uint no_change_groups 0
uint no_change_log_config 0
uint no_change_log_switch_type 0
uint no_change_msg 0
uint no_change_users 0
uint no_delay_jitter_packet_loss 0
uint no_delete_iptable 0
uint no_delete_mactable 0
uint no_disconnect_session 0
uint no_enum_session 0
uint no_offline 0
uint no_online 0
uint no_query_session 0
uint no_read_log_file 0
uint no_securenat 0
uint no_securenat_enabledhcp 0
uint no_securenat_enablenat 0
}
declare CascadeList
{
}
declare LogSetting
{
uint PacketLogSwitchType 4
uint PACKET_LOG_ARP 0
uint PACKET_LOG_DHCP 1
uint PACKET_LOG_ETHERNET 0
uint PACKET_LOG_ICMP 0
uint PACKET_LOG_IP 0
uint PACKET_LOG_TCP 0
uint PACKET_LOG_TCP_CONN 1
uint PACKET_LOG_UDP 0
bool SavePacketLog true
bool SaveSecurityLog true
uint SecurityLogSwitchType 4
}
declare Message
{
string MessageText Hello$20family!$20Let's$20play$20some$20Civ!
}
declare Option
{
uint AccessListIncludeFileCacheLifetime 30
uint AdjustTcpMssValue 0
bool ApplyIPv4AccessListOnArpPacket false
bool AssignVLanIdByRadiusAttribute false
bool broadcastLimiterStrictMode false
uint broadcastStormDetectionThreshold 0
uint ClientMinimumrequiredBuild 0
bool DenyAllRadiusLoginWithNoVlanAssign false
uint DetectDormantSessionInterval 0
bool disableAdjustTcpMss false
bool disableCheckMacOnLocalBridge false
bool disableCorrectIpOffloadChecksum false
bool disableHttpParsing false
bool disableIPParsing false
bool disableIpRawModeSecureNAT false
bool disableKernelModeSecureNAT false
bool disableudpacceleration false
bool disableudpFilterForLocalBridgeNic false
bool disableusermodeSecureNAT false
bool DoNotSaveHeavySecurityLogs false
bool DropArpInPrivacyFilterMode true
bool DropbroadcastsInPrivacyFilterMode true
bool FilterBPDU false
bool FilterIPv4 false
bool FilterIPv6 false
bool FilterNonIP false
bool FilterOSPF false
bool FilterPPPoE false
uint FloodingSendQueueBufferQuota 33554432
bool ManageOnlyLocalUnicastIPv6 true
bool ManageOnlyPrivateIP true
uint MaxLoggedPacketsPerMinute 0
uint MaxSession 0
bool NoArpPolling false
bool NoDhcpPacketlogoutsideHub true
bool NoEnum false
bool NoIpTable false
bool NoIPv4PacketLog false
bool NoIPv6AddrPolling false
bool NoIPv6DefaultRouterInRAWhenIPv6 true
bool NoIPv6PacketLog false
bool NoLookBPdubridgeId false
bool NoMacAddressLog true
bool NoManageVlanId false
bool nophysicalIPOnPacketLog false
bool NoSpinLockForPacketDelay false
bool RemoveDefGwOnDhcpForLocalhost true
uint requiredClientId 0
uint SecureNAT_MaxDnsSessionsPerIp 0
uint SecureNAT_MaxIcmpSessionsPerIp 0
uint SecureNAT_MaxTcpsessionsPerIp 0
uint SecureNAT_MaxTcpsynSentPerIp 0
uint SecureNAT_MaxUdpSessionsPerIp 0
bool SecureNAT_RandomizeAssignIp false
bool SuppressClientUpdateNotification false
bool UseHubNameAsDhcpuserClassOption false
bool UseHubNameAsRadiusNasId false
string VlanTypeId 0x8100
bool YieldAfterStorePacket false
}
declare SecureNAT
{
bool disabled true
bool SaveLog true
declare VirtualDhcpserver
{
string DhcpDnsServerAddress 192.168.30.1
string DhcpDnsServerAddress2 0.0.0.0
string DhcpDomainName hsd1.ma.comcast.net
bool DhcpEnabled true
uint DhcpExpireTimeSpan 7200
string DhcpGatewayAddress 192.168.30.1
string DhcpLeaseIPEnd 192.168.30.200
string DhcpLeaseIPStart 192.168.30.10
string DhcpPushRoutes $
string DhcpsubnetMask 255.255.255.0
}
declare VirtualHost
{
string VirtualHostIp 192.168.30.1
string VirtualHostIpsubnetMask 255.255.255.0
string VirtualHostMacAddress 5E-AB-10-E2-3E-56
}
declare VirtualRouter
{
bool NatEnabled true
uint NatMtu 1500
uint NatTcpTimeout 1800
uint NatUdpTimeout 60
}
}
declare SecurityAccountDatabase
{
declare CertList
{
}
declare CrlList
{
}
declare GroupList
{
}
declare IPAccessControlList
{
}
declare UserList
{
declare andrew.stringer
{
byte AuthNtLmSecureHash removingForPrivacy
byte AuthPassword removingForPrivacy
uint AuthType 1
uint64 CreatedTime 1609918659604
uint64 ExpireTime 0
uint64 LastLoginTime 0
string Note $
uint NumLogin 0
string RealName Andrew$20Stringer
uint64 UpdatedTime 1609918659604
declare Traffic
{
declare RecvTraffic
{
uint64 broadcastBytes 0
uint64 broadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
declare SendTraffic
{
uint64 broadcastBytes 0
uint64 broadcastCount 0
uint64 UnicastBytes 0
uint64 UnicastCount 0
}
}
}
declare ben.stringer
{
byte AuthNtLmSecureHash removingForPrivacy
byte AuthPassword removingForPrivacy
uint AuthType 1
uint64 CreatedTime 1609918539193
uint64 ExpireTime 0
uint64 LastLoginTime 1609942021302
string Note $
uint NumLogin 9
string RealName Ben$20Stringer
uint64 UpdatedTime 1609918539193
declare Traffic
{
declare RecvTraffic
{
uint64 broadcastBytes 34929372
uint64 broadcastCount 168190
uint64 UnicastBytes 144728245
uint64 UnicastCount 186092
}
declare SendTraffic
{
uint64 broadcastBytes 52654
uint64 broadcastCount 866
uint64 UnicastBytes 101492350
uint64 UnicastCount 168652
}
}
}
declare jonathan.stringer
{
byte AuthNtLmSecureHash removingForPrivacy
byte AuthPassword removingForPrivacy
uint AuthType 1
uint64 CreatedTime 1609918628744
uint64 ExpireTime 0
uint64 LastLoginTime 1609940474866
string Note $
uint NumLogin 2
string RealName Jonathan$20Stringer
uint64 UpdatedTime 1609918628744
declare Traffic
{
declare RecvTraffic
{
uint64 broadcastBytes 822089
uint64 broadcastCount 4507
uint64 UnicastBytes 78066192
uint64 UnicastCount 64377
}
declare SendTraffic
{
uint64 broadcastBytes 2297
uint64 broadcastCount 7
uint64 UnicastBytes 3227082
uint64 UnicastCount 33286
}
}
}
declare lena.schaller
{
byte AuthNtLmSecureHash removingForPrivacy
byte AuthPassword removingForPrivacy
uint AuthType 1
uint64 CreatedTime 1609918701879
uint64 ExpireTime 0
uint64 LastLoginTime 1609941914961
string Note $
uint NumLogin 9
string RealName Lena$20Schaller
uint64 UpdatedTime 1609918701879
declare Traffic
{
declare RecvTraffic
{
uint64 broadcastBytes 6078133
uint64 broadcastCount 31362
uint64 UnicastBytes 131522522
uint64 UnicastCount 153793
}
declare SendTraffic
{
uint64 broadcastBytes 84586
uint64 broadcastCount 1612
uint64 UnicastBytes 71285928
uint64 UnicastCount 118902
}
}
}
}
}
declare Traffic
{
declare RecvTraffic
{
uint64 broadcastBytes 42604084
uint64 broadcastCount 207782
uint64 UnicastBytes 2030208533
uint64 UnicastCount 4625668
}
declare SendTraffic
{
uint64 broadcastBytes 41891871
uint64 broadcastCount 204651
uint64 UnicastBytes 552591599
uint64 UnicastCount 1107498
}
}
}
}
declare VirtualLayer3SwitchList
{
}
}
解决方法
由于您没有说出您在 Wireshark 上看到的内容,这只是对出了什么问题的猜测。
这个多人游戏的机制大概是这样的。
- 主持人倾听并等待其他人发现并加入游戏。
- 加入者通过在本地网络上发送多播数据包(例如通过 mDNS)来发现主机。
- 一旦主机收到其中一个数据包,它就会通过单播回复新加入者。
- 建立连接并开始游戏。
但是,由于某种原因,加入者仅通过本地网络发送发现数据包,其中包括 WiFi 和 LAN,但不包括 VPN。因此,如果加入者使用 VPN,则永远无法访问主机。
请与 Wireshark 分享您的观察,以便我可以更准确地回答。