On 5/9/2019 10:21 PM, Calvin J wrote:
There isn't much Valve can do in regards to detect this per server while the list is loading. We're talking about fundamental aspects of the internet.
One way that Valve could address this would be to blacklist servers that are seen using this tactic, or to penalize them in the list. It wouldn't be terribly difficult for them to test for the technique in an automated way, but they could also do it by hand in response to reports. They have used these techniques for handling other types of abuse.
You're also assuming malice on behalf of GFLClan, whereas it seems like they're trying to prevent having to constantly switch IPs when changing providers. (according to their forums, here <https://gflclan.com/forums/topic/39299-update-on-gfls-network/>.) Anycasting also gives you the ability to failover in the event of DDoS attacks and other network/routing issues.
I don't think that the concern here is about advertising their own IP space from multiple PoPs. That's normal and fine from an operational perspective. I think the concern here is about someone proxying queries at the edges of a multi-PoP network and giving out fake responses. Spoofed queries (the DDoS attack that this theoretically helps with) are relatively uncommon and such attacks are rarely large, so this behavior would not be necessary from a DDoS mitigation or routing standpoint.
(That said, I have not looked at what GFL is doing specifically. I am going off what has been said here.)
Also, please, let's not go along with the misuse of the term "anycasting" as meaning "advertising a prefix from multiple places and forwarding traffic to a single endpoint" -- that's just a /network/ :). Tunneling incoming traffic to a game server over the open internet is more virtualized than the traditional practice of leasing transport, but it's fundamentally the same thing. (And having routers intercept and respond to just queries would not be true anycast, either.)
-John _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/
