How do you calculate physics server side?

Hello, im currently writing a udp server outside of my unity project, and i'd like to know i could have the physics that i would calculate in the clients instead be done in the server... any ideas?

 

A solution might be that you run your (unity) application on the server. With a C# you recognize the state of the game in each FixedUpdate(). With the c# script you communicate by example by com (component object model) or with a realtime databse with your other software. The game application should have no graphic objects for performance.

Maybe you tell why you would do that because this is too expensive for server.

 

So it isn't hackable, but I'm having trouble finding out how to achieve that.. It is a 1v1's game with league of legends style
So there will be many concurrent games (hopefully)
I'm thinking about learning to use sharpnav and bulletsharp to do physics server side, is that a good approach?

 

bump

 

Anything done clientside is subject to exploitation. This is why servers usually handle verification and simulation, then pass it to the clients with authority.

 

Big commercial games, seldom have server side physics. Indies who don't know better, are usually the ones doing that.

Server side physics itself won't prevent hacking. It might help prevent players from getting into places they shouldn't be, but usually it's what they can do as a result of that which matters. And there are almost always far simpler ways to solve that. Even to prevent going into places they shouldn't is much easier solved by simply checking for that specifically, which requires far less effort then full server side physics.

You have a level, you have some type of logic for what is or isn't accessible. You might think you don't but you really do, even if it's just the limits of what the controller can do. So just check for that and act accordingly. Deny any actions if they get there, teleport them out, whatever. The player might think they succeeded but other players will see what the server says' they should see.

Always identify with specificity what you actually want to prevent and why when it come to hacking. And target that directly. That forces you to think the problem through better, and avoid solutions that sound good but in practice just suck up a lot of time with little to no actual gain.

 

Solution with Unity Physics on Server and other application on server: Interprocess Communication is a bit difficult. Alternatively you could use Network. This is simple. There are TCP Modules for Unity. You send your data to ip '127.0.0.1' then the other application on same pc can get the message.

You can use your the two modules sharpnav and bulletsharp. This is less expensive than have running a whole unity media instance. The Problem with server side load is that you need somehow bigger server. As long you don't earn money with the game, you got negative bilance.

If i had your problem i would solve it without physics on a server: You have anyway to send the data from one client(player) to all other. The other clients can check if the player is cheating. If a client detects a cheat of another player he sends the information to the server. When all other clients detect a cheat the cheating client is kicked by the server. The clients won't recognize the additive calculation power. And it's very simple to implement. By example for position: you make colliders where a player can't be. If there is a collision detect from another player with this collider you send the server the information that he is cheating.
This concept is given in many games but there the player (human) send a cheating report to server.

 

yes but if the server doesnt control the game based on player inputs, everything gets trickier, for example: its a 1v1's game, so its a clients word against the other, i can see how i can make velocity not hackable by saving the players position in the server and comparing to the next one, and the stats by having them all saved on the server aswell, but about clipping, cant the hacker mess with the colliders i put to detect him moving through walls... or try and get the other user banned by sending fake info to the server..? i liked the client democracy system you told me but i cant implement it on this type of game

also: how can i have my server run multiple small servers (each for one game between 2 people) without any graphics, and have the server connect to those small servers with input from users, and have the client physics from each game happen in those servers? other then this, the only way i see is really to find a way to get some other physics engine and somehow do what i just described

 

If you want to ensure a player has LOS, you can simply keep a collection of bounds on the server and do ray/bounds intersection tests.

For movement you can do pretty much the same thing. Server just knows collider bounds, prevents players from moving through them.

There are tons of tricks like this for most everything just assume that going in. You don't need full server side physics for any of this that's just using a hammer to kill a fly.

 

I'm sorry im kind of new to all of this, but still, i'd have to get a server per game (2 players) to do that, right? And do i not need to worry about people messing with the abilities methods and physics?
Gameplay wise is similar to league of legends or dota2.

 

You can make your hack avoidance with the server, it isn't a problem but chose efficient code. So i agree with snacktime, not a complete physics engine, just a raycast and position examination. Then clearly they could mess up with physics. I think you have too many focus on hacking.

"I'm sorry im kind of new to all of this, but still, i'd have to get a server per game (2 players) to do that, right?" No.

You don't need a whole server for each game! If your game grows you will need more servers, but not at the beginning.
Let's call the hack-avoidance "small servers" as you call as hack-apps.
Let's call the "big server" as organisation-app. This is where people choose enemy or room, or where people can buy differents stuff or where you have a database running for user information like name.

It's made the following way. You have one Server. Your clients connect by the IP and a Port X (by example 2345). The organisation app sniffs at this port. So your clients connect to this app, when they start the game. The organisation app has the ip adresses of each client.

Then you wan't to make a 1 vs. 1 game. The organisation-app chose the two players, since every player is connected to the app he knows all players. When the organisation app has two players he starts an instance (open the same program a multiple time) of the hacking app (You can have a programm running multiple times on one computer). The organisation app gives the hacking app the ip adresses of the two players. The hacking app then connects to the clients.
If the players have finished the game they close the connection to the hacking app and reconnect to the organisation app. The hacking app closes by its self, when all players left the game.
This is, instead of having a lot of small servers, you just run instances of the application.
And the best on this is: When your game grows up you can scale (make it bigger) by putting the hacking apps on different servers.

Therefore there is finished code (the concept may differ in detail a bit of mine). You can google it. You should use finished code. I also found videos where they explain concepts like this.

 

Just look how you make the thing with the Server. For choosing a room with the players or your 1vs1 players. If you have this, you will see, that this includes your concept of your hack avoidance with physics on the servers.

 

How can you say this?
I've read a fair bit on this, and what I read is that the client world is compared with the server world every now and then.
If the two don't match, the server uploads the actual game status to the client.
The server is dominant, no hacker can do anything when the mechanics happen server side.

 

Thanks for all the input, im gonna go with this architecture then, with antihack process per game, just a few questions:
im thinking of keeping the server outside of unity and eventually use it for new clients, and to have a lighter version of my project only with the necessary stuff as the antihack process to check for illegal stuff, this being said, for each 2 clients, the server will open that unity instance, do i keep receiving data from those two clients on my main server and have the server communicate the data to the anti-hack? if not, how can i make the clients send the data directly to the antihack? if i make new ports for each antihack, considering each game has only 2 players, this can escalate quickly, is it wise to have a different port for each game?

 

"do i keep receiving data from those two clients on my main server and have the server communicate the data to the anti-hack?" No.
The organisation server is usually made with TCP-protocoll. The anti-hack with UDP. One reason you shouldn't do that. But anyway don't do it, because your main server will lag. If you have 100 games open, and the organisation server has to forward each packages to the games server it's too much. While players in game i would close the organisation connection for saving resources.

if not, how can i make the clients send the data directly to the antihack?
When you open an instance of the antihack, the organisation server gives the antihack server the ip adresses of the clients of that match. The antihack server then connects to the clients. There you have your direct connection without the gameserver.
How can you do that? Usually ervery software has a static main procedure. When you open any programm multiple time, they all start there. There you release a new thread and pass the ip-adresses. I could give you code in python. But Unity don't have something like that.
I would make it like that way: You found two players. You open the hack programm by the organisation server. The hack programm listen to the port you defined when it opens. With your orga server/app you send over IP '127.0.0.1' + defined port (it's send to the same pc) the ip adresses from organisation to the hack-server. Then the hack server has the ip's and connects to the clients, which are waiting for the hack server in the meanwhile. The best on this is: if your game grows up and you need more server, you just change the ip adresses.

if i make new ports for each antihack, considering each game has only 2 players, this can escalate quickly, is it wise to have a different port for each game?
No you don't need. you can run all at the same port. The Network interface detects the right programm/instance of hack (correct designation is socket) by the port and ip. But you can use for each game a different port, the cpu will lag in your case before you could use all ports

 

Thanks! I'll follow that structure than, gonna learn about the thread pool and use it to handle each antihack then to see if it can handle many. Thanks a lot!

 

I am thinking of each antihack with its socket bind to the same ip and port ( using reuseaddr, something i found searching ), will every socket receive every messages sent to this ip&port? and then i would have to filter the messages that i want? would two beginreceivefrom() methods, one for each client connection on each antihack serve for this purpose?

 

"I am thinking of each antihack with its socket bind to the same ip and port ( using reuseaddr, something i found searching ), will every socket receive every messages sent to this ip&port?" No, the sorting is done before. You don't have to care about.
"would two beginreceivefrom() methods, one for each client connection on each antihack serve for this purpose?"
I don't know this function "beginreceivefrom()". Usually you start listen/sniffing to the port, and when client/server tries to connect, the socket establish the connection.
I would start the connection from the server-hack-software to the clients. But you can also start the connection by the clients. But might go wrong, this is: If the clients connect one instance of the hack-softare has to listen to the port. The others hack software instances which are open then should not listen to the port (It's ok when they are in the game). The problem is, when you start a hack-software instance and it takes a while until the players have connected and you start another hack-software instance for another match and it listen to the port too, you don't know what happens. It works when they stop listen when the game is full, but you can not be sure which player are in the same game. It might also happen, that you have more players connected to one hack-instance than allowed, but it's remarked too late because of processing time (the socket connected but your software haven't check maximum players). Then the client is disconnected, and he has start from beginning.

You don't need a special module or other software. With c# it's easy. Server for organisation ~30-40 lines of code, hack instance (game code) + 20 lines of code with standard c# library.

Code (CSharp):

1.  
2. private static Socket SenderSock;
3. private string IPAdr="111.111.111.1111";
4. private int Port=111;
5. //returns true if connected else false
6.     public static Boolean OpenSocket()
7.     {
8.         // Data buffer for incoming data.
9.         byte[] bytes = new byte[1024];
10.  
11.         // Connect to a remote device.
12.         try
13.         {
14.             // Establish the remote endpoint for the socket.
15.             //if Dns resovler:
16.             //Dns.GetHostEntry(Dns.GetHostName());
17.          
18.             IPAddress ipAddress = IPAddress.Parse(IPAdr);
19.             IPEndPoint remoteEP = new IPEndPoint(ipAddress, Port);
20.  
21.             // Create a TCP/IP  socket.
22.             SenderSock = new Socket(ipAddress.AddressFamily,
23.                 SocketType.Stream, ProtocolType.Tcp);
24.  
25.             // Connect the socket to the remote endpoint. Catch any errors.
26.             try
27.             {
28.                 SenderSock.Connect(remoteEP);
29.                 Debug.Log("Socket connected to {0}" +
30.                     SenderSock.RemoteEndPoint.ToString());
31.                 // Receive the response from the remote device.
32.                 return true;
33.             }
34.  
35.             catch (ArgumentNullException ane)
36.             {
37.                 Debug.Log("ArgumentNullException : {0}" +  ane.ToString());
38.             }
39.             catch (SocketException se)
40.             {
41.                 Debug.Log("SocketException : {0}" +  se.ToString());
42.             }
43.             catch (Exception e)
44.             {
45.                 Debug.Log("Unexpected exception : {0}" +  e.ToString());
46.             }
47.  
48.         }
49.  
50.         catch (Exception e)
51.         {
52.             Debug.Log(e.ToString());
53.         }
54.         return false;
55.     }
56. //close the socket properly
57. private static void CloseSocket()
58.     {
59.  
60.         // Release the socket.
61.         SenderSock.Shutdown(SocketShutdown.Both);
62.         SenderSock.Close();
63.     }
64.  
65. //send a message
66. private static void SendMsgOverSocket(String s)
67.     {
68.         // Encode the data string into a byte array.
69.         byte[] msg = Encoding.ASCII.GetBytes(s + "#");
70.  
71.         // Send the data through the socket.
72.         int bytesSent = SenderSock.Send(msg);
73.     }
74.  
75. public static void SendMain()
76.     {
77.  
78.      
79.         if (OpenSocket()) {//if socket has connected
80.        
81.                 SendMsgOverSocket("Hi i am connected");//send message
82.          
83.         }
84.         else
85.             Debug.Log("No Connection Estabilshed :/");
86.  
87.     }

 

And the usings for c#

Code (CSharp):

1. using System.Collections;
2. using System.Collections.Generic;
3. using UnityEngine;
4. using System;
5. using System.Threading;
6. using System.IO;
7. using System.Net;
8. using System.Net.Sockets;
9. using System.Text;

 

Sorry, i think i didnt state my problem correctly.
I've gone with the tcp for initial connection and udp for antihack instances. tcp will wait for two new connections, opens an antihack instance with the ip's of both clients as arguments and closes the tcp connections to those two.

Antihack instances are unity applications running on headlessmode (to be able to use the game physics, the navmesh on the terrain, etc) and communicate with udp. All these unity instances will have a socket bind to the same port, and they all have information about the two ipaddresses that each should handle. They work by receiving packets with player input (ex: where players click to move) and constantly sending packets with player positioning and/or other events that occur, for example when using abilities, if it hits a player or not.

how do i manage information that many players send to this one udp port to its respective application? will each antihack socket receive every message from every client (in that case i'd just have to get a antihack_id system between clients and the instances and include it in the messages)?

 

how do i manage information that many players send to this one udp port to its respective application? That makes the OS System/Networkdriver for you. The Operating system distributes the incoming messages to the sockets by IP and Port. So the operating system knows to which instance from unity-hack app respective thems sockets it has to send, because every player has his own ip.

Once a connection to a socket is set, the incoming message is sortet to the right socket by OS, even same port.

If you connect from your hack-app to the clients don't worry, open your multiple instances of the hack app. It's sortet by the OS.

 

It's 2020 but i found it very helpfull. Thank you very much

 

https://assetstore.unity.com/packages/tools/physics/dedicated-server-physics-synchronization-160594

 

https://github.com/bepu/bepuphysics2

 

Is it thread-safe? I mean if I have several rooms on a server wouldn't they compete for some resources? F.e static variables, or singleton buffers. I've already had such troubles before with some math library.

 

Good point, but i didn't use this library before. But as i see "Simulation" runs as instances, i think you should check "Links" section on Github page.
Getting Started page: https://github.com/bepu/bepuphysics2/blob/master/Documentation/GettingStarted.md

 

If this is true, I would certainly like to know how the server can be authoritative regarding the outcome of pawn positions from physics interactions. Please, pray tell... anyone... anyone at all.

 

Thank you for this information I am searching for this answer from long back it is helpful.