I had an opportunity this week to record an episode of the PacketPushers Podcast. It was a great outing that dealt with a lot of listener questions. One of the questions that we didn’t get time to get to, however, involved online gaming and SSH tunneling. I figured I’d do a little more research into it and see what exactly it is that makes this service work.
The game in question here is World of Warcraft (WoW), easily the #1 Massively-Multiplayer Online Role Playing Game (MMORPG) in the world. At any one time, millions of players are logged on to any of the almost 250 servers that comprise the game. Consequently, these servers are located in datacenters housed all over the world in an effort to provide close support and (hopefully) low latency connections. In the MMORPG world, the lower your latency to the server, the smoother things appear in game. When latency increases strange things start happening as the player’s client attempts to update the server as to the location of the player’s character, and the server attempts to update the player’s client as to the location of objects in the realm. When this starts happening, player’s experience the dreaded lag. Lag causes objects to appear out of nowhere, or objects to warp around the screen, or in the worst cases the player’s client freezes waiting for an update from the server. As you can see, having a fast connection is very important for the enjoyment and playability of the game.
SSH Port Forwarding – The Beginning
Originally, the idea of using SSH to forward WoW traffic came about because of firewalls. WoW communicates with the realm servers on TCP port 3724. Many firewalls, especially those found in enterprise networks, allow known traffic such as HTTP or DNS while blocking all unknown protocols. In other cases, firewall admins have specifically blocked traffic known to be associated with peer-to-peer (P2P) protocols, such as Bittorrent or Limewire. At any rate, players found that being behind these firewalls rendered them unable to play WoW. Some enterprising players found that if they encapsulated the packets in SSH and forwarded them to an SSH server that had port forwarding enabled, they were able to connect and play. Essentially, this involves taking the traffic on port 3724 and forcing through an SSH client (like PuTTY) and forwarding it on to an SSH server. The server would then act as a proxy and forward the traffic on to the WoW datacenter. Since SSH is a well-known and quite useful protocol, it is very likely to be passed along without a second thought. Also, as SSH is an encrypted protocol, the firewall isn’t able to break the packet apart and inspect it to determine what kind of traffic it contains. So, through the use of SSH and a proxy server, users were able to play from just about anywhere
Now, how to get people to pay for it
One of the side effects of using SSH forwarding to circumvent firewalls was that some users were seeing their latency drop as a result. Especially for players located in more remote areas of the world, tunneling the traffic to a location with a faster connection caused the somewhat-high ping times to drop to more acceptable levels. A few companies, such as SmoothPING or WoWTunnels have taken this idea to its logical extreme and started charging users for the ability to lower their latency. For a small fee each month, you pay for the use of a client, which automates the whole process of modifying your system to encapsulate the WoW packets in SSH. You also get access to a proxy server that then forwards these encapsulated packets on to the WoW datacenters. The WoWTunnels website claims that the latency is decreased because the packets take a “different path” to your particular WoW server.
This “different path” claim is the reason behind the question to PacketPushers. The listener wondered if these services were just moving the packets on to a faster connection or if they indeed had a secret backdoor into the WoW datacenters. The answer to this question is actually quite easy and requires no real magic. Yes, the packets are taking a different path to the data center. The packets are being pushed through an SSH tunnel to a server that forwards them on to the WoW servers. In essence, this forwarding server is acting as a proxy. If the proxy server has a fast enough connection to the destination it should decrease your latency. As well, by tunneling the traffic as it exits your network, you avoid having it be scanned by firewalls or packet shapers, thereby avoiding these devices dropping your packet priority or increasing latency.
In the end, tunneling your WoW traffic in SSH can decrease your latency for several reasons related to firewalls and faster connections. When you pay someone to automate the process for you, you are essentially paying for them to keep upgrading the pipe they have from their servers to the WoW datacenter. As long as they keep their user traffic segregated and avoid filling up the proxy connection you should see a good connection. But remember that you don’t necessarily need to pay for this service. If you have access to a server that can port forward SSH and aren’t afraid to get your hands a little dirty, give this link a try. But remember your mileage may vary.