In a previous blog post I discussed online accounts for my upcoming game Spandex Force: Superhero U. I have done some thinking and revised my API quite a bit. For the technically inclined people, here’s a summary of how I’m doing things instead:

First of all, the main reason for the online accounts is to allow a user to play his game on various platforms. Windows, Mac, online, iPhone, Android, etc. All clients will connect to the online account and be able to access the available heroes.

In order to allow this, I have some basic criteria:

• A simple REST based API. No SSL encryption since all platforms cannot support it
• Extremely easy to use. There’s no use in having online accounts if it introduces problems for the end user
• Light-weight. I’ll be using my webserver for this, so I hope that it’ll cope with this if the traffic is light-weight

My first approach included email and password authentication, and the user had to register an account in order to activate these features. Pretty simple, but not simple enough. In version 2 of my API I’m going for this approach instead:

• An unregistered version of the game will request an ID from the server. The unregistered version will store everything both locally and online.
• As soon as a registration code is entered, the server will check if another ID already has used that registration code. If so, it will tell the client to start using that ID instead, and synchronize the heroes between the two IDs. If no ID has used the registration code, it simply assigns it to the existing ID.
• The client automatically remembers the registration code and which ID to connect to, and does a local and online save of everything.

The benefit of this approach is that the user doesn’t have to register an account – he only has to enter a registration code. Also, he doesn’t have to give up any personal information at all. Also, it’s a bit of a piracy deterrent: since a registration code is connected with the heroes that are saved, anyone who spreads his registration code will let others access his stuff…

Additionally, the actual API has been changed a bit:

• Seed (input: ID) – Generate a new seed value for this user
• ID (input: ID, registration key, old ID) – Get a new ID, or get an ID connected to a registration code (depending on the input)
• Login (input: ID, hash) – Authenticate the user
• Heroes (input: ID, hash) – Get a list of this user’s heroes
• Save (input: ID, hash, revision, hero data) – Save a hero
• Load (input: ID, hash, hero name) – Load a hero
• Delete (input: ID, hash, hero name) – Delete a hero
• Opponents (input: ID, hash, hero name) – Get suitable opponents for a hero
• Set achievement (input: ID, hash, achievement) – Store an achievement status
• Get achievements (input: ID, hash) – Get a list of all achievements

You can see that the API has been expanded with getting opponents to fight (used in the Battle Arena) and storing/getting achievements. All in all, I think that this is a step in the right direction. Everything seems to be working smoothly now and the only downside is that it can take a few seconds to log in or get the list of current heroes, as opposed to if everything was done locally.

Can’t wait to see all the problems that will pop up once I let people actually use this…

This last year has given me a slight memento mori; made me think about the vulnerability of data storage. For a couple of years I have taken some reasonable precautions: double backups of most important things on different hard drives, plus a backup on a RAID-ed Qnap NAS. This has proven to be effective and suitable for my needs. Up until recently.

I moved to Stockholm less than half a year ago, and in that move I “lost” most of my electronic infrastructure. Well. Technically, I still have a couple of computers and hard drives and whatnot in boxes in the cellar, but since I’m now living with a semi technophobe I’m not allowed to have unsightly and noisy machinery lying around in the house. Instead, I’ve come to rely on a single laptop and my Qnap NAS (that’s hidden in a closet).

The problem is that my NAS started making angry noises a couple of weeks ago, signifying that the hard drives might be getting a bit old and tired. Like me. So, I had to re-think my storage solutions.

What type of storage do I need?

• Short-term media storage – stuff I intend to consume and then remove.
• Long-term media storage – rare TV series, bought apps and games, and so on.
• Old backups – gigs and gigs of music, drawings, photos, game projects, app projects, and much more.
• Game project storage – non-version-handled files that take up a lot of space. Art, designs, music mixes, and much more.
• Code repository – I previously had an SVN repository on my Qnap. Something with version handling is needed.
• Documents – various documents that I need to access.

After a lot of tinkering I’ve come up with a solution that seems to work fine. If anyone feels like drinking from my experience and avoid messing around with various dead ends, here’s what I’ve decided on for now:

• Short-term media storage – Laptop
• Long-term media storage – ZyXEL NAS
• Old project backups – ZyXEL NAS
• Game project storage – Dropbox
• Code repository – Bitbucket
• Documents – Dropbox

In other words, I have four different locations to place data:

• My laptop – great for instant accessibility, but not much space.
• ZyXEL NAS – good for storing stuff semi-permanently. A NAS breaks down sooner or later, so I have to make sure to duplicate the data from this one in a while. This is my weakest link right now.
• Bitbucket – pretty awesome online code repository that uses Mercurial. Relatively easy to use together with TortoiseHG, the free account gives you a lot of stuff, plus I love how the meta files are NOT mixed with the checked out repository like in SVN.
• Dropbox – I was a bit sceptical about this at first, but after trying out the free version (2 GB) for a while I upgraded it to 50 GB. So far it’s working great for always having access to my documents and game project files. I love how it synchronizes the files in the background without making a big fuss. And it’s pretty neat to be able to access my documents from my Android phone too.

As you can see, I’ve gone all online storage! Who would’a thunk it? The good think about both Bitbucket and Dropbox is that a perfectly fine local copy is retained. So, as long as I have two “checked out” versions on different computers plus everything stored online I think that I’m safe enough.

In fact, I’m so pleased with my experiences that I toyed with the idea of having everything I need stored online. Alas, that’s simply not feasible. Storing a few gigs online is just fine, but the common down and upload speeds are way too slow to make it feasibly for 500+ GB. So, I’m going to have to stay with a NAS as well for a few more years. Maybe until 4G is common enough to give reasonable speeds everywhere.

These last days I’ve seen quite a few articles on the ‘net mentioning MySpace’s recent “Data Availability” program which will make them share data with, among others, Yahoo and Twitter. This revelation is often mentioned alongside DataPortability, a framework for combining information from different social networking sites. I’m all for solutions like this; I love the thought of having data being accessible from everywhere (as long as it’s in a controlled manner). Not that I see much point in it, myself – I can easily add what’s needed manually to the few social networking sites I’m active on. But I love the idea.

One problem is that this is yet another attempt at creating an open standard that can be used by anyone and everyone. I’m sure that DataPortability thinks that it’s special and unique and brings something new into the disarrayed online world…but I’m also sure that OpenSocial feels the same way, just as FriendFeed and who knows how many others. Looking at DataPortability’s FAQ page it seems that they are aware of the problem of constantly re-inventing new standards; they want to use existing standards effectively instead. …But in a controlled manner. According to their recommendations. …Which sounds like they are trying to impose a standard, after all. One good thing about DataPortability is the fact that they won’t try to make a centralized storage point for all data – unlike FriendFeed, which sounds like utter bollocks.

Anyway, good luck to all of them, and I’m not stupid enough to look a gift horse in the mouth: if DataPortability (or some other standard) becomes a wide-spread way of sharing data I’ll definitely look into how I could use it in upcoming projects. For example…Spandex Force 2. I could imagine some cool uses such as importing personal information into the game, accessing photos that can be converted into an in-game avatar pic, or sharing pictures of impressive victories. Amongst other things.

I suspect that this could even be used for cross-game character data. It’s the old utopian dream that fanboys have yearned about for years and years: imagine that you’re playing an RPG and that you’re pretty fond of Mr. Fagball (as your character might be called). Then you want to play another RPG – or even a game of a completely different genre – and you could now have the option of using Mr. Fagball in that game as well! Yayness! Of course, it would probably work like utter crap if it was implemented badly, but I could imagine that static character traits could be shared even though game-specific data isn’t.

For example, if Mr. Fagball is a character in an RPG his STR stat might be at 16. Even if this would be possible to translate into strength in a strategy game, it might be completely ludicrous – the strategy game could become totally broken. However, if the RPG game stored information about Mr. Fagball’s pot-bellied appearance, that could (possibly) be of use in the strategy game as well. Like a cross-platform Mii. Except that this sharing wouldn’t have to stop at mere appearance; if data was gathered through social sites as well, personal information could be utilized by the game in order to make an uncannily scary experience.

“Give it up, Moop-Gleez! Your evil plans are brought to an end!”
“So, Mr. Fagball… You have come to destroy me? I think not – I know your weakness! You made out with Patrick’s sister last weekend, and if you don’t throw down your sword right now I’ll e-mail him and tell!”
“NOOOOO!”

On a Swedish IT news site there are a few interesting headlines; one of which is that Sweden is “best” in Europe at using the Internet. (Link; beware – it’s in Swedish.) First of all, let me object to the word best. Let’s see. What constructive criticism could I conjure against that use…? Maybe…the fact that it’s complete and utter bollocks! Best is a marvellous word for quantifiable comparisons within a clearly measurable area, but in what way is Internet use a measurable area? And what exactly would “best” imply? That we’re best in Europe at finding warez? That we waste time on the Internet instead of working? That we know how to write good Google keywords? The phrase is completely ridiculous and says nothing at all.

And on the note of Google, there is another headline at the same site: Why Google is Making Us Dumber. Basically, that article insists that Googling stuff makes us dumber; for instance we no longer do conversion arithmetic by hand (or by head, rather) – instead we use Google features for those kinds of things. Well, let’s see if I remember my logic classes; I’ll try to make a modus ponens situation out of this. But I’ll leave out the predicate logic.

If P then Q, where P = “increased Google use” and Q = “getting dumber.” And I’ll introduce R = “increased Internet use” as well, and state the intuitive hypothesis that if R then P. Then we have the following:

(R -> P) AND R
-> P

(P -> Q) AND P
-> Q

Thus, Swedes are getting dumber. If you trust strange logic and strange articles you read on the ‘net, that is.

I won’t really waste any time on disputing the “Google makes you stupid” claim – it’s clearly ridiculous and a prime example of backward-thinking. The same was said when calculators were invented. “Oh no, the kids won’t learn how to do simple arithmetic anymore now that they have a machine for it.” Granted, I expect that kids today can’t do simple arithmetic, so I guess this example sucks. Still, I’m convinced that the productivity gains from automating simple tasks vastly oughtweighs the small setbacks in basic knowledge.

But wait, there’s more! I have yet another point to this little blog post. Some people might have read my little rant about coffee, in which I claimed that coffee was the cause of major wars. I received some interesting (IRL) feedback to that; most who commented on the post were confused and didn’t really see the point of it. That’s okay, ’cause I was planning on bringing up the point later – like now. In the coffee post I claimed, for example, that coffee was the cause of the War of the Golden Stool. That was complete and utter rubbish. Just as all the other coffee-related anecdotes in the post. Have you guessed the common thread through this blog entry by now? No? Okay, I’ll continue.

The post sounded confident and it was backed by enough facts to make it believable; no one really cared to question my claims since the topic was dull, but I have seen many search entries for the War of the Golden Stool that led to my site. I keep imagining that some kids have used my lies as interesting anecdotes in their schoolwork, and that a few teachers are scratching their heads in confusion right now. I hope that both those teachers and those kids have learned a valuable lesson about using things on the Internet as resources for their essays. There’s basically no guarantee that anything you read on the net is true, regardless of the imagined authenticity.

This goes for the article about Google making people dumber as well: it’s a personal opinion backed by no facts. It doesn’t matter that a major Swedish IT news portal picked it up – it’s just as much rubbish regardless of who thinks that it might be valid.

“What the hell,” the regular technophile reader exclaims. “Home network setup? I don’t need a guide for this. I just plug in my router and go for it.”

That’s a valid objection, and that setup works for 90%…no, 95%…no, 99% of the people. But this weekend my parents visited my place, and my stepdad had several questions about networks and WLAN setups and optimizing speed and whatnot, so I received a sudden burst of inspiration: I decided to write a description of my home network, including explanations why I made certain decisions. The last bit is essentially why this might be of interest to people; that is, weird people.

First of all, I’ll show you a little diagram over my current home network. I call this masterpiece What To Do With All Those Bloody Computers You Have Lying Around That No-One Will Buy And You’re Too Cheap To Throw Away:

On the left you see the Internet. Yep, that’s it – that’s all of the Internet. The rest is set up like this:

• One 100 MBit switch splits my connection to my ISP into three parts.
• One of those parts (top) leads to my normal workhorse. This is where I surf the net, do my hobby projects, watch porn, etc etc. It has two network interfaces – one Ethernet and one WLAN card.
• The WLAN card connects to the second Internet split: the WLAN router. Or Access Point if you wish. Here I also have a wireless connection to my file server, and my media PC. The latter is shown as a laptop, but it’s really not.
• The third Internet split is to my web server/general external file server.

Now, I’m sure you have a few comments and/or exclamations already, but I’ll ignore those. Instead I’ll mention some points about basic networking. Here’s a random collection of important things to know about networks:

• Ethernet connections can be 10 or 100 Mbit. Effectively, you can get ~10 Mbit or ~80-whatever-it’s-a-high-number-anyway Mbit respectively.
• 802.11b is maximum 11 Mbit. 802.11g is maximum 54 Mbit. But effectively you’ll rarely see more than 25 Mbit out of those 54 Mbits. Be happy if you have 20 in your home, ’cause the 2,4 GHz band (that the radio transmits on) gets messed up by all kinds of things: cordless desktops, microwave ovens, etc.
• D-Link and Netgear have proprietary solutions for 108 Mbit, but those suck most of the time. And they are proprietary. Unless you’re a rabid D-Link/Netgear fanboy who only buys one specific brand of 108 Mbit products, you won’t see that increase in speed at all anyway. Stick with 802.11g instead – it’s good enough if you use it correctly.
• 802.11n is a new standard that’s starting to emerge. It will yield a data transmit rate of ~200 Mbit, so that’s pretty darn nifty. It uses nice tricks such as multiple antennas and impressive multiplexing algorithms to get that speed; of course this means that your old radio cards will not be able to handle 802.11n. That’s good to know. It’s also good to know that 802.11n is not a finished standard yet, so there are no 802.11n products. You can find pre-n products, but those are also proprietary solutions – not official 802.11n. Guess what? I’m sticking with 802.11g.
• Switching and bridging occurs on layer 2; this means that actions are performed based on MAC addresses. Routing, on the other hand, is performed on layer 3. Layer 3 equals IP level. That’s why my Access Point is also called a WLAN router: a device is a router as long as it deals with packets on an IP level. However, I could also have configured my Access Point to be a simple bridge; in that case it would not be a router anymore, since it would only deal with layer 2. It’s good to remember these things.

So, onto the promised explanations. I’ll put it up in FAQ format. (Fake Asked Questions.)

1. Why a 100 Mbit switch?
   Because I’m a lucky bastard who has a 100 Mbit connection at home, and I can get five IP addresses. In order to use the different addresses I need either a hub or a switch. A hub would act like a dumb bridge; a switch, however, does port-based forwarding based on MAC addresses. The end result is less unnecessary traffic with a switch, and that in turn leads to (marginally) better speeds and less potentially problematic background traffic.
2. Why does your normal computer have two interfaces? Why not just use the WLAN interface?
   Because that computer is where I normally download stuff, and it would be an immense waste of bandwidth to limit myself to ~20 Mbit at most compared to what I can get through Ethernet.
3. Okay, but why not connect it through Ethernet to the router?
   This would work pretty well; however, for performance and stability I have a simple rule: when possible, have as few devices as possible between yourself and the Internet. A router or a firewall might work perfectly for you, but there are bugs present – you just never know when you will encounter them. Routers also have another weakness: NAT. It’s a great feature which multiplexes several local IP addresses (for example 192.168.1.1, 192.168.1.2 etc) to an external IP address. The problem is that each connection to the outside requires an entry in the NAT table (so that the router knows how to map things), and this table is never big enough. At least not if you want to – for example – use BitTorrent.
4. Are you insane? Connecting your computer to the Internet without a firewall or a NAT to protect you from break-ins?
   Seriously, I don’t know what people do with their computers. If you don’t install weird things or do stupid things, you don’t need to worry about getting your computer hijacked or cracked or whatever. (Of course, because I wrote this I’m going to get hacked tomorrow. But so far the only computer I’ve had that’s gotten hacked/messed with has been a Linux web server that I couldn’t be arsed to upgrade.)
5. Why do you have an Internet connection on the AP if you do all your downloading on the other computer?
   Two reasons: the media PC can download TV schedules and stuff, and I can provide hospitality Internet access to visitors who have laptops.
6. If you care so much about performance, why do you have streaming stuff and visitor Internet access through WLAN? That limits the performance.
   Unless there’s too much radio disturbance 802.11g suffices quite well for streaming music and video between the media PC, the file server and the normal computer. I like to optimize, but the benefit of wireless is worth the decrease in performance; make sure you only optimize the things that matter. Oh, and visitors don’t need more speed than that; so there.
7. What’s that last server thingie doing by itself? Why not connect it to the router?
   I want to separate external computers from internal ones as much as possible; if my web server should happen to get hacked, the hacker must not get access to the rest of my computers. Also, consider the use of the two other Internet connections: I’m mostly a client in those cases, so I don’t advertise my IP to the outworld in the same way as a web server does. The web server is a target – it runs around shouting “yay, hack meeee!” while the other computers hide in the shadows.
8. Okay, okay. This is your home network. But you know, most people don’t get fast speeds and 5 IP addresses.
   Technically this isn’t a question. But okay, here’s a modified network topology pic:

Here you only assume one connection to the internet, and for security reasons I’ve removed the external web server. It looks pretty similar to what most people might have at home, but there’s one big difference: I would choose to still have a direct connection to the main computer, and make the WLAN access strictly local. (Or possibly routed through the main computer.) If the WLAN router is connected to the Internet, it will receive lots of background broadcast traffic from the WAN side; this will toll its capacity and might introduce unforeseen problems and bugs, depending on the router in question.

This is a setup that would work for almost all types of Internet connections: Ethernet-plug-in-the-wall, cable, DSL. In some cases you need to have a modem connected to the main computer, and it’s tempting to find a do-it-all solution that includes DSL modem, router, Access Point and firewall…but I advise against it. It puts a lot of pressure on a single device, and it also makes your network less flexible – you can’t try different brands or different solutions. I had DSL previously and tried both kinds of setup; I ended up using the DSL modem as a simple bridge to the main computer, since there were too many problems otherwise.

There, I think I’ve ranted quite enough now. Hopefully this might be useful to someone somehow; just remember that these opinions reflect my own experiences and might not be true for you. But whatever you do, I have to stress one thing:

Don’t forget to use WPA/WPA2-PSK on your WLAN device! Don’t leave it unencrypted, and don’t use WEP. Use WPA or WPA2 (the difference is basically just AES encryption instead of TKIP) with a passphrase instead; it’s just as easy to use, and much much more secure.

Yesterday, Wi-Fi Alliance presented something called Wi-Fi Protected Setup. A brief summary can be found at DDJ as well. I’ll make an even briefer summary:

Setting up a wireless network isn’t trivial; there are many terms circulating: WEP, WPA, WPA2, PSK, EAP, EAPOL, WLAN, WAN, SSID, BSSID and so on. Requiring a home user to be aware of what an SSID is really isn’t that necessary, and neither is requiring him to know how to configure both his access point and WLAN clients to use WPA-PSK (or something similar). That’s where Wi-Fi Protected Setup comes into play: it’s a standard for simple PIN-code based configuration of WLAN clients. Here are some slides from Wi-Fi Alliance that sum it up neatly.

The idea is that a user plugs in his client card, installs the software, and – poof – up pops a window that asks him to enter his PIN code. Then the AP and the client will negotiate everything between themselves automagically. There’s also an alternative method using a button instead: the user presses a button on both AP and client in order to start this configuration. As far as I can see, that method uses the principle that if the user has physical access to the AP and the client, he is authorized to configure them both. Sounds excellent for home use, albiet a trifle unsecure. Not that I mind.

I’m all for simplification. In fact, I see no reason to require a PIN code even – the physical method should suffice for home users. That’s where my first doubt enters: Wi-Fi Protected Setup requires all clients (or Registrars rather) to support PIN setup…and the button method is optional. I don’t see the reason for that. Printers and USB hard drives would work excellently with button setup - it just becomes bothersome to require PIN setup for devices with no good access to user input. Oh, but they’ve thought about that: the PIN authorization procedure can also be performed by logging onto the AP’s graphical user interface.

What?

Okay, I admit that I haven’t read up much about this topic, but that seems intuitively to be unintuitive. The idea is to not require bothersome configurations or access to the AP’s GUI; this method of PIN authorization sounds like a last-minute addition. “Oh right. Crap. If all Registrars have to use PIN setup but USB devices have no input device, I guess it must be up to the AP to do this part of the task. Let’s not remove the PIN setup requirement – that would be too easy.”

To be a complete nitpicker, I also skimmed through the white paper for Wi-Fi Protected Setup to see if I could find some inconsistencies with the information I’ve seen so far. Search and ye shall look! No, I mean find. If you look at page 9 on the slides, you’ll note the following text:

WPA or WPA2 security is enabled, and the passphrase can be auto-generated or configured by the user

Neato. But oh-oh-oh, page 9 of the white paper mentions the following:

Use of a random PSK enchances security by eliminating use of pass phrases that could be predictable. [...] the credentials exchange process requires little user intervention after the initial setup action [...] is completed, because the network name and PSK are issued.

This shows a few things:

1. The second quote could be interpreted to mean that user-specified passphrases are still possible. I would not interpret it like that, though, due to the “issued” part.
2. The slides might have been written much earlier than the final paper, and feature some old ideas that were thrown out.
3. Either way, it still leaves some confusion regarding the use of PSKs, IMNSHO.
4. I may be one of the few people who actually note the different spelling of “passphrase” and “pass phrase” in the two writings (and is slightly irritated at the lack of consistency). I’m instantly reminded of an English lecture I had where the teacher asked us what the correct spelling of rain-forest is. He was very smug when he produced three different dictionaries and three different official spellings: rainforest, rain-forest and rain forest. His point was that there are often many “correct” ways; just make sure you’re consistent.
5. I need to lay off the black tea – I’m ranting about irrelevant inconsistencies.

Wi-Fi Protected Setup will be expanded in the future to include NFC and USB setup as well. Near-Field Configuration (I think that’s what it stands for) is based on simply moving the client close to the AP in order to transfer the authorization credentials, and USB setup means that the client device is physically connected to the AP (through – oh, I don’t know – maybe USB) to transfer said credentials. Then the clients automatically authenticates with the AP. Interestingly enough, a colleague mentioned that the NFC method was the first version suggested when Wi-Fi Protected Setup was discussed in Wi-Fi Alliance; I guess they chose to focus on “normal” clients first instead of pursuing that route.

All in all, I like the way things are going. Simplification is good; a behaviour that simulates automatic configuration like Bluetooth is just fine with me; less configuration and better security (since users now won’t leave their networks unprotected) is good. ‘S all good.

It seems that TerraNova has an infatuation with this report on net neutrality. The report – summarized very briefly – examines networking, Voice over IP, online gaming, ISP power, latency and much more, and eventually comes to the conclusion that online gaming is the most vulnerable potential casualty if net neutrality is lost. I.e., if ISPs are free to prioritize traffic as they wish, and potentially making latency for online games too high to endure. Read the report for more information; it’s a good read.

I have a few spontaneous comments to all of this…

1. Why is TerraNova being blocked at my job? I don’t get it. It allows all kinds of vile sites, but not this one. They must’ve had lots of porn once, but – alas – it’s all gone now.
2. Doesn’t the capitalist way work in the ISP case? As far as I know no ISP has a monopoly, and there would probably always be a lesser evil to choose from; an ISP that doesn’t throttle online gaming protocols for example. Of course, this would take time. Online games would suffer until the ISPs note what the market wants.
3. Speaking of online games… I used to play some Quake 2 now and then, but after that I’ve never bothered with any of these action-based games. But there are other online games. I used to play Freeciv some time ago, for example. And other strategy games after that. I really dislike this theft of the words online gaming, since it indicates that bad latency would be the downfall of all online games. It would only affect action-themed games!
4. The report mentions that “out of all the victims of the loss of net neutrality, online gaming is likely to be the most fragile and irreplaceable.” Very true (except for point 3 above); but maybe it’s due to an obvious reason: gaming is a relatively big industry, but is it big compared to enterprise businesses? VoIP is mentioned in the report as another technology that is highly dependent on low latency. But the two aren’t comparable: gaming is for home-consumers, while VoIP advocates come from huge corporations. The report says (under the subtitle For developers and publishers of online games) that “flexing some muscle as both big spenders and influences on the user is the optimal path for guarding the status quo,” but even if developers and publishers started flexing, they’d look like computer geeks next to the muscular mega corporation pressure coming from other places. (I find that simile rather amusing and fitting.)
5. A better solution might be to try to take advantage of the possible Quality of Service arrangements that might become available through enterprise pressure; ride on that wave instead of fighting an unnecessarily hard battle.

Of course, I could be wrong about the fourth point. I don’t have any reports or real facts to back it up. And point five is vague as well: VoIP support is still rather sketchy, so who knows what improvements will happen there – and if they’ll only happen within corporate networks. But hey, I’m just tossing out my opinion here!

I’m sure that you have heard of Killer, the ridiculously expensive and capable new network interface card that supposedly not only can reduce your gaming ping times, but also increases the FPS of your games. At first I was highly sceptical just like everyone else, but reading up on the issue showed that Bigfoot Networks, developers of the NIC, aren’t just trying to fool stupid gamers out of their hard-earned dough. Read the FAQ on the webpage, for example; they are fully aware of the fact that the biggest culprit when it comes to latency is the Internet itself – they’re simply trying to lower the local host OS’s delays. Oh, and the IGN review shows that it indeed provides some positive effects.

When I first saw the card I scoffed and harumffed and did all kinds of weird noises, but thinking about it, it does make sense in a strange way. The normal procedure for network traffic is (quite simplified) that an application sends data over a socket, which transports the data to the OS’s network stack, which in turns connects to a device driver that in turn exchanges signals with the port, and finally sends some data. The NIC card then receives this data, and handles to low-and-dirty layer 1 and layer 2 Ethernet details. Or something along those lines. Layer 2 (MAC address level) might be handled in the device driver instead.

The Killer card – which I incidentally feel like calling the Killer kard in a Mortal Kombat-like bout of silliness – instead has a massive 400 MHz CPU, runs Linux, and actually replaces the device drivers of your OS to something especially designed to work faster with Killer. I assume that the card also has a simple priority queue which prioritizes connectionless (UDP) traffic, which is what is used by games most of the time.

“But what about lowering the FPS,” you ask. Well, at least I did. This also makes sense, given that the main game loop waits for the sockets. If the device driver can respond faster, the control might be passed back to the game quicker – I guess. Somehow this feels like a stupid explanation, though. And wouldn’t that be taken care of by a separate thread for the network handling, these days when multi-core CPUs are all the rage? Anyway, IGN’s results seem to indicate that the FPS does increase a smidgen.

All in all, I think that this might be a decent toy for rich kids who must increase their performance by all means. But it’s mostly useless for all other kinds of network traffic, in my opinion.

However, something that struck me was the fact that the Killer card can run applications of its own. An example of this is a bittorrent client that downloads files to an external hard disk connected to the Killer card’s USB port. Yes, it has a USB port as well. This example sounds like a completely useless idea to me. But something that’s all the rage now is all the talk of physics in games; couldn’t the Killer card’s CPU be put to use for physics calculations? Sure, it’s just 400 MHz, but I’m sure that general non-critical calculations could be performed autonomously from the rest of the game.

And couldn’t this extra CPU be used for other activities as well? In fact, there seems to be external CPUs in many plug-in cards these days: graphics cards, physics cards, network cards, maybe sound cards. If there could be a standardized way for using external CPUs, I’m sure that most demanding applications could receive quite a boost – without the hassle of proprietary solutions. A generalized API for utilizing external CPUs. Too bad that it’ll never happen.

Yesterday I read a white paper on something called the Ingate SIParator. I bet whoever came up with that title chuckled for half an hour, thinking he was oh-so-clever. To quote the white paper itself, the SIParator is a firewall specifically for SIP traffic. (SIP – Session Initiation Protocol – is a protocol for initiating media sessions; Voice over IP, video, music, etc. It acts as a wrapper around SDP, which in turn often intiates RTP traffic.) The SIParator is an addon to a company’s existing firewall, which will analyze SIP traffic and correctly convert the external and internal addresses, as well as provide security features against known SIP spoofing methods. It does sound like an excellent product for allowing VoIP in enterprise and company networks, but I’m still not very happy with products like this.

Let’s start at the beginning… NAT and firewall traversal is a major issue these days. Here’s a good summary of the problem, and here are some papers on NAT traversal in combination with SIP. While I’m professionally interested in the SIP and VoIP problem, I’m not overly concerned about this particular issue; after all, there are many products available for solving this. The real problem lies with home users.

Almost everyone has a router of some sort at home; a DSL router, a WLAN router and so on, and the vast majority use internal LAN IP addresses which are translated to the external IP address inside the router. (That’s the NAT part – Network Address Translation.) The main problem with NAT is incoming traffic: how can a router know where to direct an incoming request when several computers share the same external IP? The answer is of course that it’s not possible. IPv4 has a limited amount of addresses, and specific LAN address ranges are necessary. The only simple solution to this is to configure the router so that it directs requests to certain ports to certain LAN computers. This works well for static servers and such, but is a total pain in the nether regions of the back for other applications like games and peer to peer software.

Oh, and there’s another part of the NAT traversal problem as well: protocols that carry IP addresses inside their payload cause a crapload of problems, as they also need translating. But thinking about solutions to this is just depressing, so I’m ignoring that.

Instead, I’ve been looking at some solutions to the basic NAT problem. There’s of course STUN for UDP traffic – but that one has problems, since it won’t work on all NAT implementations. UPnP is another proposed solution to this, used in Gaim for example; but UPnP’s not exactly wide-spread and supported in all cases. Other solutions like TURN include proxies of various kinds, but that’s not exactly feasible for a hobby developer – or even for most companies, due to the relatively unnecessary extra cost of a dedicated server.

The only reasonable solution for an independent developer seems to be a combination of the proxy idea and UDP punching methods. One such UDP traversal method seems to be used by the nat-traverse package; it uses garbage UDP packets to establish NAT entries, and then uses UDP for the actual traffic. This ought to work very well since NAT implementations need to have a relatively long timeout – 30 minutes is the standard on some NATs – since UDP is stateless.

Theoretically, the following ought to work and requires nothing more than a webserver:

1. A client sends an HTTP request to a known server, indicating that it wants to connect to another client for a game or a transfer or something.
2. The server has a PHP script that processes the request, and places it in a pool of clients waiting for a game/transfer/whatever – possibly with their desired destination client specified as well. The server responds with a “yo, keep it up” message.
3. The client repeatedly sends HTTP requests to show that it’s ready. Once the PHP script determines that there’s a match in the pool, it responds with a “yo, here’s your destination’s IP and port” message. This means unnecessary traffic, but possibly affordable if there’s not much data.
4. The clients (who hopefully both have received responses with IP/port) start sending 10 garbage UDP packets.
5. Allow for some delay and possible delivery problems: resend if no connection is established the first time. A maximum of five attempt sequences ought to be enough.
6. If the connection is established, data UDP packets can be sent.

Now all I need is time to implement my various multiplayer game ideas. Dammit, I knew I forgot something!

It seems that 802.11n won’t become an official standard for yet some time. Curiously enough, I’m not very anxious for this to become reality; I have the range and speed I need at home, so it won’t affect me on a personal level. Likewise, it’s not realistically feasible to use 802.11n in public hotspots or similar. 802.11n provides much higher speeds (> 150 Mbps compared to 54 Mbps for 802.11g, or “up to” 108 Mbps for proprietary D-Link or Netgear solutions), but in order to utilize that speed there needs to be high bandwidth on the WAN side as well. At home I have 10 Mbit, and public hotspots are unlikely to have more than ADSL. So, D-Link’s proprietary solution works for me, and 802.11g works for hotspots; and if range is a factor, there are MIMO solutions available.

Enterprise solutions is another thing, of course. 802.11n might be truly interesting in such cases.

Some interesting news is that the Georgia Tech Research Institute have developed a new phased-array antenna system, which utilizes mutual coupling instead of trying to compensate for it. (Here are some various papers on the topic. Too bad I’m too lazy to look for something truly relevant for Wi-Fi.) Initially I had high hopes that this technology could be used for consumer applications as well, as an alternative to beam-forming smart antennas, but it seems that the technology is way too expensive – at the moment at least. One never knows what will happen in a few years.

Low-level wireless communication is so fascinating. Once I thought that wired networking was cumbersome and weird; but it’s really nothing at all in comparison. It’s like the difference between a bunch of people all trying to talk through the same telephone at the same time, compared to a much larger set of people all standing in a small room shouting at each other.