Weird Halo Issue
This is a strange one and frankly I'm stumped and need some help.

Running a Halo server.... shows up on Halorank.com with correct IP and port and I can click the join link and get right in.

Shows up in Xfire with correct IP and port and I can join right in from Xfire.

Launch Halo, join by direct IP and port, can get right in.

Launch Halo, browse the game lobby and try to join by finding my game in the list... nothing. It resolves the correct IP but each time I try to join it attempts to join on a random port. Usually a port that is about 5 - 6 digits in length.

My firewall is setup on my servers to only allow the ports needed and I know they all work because as I have stated, it works via Xfire, Halorank.com, and direct IP... it only does the goofy different port from the regular Halo lobby.

Anyone ever seen this one before?

A quick Google only resulted in one other find of a similar instance and the only resolution reported was a possible router issue and to try a different router....OP never responded though if that was what worked or not.

Thanks,
Ass

I have a speedtouch router that gives me a random 5 digit port too but I can join servers and play just normally.
I have checked it many times with the sv_players_more command. Mostly people have the 2303 client port but some have the random 5 digit ports.
I changed my router since then and now always get the 2303 port.

@NineYaTango -

Link one doesn't help, the server shows in the list.

All other links are worthless....the ports are opened and setup correctly...as I explained, I can join through Xfire, Halorank.com, and using direct IP.... the issue only happens when attempting to join the game through the normal Halo lobby.

When you attempt to join through the lobby, it negotiates connection and gets stuck then retries...on the retry it shows the connection being made to x.x.x.x:random_port. The IP will be correct but the port will be some random port that it is different each time you try to connect and it is not the port that the server is running on and/or that is opened on my firewall ... this is the problem, when connecting through the lobby it does not try to connect on the port that it should be connecting on.

@sanni -

as I noted above to NineYaTango, this only happens from the lobby and the random ports the lobby for whatever reason tries to use are A. not opened on my firewall, and B. Halo isn't listening on those ports even if it was.

Also, the router is not actually giving me a random port... The server is listening on the correct ports, netstat shows the haloded and haloceded listening on correct ports and port forward tests show the ports opened and accessible.


@everyone -

Just some more info...

I have been running a Halo server for years... I am also a network/systems engineer and work with IT daily. This server is in a data center I run and manage.

This is my same setup that I have been using except for a couple of things...

First change is the data center and ISP carrier. Seeing as how direct IP joins and joins through Xfire/Halorank.com work I don't think it is anything be blocked by them.

Second is my router. I had an older model base business VPN capable router previously and things worked great... we have since upgraded to a newer Sonicwall Security Appliance. The ports are setup as with all other explanations I can connect through all methods except for the lobby.

At this point my best guess is somehow, somewhere the communication to the lobby is getting borked somewhere along the line and confusing the master servers... but I don't know where, or why.

I have pretty much all security services except for the firewall turned off on the SW and even went as far as opening all ports on this particular IP address to be allowed in to my server but it still doesn't work because my Halo DS isn't listening on the ports they are attempting to connect from anyhow.

Just an update....


I kept tinkering with it and figured out which NAT rule was causing the problem but not sure why and disabling that rule stops all connections from functioning...but the server would show up in the lobby and at least attempt to connect on the correct port when that rule was turned off.


Originally I had used the server wizard to create all the mappings as with these Sonicwall devices there are several things that have to be done to enable port forwarding and such and it is just easier to use the wizard to set them all up... I have gone through and deleted all the rules it created and address objects and manually setup the NAT rules, Firewall rules, and my address and service objects and it halfway works now.


Some people can get in from the lobby, others when they try it hangs at negotiating connection then fails to join... also noted that when it does this the lobby does not report a game type or list any stats for the server other than the name of the server and map it is running currently...game type, number of players, ping, and the other stats you see scrolling at the bottom upon clicking on the servers do not appear. Even stranger is that this is a random issue... I have the hanging at negotiating connection issue every so many tries to join but returning to the main menu then reloading the lobby game list will often refresh it and fix it for me.


Strange... I just don't quite get it.

Update again....


Ok So well... I kept tinkering with the NAT rules and after manually creating one rule at a time to setup a one-to-one NAT I got one server going without issues.


I can load one server and it works just fine... if I start any other servers (same box just using different ports) I still have the hit or miss with people able to get in or not... not sure why but at this point I have my main one up and going and am going to stick with that for now. I will tinker more with it later to see if I can get them all up again but for now I'm happy!


Thanks!

Probably have to set a custom rule for each individual port(server) like you did with the first dedi.

Probably have to set a custom rule for each individual port(server) like you did with the first dedi.

No that had nothing to do with it, I have always used port ranges and never had an issue.

After messing with it and messing with I was able to recreate the problem when introducing the loopback NAT rule the public server wizard automatically adds in there so internal servers can reach the same resources as a WAN client would. For whatever reason that loopback fubar'd the communication to the Gamespy master servers and had it reporting the wrong port for the server.

Direct IP joins and joins from Xfire always worked, it was only through the Halo lobby the problem presented itself.

Oh well, it is resolved now and things are cooking again, thanks!