I think what we’re seeing here isnt Valve messing up but rather the middle east conflict expanded to cyberspace and spilling over to impact civilians. Look at the timing and affected countries. China isnt also exactly known for free internet.
WebRTC works as fallback. WebRTC is encrypted and cant be used for much else.
STUN in the otherhand is unencrypted and the protocol itself can be used for DDoS reflection/amplification. I would not be surprised if this is somehow weaponized and/or blocked/analyzed in real time that then breaks the connectivity.
STUN/TURN is basically icanhazip for WebRTC. STUN gives you your public IP:port. TURN is the same, but the returned IP:port is the one that had been dynamically allocated to you at time of querying, rather than the actual ones.
WebRTC clients take that STUN/TURN response and send to peers through out-of-band, through e.g. a lobby server chat mechanism, to set up the connection. This allows NAT table entries to be created as if they are outbound connection at both ends.
You can't make P2P connection with STUN/TURN alone. STUN/TURN is just a tool required for WebRTC.
TURN is the last resort and isn't just signaling. It carries the traffic as well.
If you can make all the STUN servers fail from the perspective of the clients, you could hypothetically force them to use TURN servers that are more centralized and easier to spy on. STUN negotiates pipes n:n. TURN is closer to n:1.
> force them to use TURN servers that are more centralized and easier to spy on
Webrtc traffic is encrypted as it travels through the TURN servers, isn't it? Sure, you get some which-ip-contacted-which-using-what-service metadata, but any active middleman able to mess with STUN traffic already has that.
It could just be that someone's fucked up a setting somewhere. I mean, the reason WebRTC has loads of options for 'interactive connectivity establishment' is because it's common to see users behind NAT, users whose NAT cant be traversed with STUN, IPv6 being broken, UDP getting blocked, TCP ports other than port 443 getting blocked, etc etc.
If a country's ISPs use CGNAT to avoid giving users precious IPv4 addresses, and world events made the ISPs turn the security settings up to 11, STUN just stops working.
I think you have it sideways. STUN [1] is the NAT traversal / "NAT hole punching" process that allows peers to discover their public IP addresses and establish direct P2P bidirectional UDP communication. WebRTC depends on STUN to establish P2P communication. You may be thinking of TURN [2] which amounts to routing traffic through an intermediary node that is visible to the two peers.
We do P2P in our networking software and this is why we do it all in band instead of using STUN, TURN, or other common methods. Those get blocked and they’re also often insecure.
STUN has mitigations now against being weaponized but it’s still a shit protocol. The fact that neither STUN nor TURN contain any way whatsoever to accomplish any kind of rendezvous without yet another signaling path boggles my mind given how easy it would have been.
> The fact that neither STUN nor TURN contain any way whatsoever to accomplish any kind of rendezvous without yet another signaling path boggles my mind
Interesting. Can you expound on this a bit? How does ZeroTier do it?
The network shenanigans that apparently affect the p2p gaming is allegedly by the militaries of many countries, related to the Iran war. Much like GPS disturbancs in Northern and Eastern Europe are due to the war in Ukraine. Dudes delivering pizza have to suffer them, even though they never signed up to take part in the war.
I know I'm just preaching to the choir here but my favourite thing about open source/published source libraries/applications is discussions on bug reports/pr's like this.
It's just something so heartwarming of multiple people coming together to describe their symptoms, workarounds and theories of what could be causing it.
GitHub discussions used to be so much higher quality though when the platform was for professionals. Now, I see so many discussions that devolve into practically being reddit/4chan threads. Another reason to leave.
I wish HN would ban posting links to issue trackers with comment sections, like lobsters has done. Although the spam volume from HN and reddit is pretty small compared to that from youtube reaction video influencers
I feel like it's gotten more professional. 10+ years ago people were dropping the hard R in pull request reviews, now everyone is acting like LinkedIn-speak and Stars will get them their next job
Wild hypothesising here on HN but if you read to the end of the GH issue users have been reporting that STUN has been failing (i.e. no P2P link establishment, fallback to high-latency relay servers.) Multiple users have been able to work around the issue by manually substituting older Valve WebRTC dlls. I'd love to read a postmortem from the Valve devs.
It doesn't work adding it to the actual title, and the Github issue title is misleading without the context of what the issue is published on, so babuskov is doing us a favor by setting one that's informative.
etiam's right that "in Israel and possibly other middle east countries" wouldn't fit onto the HN title, which is relevant to raincole's clickbait accusation. The original Github issue title fits, but that doesn't specify "Valve" or the timeframe.
Not that it'd be particularly hard to reword to fit all information. Feel like things are getting unnecessarily agitated ("You've been here long enough to understand", "you can't stand to be wrong", "Bro was never more glad there's anonymity on the internet", etc.) for no real reason.
It's so funny when people come up with these arguments so confidently and then seeing them getting disproved so quick. Bro was never more glad there's anonymity on the internet
Then don't make this thread. One can't discuss an issue about Israel/middle east's internet connection while pretending the war doesn't exist. Technical issues don't float in a perfect vacuum sphere.
The age of people all across the world being able to just connect to each other other the internet is coming to an end. I wish the internet was still a business backend and hobbyist playground but I'm not sure it ever was just that.
What an absolute dud of a submission, I can't believe this got so many upvotes. I guess people saw "Valve" in the title and figured it must be important, even though the content of the issue doesn't even line up with the title.
The rabbit hole started as a major P2P issue in Israel and possibly other middle east countries and further investigations revealed it seems to be a worldwide problem.
worldwide means israel russia and china so far. all countries that dont exactly like internet freedom and have a long history of spying and censorship. this might be a side effect of some government policy against p2p networks designed to make it harder to bypass censoring isps.
Valve fascinates me because the devs there occasionally seem to be simply the best on earth in a given field, but despite that, bizarre bugs will persist for a long time. My favorite was how steam in home streaming from a PC to a steam deck wouldn't work if the steam deck had an Ethernet and wifi connection - one of the connections had to be disabled or the stream would always crash.
Maybe they need a few average devs there to spend time sweeping up behind the paragons that are pushing the envelope into these features existing at all.
The company is very small, and they're doing a lot with what they have. Steam alone is full of arcane features that I keep discovering. There's a lot of backend stuff. They're making games and hardware.
Perhaps some of this is contracted, similar to the Linux compat and drivers, but it's still impressive to me, compared to the orgs like Spotify, order of magnitude larger with barely any features at all. (I understand there's legal, huge backend, and I didn't see many bugs over time, but still)
But would it actually help. More employees means more communication and overhead. Lean organisations can move much quicker. Part of why valve can do what valve does is how lean it runs.
My favorite bug family, that somehow to sneak in every time, is how their react frontend (or whatever the store runs) manages to semi-crash and the controller inputs are no longer recognized.
I kind of hope at least they'll fix such issues permanently before the steam machine release.
That is the bane of my existence. Steam's UI is so slow to react due to its web roots, that I feel like people must be insane to think that Steam is somehow this great app. It's terrible.
Steam was rewritten in React relatively recently. I think most people formed their opinion of Steam back when it was mostly developed in VGUI, the same in-house native UI framework Valve used in games for stuff like the Half-Life 2 title screen and the TF2 server browser.
> Steam's UI is so slow to react due to its web roots
I actually wouldn't blame the web roots. Battle.net is also a CEF based launcher and it feels so much more snappy compared to Steam. For some reason Steam just feels really slow.
Valve famously has a very flat org structure so it's possible that that problem just isn't sexy enough for someone to pick it up on their own, without being told by a higher-up.
I wish they offered remote; I'd happily work there doing those sorts of unglamorous bug fixes. High-reliability engineering is my jam.
People keep blaming the flat org, as if conventionally-organised companies never had any bugs or never focused on very visible and marketable features rather than bug fix.
In fact, the flat org allows a random person to work on a niche bug management doesn’t seem to care about, which wouldn’t be possible if you had a boss breathing down your neck.
interesting, people speculated that Street Fighter6 went from P2P to relay a few months ago on one of the updates. never wouldve thought it would be actually a valve issue
Reading the github thread points to a case of: "My country's governemt mandated it's ISPs fuck with my internet traffic, but steam P2P stuff used to not be affected but now is" across mutiple countries. People have found it works again if they roll back some of steam's dlls so Valve can probably fix ir.
Hm, I have always wanted to use this to play couch co-op remotely but is this even the same "service" that provides that?
Looks like they tracked it to a steam update in March, and there's a workaround for at lest 3 games that involves all players copying steamwebrtc.dll to the game's ./binaries folder.
Government-controlled inspection wouldn't be solved by switching to older DLLs (unless the code itself is compromised, which is unlikely for video game code)
Many organizations, surprisingly, still do things like using Kubernetes with TLS terminated at the ingress. In that case, you just need the splitter in the same network as the nodes hosting the ingress controller. Or inspect the unencrypted traffic within the cluster.
It takes a non-trivial amount of work to set up a service mesh (and mutual TLS between services), so many k8s clusters end up with unencrypted traffic inside the cluster network.
> It takes a non-trivial amount of work to set up a service mesh
I feel like configuring wireguard between a group of physical hosts is fairly trivial. After all I do it semi-manually in order to access my LAN when I'm elsewhere and I'm certainly no expert sysadmin.
My unpopular opinion: Valve is basically a parasite or a landlord. They've been so successful it's hard to imagine a world without them, and they say "you gotta give the parasite its due" and we believe them and comply.
It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
And their engineering culture is... odd. They hire senior people and then let them all fuck sound aimlessly. Their APIs are terrible, their infrastructure is all over the place, they still have patch Tuesdays. But because they are the landlord that owns every house in town, what are you going to do, not pay rent?
Gabe is out there cruising the world in a billion dollar yacht, eating thousand dollar meals. All that came off the backs of developers who actually make the games.
> It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
This is true, but "treat their customers ok" goes a long way. When everybody else severely abuses their customers, the one company that doesn't generates a lot of goodwill.
Eh, Steam is kind of like the liberal democratic US empire. It may be evil in a lot of ways but it could actually be a LOT worse. We may actually historically be very lucky to have had a non-shittificationmaxxing games platform for a couple decades, just like we were lowkey lucky that the world was briefly ruled by a somewhat democratic country.. Enjoy both while they last, may not be around long.
> just like we were lowkey lucky that the world was briefly ruled by a somewhat democratic country
This is just what you tell yourself to feel comfortable about living as a beneficiary of the empire. From the perspective of those invaded, there is no difference. Do you think in Vietnam they thought "I'm glad it is a democratic nation dropping dropping 7.5 million tons of bombs on us and raping our villagers, it would be so much worse if they were authoritarian!". Do you think in Cuba they think, "I'm glad it is a democratic nation that is blockading our entire economy, condemning us into poverty". Do you think in Iran they think "I am glad it is a democratic nation that assassinated our leader and bombed our school"?
Steam is also a child gambling company that sells loot boxes to kids but it could be a lot worse. From the perspective of someone getting ripped off it doesn't matter whether it was Gaben who scammed you, but he and his empire could still be a lot worse overall.
You're allowed to say what you just said in that post without getting taken away at night and your family never talking about you again. Or a drone taking you out while you sleep. Palantir logs all our comments and it would be trivially easy for them if there weren't still some lingering democratic handrails holding them back.
You're also typing on a computer on HN, so you're a "beneficiary of the empire" regardless of where you live. As someone who apparently reads leftist theory you should know to look at the big picture on world-historical questions rather than getting emotional, like the people who say USSR was just as evil as WW2 Germany because it also killed gormillions of people.
Democracy in the US is dying and may not last another generation. It was something that helped imperial workers and limited the power of the ruling elite, like unions. Unions, like democracy as a whole, are dying. Unions were also corrupt and complicit in imperialist war crimes during the Cold war. Unions in the West have always been connected to labor aristocracy and imperialism. That said, unions as a whole are still a good thing. We should still mourn the decline of labor unions and miss the days when they kept the elite in check and allowed so many working people to live a decent life.
Steam is also likely to become an ordinary ripoff company one day soon. I will miss this historical aberration among pure ripoff services. Just like I will miss being able to vote and dissent without drones zapping me.
> You're allowed to say what you just said in that post without getting taken away at night and your family never talking about you again. Or a drone taking you out while you sleep. Palantir logs all our comments and it would be trivially easy for them if there weren't still some lingering democratic handrails holding them back.
I don't live in the US. The US is not going to start a war with my country to kill some random internet commenter for criticising them, even if they could identify me. They certainly will arrest Americans for speaking out[1], but although the domestic situation is becoming even worse than it already was, it was never anything like your propaganda would have you believe. The American government slaughtered students for protesting the Vietnam War[2] and yet the brainwashed masses can't stop boasting about how free their country is, it would be funny if it weren't so pathetic.
You don't need to read leftist theory to be opposed to American imperialism, you simply need to not be American, or else be a non-nationalist American with a conscience (exceedingly rare, I am aware). I do understand that it is difficult for American commenters to conceive that they could be speaking to someone who is not American, given the usual belief that the US is the center of the universe.
> also typing on a computer on HN, so you're a "beneficiary of the empire" regardless of where you live
Speaking of which, "computers/the internet wouldn't have been invented if not for the US" is a classically arrogant American thing to say.
I'd question the idea that they treat developers poorly. Epic Games Store exists and Famously beats Steam (and others) over the head by charging only a 12% fee
Hell, they even buy timed exclusive access to certain games
I lack an informed opinion on the matter but I have to wonder what you think the one thing has to do with the other? Developers have very little choice but to go where the customers are.
The Epic Game Store is just kind of mid. The app feels spammy, the game selection is less, and it doesn't really offer anything over the existing options beyond the monthly free game gimmick. If they want customers to head there it needs to be better, not just good enough.
Who knows? Presumably because Steam hasn't done anything to drive them off, they've generally been satisfied with the service, and the titles they want are available. At least that would be my guess based on my personal experience but I assume Valve has a much better grasp of their audience than I do.
It’s fascinating how (mostly western liberal) game developers argue in favor of 99% taxes for general population “for maintaining infrastructure” and yet cannot fathom paying a fee for maintaining actual infrastructure that is necessary for their business to function.
I'm not familiar with whatever strawman you're invoking here.
By "everyone" I mean game studio owners. They're desperate to not pay 30% to Valve / Sony / Apple / whatever.
The vast majority of people that work at game studios don't really care about that, they see a shrinking fraction of the profits of their employers and worsening conditions.
Totally agreed. I'm building a Steam competitor, that's web-based (WebGPU/WASM) as well as cross-platform. Light on games atm, but the goal is to replicate over time virtually every feature Steam has to offer, as well as more. You can check out a preview of the portal here:
WebRTC works as fallback. WebRTC is encrypted and cant be used for much else.
STUN in the otherhand is unencrypted and the protocol itself can be used for DDoS reflection/amplification. I would not be surprised if this is somehow weaponized and/or blocked/analyzed in real time that then breaks the connectivity.
WebRTC clients take that STUN/TURN response and send to peers through out-of-band, through e.g. a lobby server chat mechanism, to set up the connection. This allows NAT table entries to be created as if they are outbound connection at both ends.
You can't make P2P connection with STUN/TURN alone. STUN/TURN is just a tool required for WebRTC.
If you can make all the STUN servers fail from the perspective of the clients, you could hypothetically force them to use TURN servers that are more centralized and easier to spy on. STUN negotiates pipes n:n. TURN is closer to n:1.
Webrtc traffic is encrypted as it travels through the TURN servers, isn't it? Sure, you get some which-ip-contacted-which-using-what-service metadata, but any active middleman able to mess with STUN traffic already has that.
It could just be that someone's fucked up a setting somewhere. I mean, the reason WebRTC has loads of options for 'interactive connectivity establishment' is because it's common to see users behind NAT, users whose NAT cant be traversed with STUN, IPv6 being broken, UDP getting blocked, TCP ports other than port 443 getting blocked, etc etc.
If a country's ISPs use CGNAT to avoid giving users precious IPv4 addresses, and world events made the ISPs turn the security settings up to 11, STUN just stops working.
[1] https://en.wikipedia.org/wiki/STUN
[2] https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_...
STUN has mitigations now against being weaponized but it’s still a shit protocol. The fact that neither STUN nor TURN contain any way whatsoever to accomplish any kind of rendezvous without yet another signaling path boggles my mind given how easy it would have been.
Interesting. Can you expound on this a bit? How does ZeroTier do it?
Who signed up for what?
These dudes and dudettes playing video games
> what?
Military service
FWIW I don't agree with the comment chain's source, I read "regular people" as "civilians" and don't think there was any nasty connotation meant.
aka civilians
It's just something so heartwarming of multiple people coming together to describe their symptoms, workarounds and theories of what could be causing it.
Don’t blame Github for getting spammed whenever an issue reaches the front page.
Why did you leave this part of title out? For clicks?
Nope. Right within the limit.
It doesn't work adding it to the actual title, and the Github issue title is misleading without the context of what the issue is published on, so babuskov is doing us a favor by setting one that's informative.
Shifting to a completely unrelated argument is moving the goalposts because you can't stand to be wrong.
Not that it'd be particularly hard to reword to fit all information. Feel like things are getting unnecessarily agitated ("You've been here long enough to understand", "you can't stand to be wrong", "Bro was never more glad there's anonymity on the internet", etc.) for no real reason.
I agree. But if there is a chance to not immediately draw in the wrong crowd... I prefer if people take it.
Maybe they need a few average devs there to spend time sweeping up behind the paragons that are pushing the envelope into these features existing at all.
Perhaps some of this is contracted, similar to the Linux compat and drivers, but it's still impressive to me, compared to the orgs like Spotify, order of magnitude larger with barely any features at all. (I understand there's legal, huge backend, and I didn't see many bugs over time, but still)
"Steam is bad because it has few employees."
"Steam can afford more employees."
"Adding more employees would make Steam worse."
Good talk.
I kind of hope at least they'll fix such issues permanently before the steam machine release.
I shop on GOG.
I actually wouldn't blame the web roots. Battle.net is also a CEF based launcher and it feels so much more snappy compared to Steam. For some reason Steam just feels really slow.
I wish they offered remote; I'd happily work there doing those sorts of unglamorous bug fixes. High-reliability engineering is my jam.
In fact, the flat org allows a random person to work on a niche bug management doesn’t seem to care about, which wouldn’t be possible if you had a boss breathing down your neck.
`Major P2P issues in Israel and possibly other middle east countries`
Looks like they tracked it to a steam update in March, and there's a workaround for at lest 3 games that involves all players copying steamwebrtc.dll to the game's ./binaries folder.
It takes a non-trivial amount of work to set up a service mesh (and mutual TLS between services), so many k8s clusters end up with unencrypted traffic inside the cluster network.
I feel like configuring wireguard between a group of physical hosts is fairly trivial. After all I do it semi-manually in order to access my LAN when I'm elsewhere and I'm certainly no expert sysadmin.
It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
And their engineering culture is... odd. They hire senior people and then let them all fuck sound aimlessly. Their APIs are terrible, their infrastructure is all over the place, they still have patch Tuesdays. But because they are the landlord that owns every house in town, what are you going to do, not pay rent?
Gabe is out there cruising the world in a billion dollar yacht, eating thousand dollar meals. All that came off the backs of developers who actually make the games.
This is true, but "treat their customers ok" goes a long way. When everybody else severely abuses their customers, the one company that doesn't generates a lot of goodwill.
This is just what you tell yourself to feel comfortable about living as a beneficiary of the empire. From the perspective of those invaded, there is no difference. Do you think in Vietnam they thought "I'm glad it is a democratic nation dropping dropping 7.5 million tons of bombs on us and raping our villagers, it would be so much worse if they were authoritarian!". Do you think in Cuba they think, "I'm glad it is a democratic nation that is blockading our entire economy, condemning us into poverty". Do you think in Iran they think "I am glad it is a democratic nation that assassinated our leader and bombed our school"?
You're allowed to say what you just said in that post without getting taken away at night and your family never talking about you again. Or a drone taking you out while you sleep. Palantir logs all our comments and it would be trivially easy for them if there weren't still some lingering democratic handrails holding them back.
You're also typing on a computer on HN, so you're a "beneficiary of the empire" regardless of where you live. As someone who apparently reads leftist theory you should know to look at the big picture on world-historical questions rather than getting emotional, like the people who say USSR was just as evil as WW2 Germany because it also killed gormillions of people.
Democracy in the US is dying and may not last another generation. It was something that helped imperial workers and limited the power of the ruling elite, like unions. Unions, like democracy as a whole, are dying. Unions were also corrupt and complicit in imperialist war crimes during the Cold war. Unions in the West have always been connected to labor aristocracy and imperialism. That said, unions as a whole are still a good thing. We should still mourn the decline of labor unions and miss the days when they kept the elite in check and allowed so many working people to live a decent life.
Steam is also likely to become an ordinary ripoff company one day soon. I will miss this historical aberration among pure ripoff services. Just like I will miss being able to vote and dissent without drones zapping me.
I don't live in the US. The US is not going to start a war with my country to kill some random internet commenter for criticising them, even if they could identify me. They certainly will arrest Americans for speaking out[1], but although the domestic situation is becoming even worse than it already was, it was never anything like your propaganda would have you believe. The American government slaughtered students for protesting the Vietnam War[2] and yet the brainwashed masses can't stop boasting about how free their country is, it would be funny if it weren't so pathetic.
[1]https://news.ycombinator.com/item?id=47342776 [2]https://en.wikipedia.org/wiki/Kent_State_shootings
> As someone who apparently reads leftist theory
You don't need to read leftist theory to be opposed to American imperialism, you simply need to not be American, or else be a non-nationalist American with a conscience (exceedingly rare, I am aware). I do understand that it is difficult for American commenters to conceive that they could be speaking to someone who is not American, given the usual belief that the US is the center of the universe.
> also typing on a computer on HN, so you're a "beneficiary of the empire" regardless of where you live
Speaking of which, "computers/the internet wouldn't have been invented if not for the US" is a classically arrogant American thing to say.
Hell, they even buy timed exclusive access to certain games
And yet. Steam persists
By "everyone" I mean game studio owners. They're desperate to not pay 30% to Valve / Sony / Apple / whatever.
The vast majority of people that work at game studios don't really care about that, they see a shrinking fraction of the profits of their employers and worsening conditions.
https://www.fortnite.com/news/fortnite-developers-will-soon-...
Unless you're inside Fortnite, where Epic takes a 63% cut of any 'in game item' you sell, and you don't have a choice of storefront inside the game.
Rules for me, but not for thee, so sayeth Timmy Tencent as he collects his next ten cents of revenue from a twelve year old.
https://gameselect-knvxf8av.manus.space/