Login Server Down?

[Yeormom]

You can't complete a trace route to my servers either because I drop requests that are not needed, like ICMP for ping/tracert. It's a security/performance issue more than anything.

It isn't bandwidth/network problems with the server. If it we're, you would get 404 errors when hitting the forums. If your browser is running stateless, you can hit the web page when the server is acting up and two hours later, it will actually do whatever you told it to. It seems to be a process running on the box that starves everything else, imo.

[trevius]

The Login Server issues lately have really been getting out of hand. It was one thing 6 months ago when it would only happen for a few days a month, but now it is a regular occurrence that is happening weekly or even multiple times per week.

I think the problems are probably related to what I think is an increase in popularity and population on the emulator. It has increased the number of MySQL connections and I assume that is the cause of the failures. It is good that the project may be growing in popularity, but I am sure it would be much more popular if it wasn't for these Login Server issues. It is to a point where the Login Server issues aren't just an annoyance anymore, they are taking a toll on the entire project.

Just to guess as to the cause of the problem, I think that either the max connection setting or the idle connection timeout setting for MySQL are probably set wrong for the population that the emulator has now. Here is a post that describes a problem that appears to be the same thing that eqemulator.net is experiencing:

http://forum.siteground.com/showthread.php?t=2096

I am not saying that the settings listed in that post are the solution to the LS issues, but at least that is an idea of what might need to be looked into or adjusted to see if it makes improvements.

We need to see if we can get more support from Rogean or doodman to see if we can get this problem resolved. If they can't/won't do it themselves, maybe they could finally allow someone else access (KLS or Cavedude maybe) to the server host so they can play around with it. At least having access to someone that will be able to actively work on this, I am confident that the problem could be resolved for good or at least, improved greatly. Really, I don't see why they wouldn't want to spend the few hours it would take to work on this issue in trade for not having to deal with restarting MySQL multiple times per week.

The thing is that I don't remember Login Server issues like this ever happening on the old hosting. Even if they did, it wasn't nearly as often as they do since the hosting changed. So, the old host must have had better settings to handle the number of connections that it needs to. That being the case should mean that this should definitely be a resolvable issue and I don't see why a little time can't be spent on it. This is affecting thousands of members and the entire project as a whole. It is definitely one of the biggest factors holding back the emulator for a long time now.

[Angelox]

We need to start working on a new, open-source LS, and put the old LS to sleep - The decaying LS is one big reason why I went Minilogin (it's not open source or open-anything, therefore, I don't want it).
It's incredible the recent amount of progress that has been made in such a short time, over and over again I've seen some of the new Devs prove statements like "it can't be done", wrong. So I'm sure a new Public LS can be made too.
The day will probably come, when you will all get up to a LS that's gone, never to come back again, and that will be a big blow to everyone. Loosing these forums, will not be so bad, as there are other forums around that can pick up the slack, but I guess it would be terrible to loose all the years of help posts, and history, someone might want to consider storing all this.

You need to start something that will go on for a long time, something that other people can pick up if you get tired and quit.

Quote:

Originally Posted by trevius

The Login Server issues lately have really been getting out of hand. It was one thing 6 months ago when it would only happen for a few days a month, but now it is a regular occurrence that is happening weekly or even multiple times per week.

I think the problems are probably related to what I think is an increase in popularity and population on the emulator. It has increased the number of MySQL connections and I assume that is the cause of the failures. It is good that the project may be growing in popularity, but I am sure it would be much more popular if it wasn't for these Login Server issues. It is to a point where the Login Server issues aren't just an annoyance anymore, they are taking a toll on the entire project.

Just to guess as to the cause of the problem, I think that either the max connection setting or the idle connection timeout setting for MySQL are probably set wrong for the population that the emulator has now. Here is a post that describes a problem that appears to be the same thing that eqemulator.net is experiencing:

http://forum.siteground.com/showthread.php?t=2096

I am not saying that the settings listed in that post are the solution to the LS issues, but at least that is an idea of what might need to be looked into or adjusted to see if it makes improvements.

We need to see if we can get more support from Rogean or doodman to see if we can get this problem resolved. If they can't/won't do it themselves, maybe they could finally allow someone else access (KLS or Cavedude maybe) to the server host so they can play around with it. At least having access to someone that will be able to actively work on this, I am confident that the problem could be resolved for good or at least, improved greatly. Really, I don't see why they wouldn't want to spend the few hours it would take to work on this issue in trade for not having to deal with restarting MySQL multiple times per week.

The thing is that I don't remember Login Server issues like this ever happening on the old hosting. Even if they did, it wasn't nearly as often as they do since the hosting changed. So, the old host must have had better settings to handle the number of connections that it needs to. That being the case should mean that this should definitely be a resolvable issue and I don't see why a little time can't be spent on it. This is affecting thousands of members and the entire project as a whole. It is definitely one of the biggest factors holding back the emulator for a long time now.

[trevius]

No matter what, the Public Login Server as it is now should never be fully open source. Not only does it contain the information needed to hack player accounts (including GM accounts), but it may also contain the information to allow hacking directly into EQLive servers. If that is the case, then an Open Source Login Server would probably be a quick way to get SoE spending money to try to get the project shut down. There are just too many security issues with making the current Login Server Open Source.

The only way to have it as open source would be for the authentication to actually happen on the EQEmu Server (individually to each server) instead of at the Login Server. I don't know if there is an easy way to do this other than having the Login Server allow any username/password to login (like minilogin does), and then forward that info onto the server that they try to connect to for authentication to happen. It would probably be able to work similar to the Minilogin, accept instead of forwarding the IP of the account that is logging in, it would just foward the password that they used to log in. Then, the password would just be saved as MD5 to reduce the readability of it.

The problem with that is it would need to be hosted by someone trustworthy, since I don't think it is safe to just enter your password on just anyone's Login Server. It probably wouldn't be hard for them to set it to log passwords/accounts and even if they are kept as MD5, that can still be cracked. Any time you are entering a password somewhere, you should always feel that it is as secure as possible. By allowing anyone to run a Login Server, it opens up a bunch of issues that could potentially cause more impact to the EQEmu Project than the current Login Server issues have been causing.

I am sure there is a good solution that we will eventually all come to, but for now, I think our best bet is to try our best to get the current Login Server issues resolved wether that mean contacting doodman/rogean to help with it or give access to someone active on the project, or maybe research if there is anything else that could potentially help from outside the Login Server. The issue could even maybe be helped just by adjusting the default rates that servers make connections to the Login Server. It could also possibly even be helped by more servers running almost all dynamic zones. I don't know this for sure, but I think zones have some sort of connection to the Login Server, and if so, having 200+ static zones is probably not helping the Login Server issues. Multiply that by a few servers and it starts adding up quick. Maybe if enough servers could adjust their own settings, it would help to fix or at least reduce this issue. That might be a long shot, but it is probably worth considering.

It would also be a really good idea to have a backup of the entire site from time to time in the case that the host server dies. Losing all accounts, wiki pages and forum posts would be devastating to the project and would probably be the end of it. It would take a very long time to recover from a loss like that and losing the wiki pages would make everything much more complicated.

[leslamarch]

I think if minilogin was changed to use username and password vs. IP address more people would be able to use it, and that itself would reduce the load on the public login server. I'm sure it would not be to much to accomplish this to whoever holds the source.

I know the biggest reason why people shy away from minilogin is the extra steps involed to make boxing happen without getting accounts booted. I'm still unsure why the login needs to be controlled by a select few, if the binaries are released the source is still protected.

We want to grow and having huge downtime is never a good thing. I Know this is all wasted words since this topic has been hashed over for a long time now, and it still is as it was.

[trevius]

Yes, this topic has been discussed a million times on these forums, but Angelox is right, almost anything is possible even if people say that it is not and that has been proven multiple times in the emu lately. I know that every since FNW gave up on getting Anniversary to work with the emulator, everyone has just said that there will probably never be an update to the client version of EQEmu. I hope to personally prove that wrong very soon if/when I finalize SoF enough for it to be fully playable Before, I was one of the people just spitting out the same thing I had heard time and time again that there would most likely not be anymore updates due to the massive work required to do it. Eventually, I learned enough where I thought I would attempt to see how far I could get on updating it myself. I failed ALOT and am still not done, but am getting very close to having a playable SoF client for EQEmu.

My point is that it seems like everyone (myself included) has just accepted the state of the Login Server as our fate and spits out the same thing over and over that there isn't anything we can do about it. The fact is that I don't know anyone who has actually even tried to do anything about it, or even discuss it with Rogean or doodman assuming they could maybe be contacted on the IRC channels. Until I hear it from them directly, or at least someone I trust to provide accurate information, I don't know if I can believe that it would be impossible to get this issue resolved.

All of the time that has been wasted due to the Login Server is just ridiculous. As I said, it was one thing when it was only down on occasion, but it is to the point where it is well beyond being a minor nuisance or inconvenience. I have no doubt that we are losing players almost every time that it goes down.

I hope this is not coming off as me being upset about the issue. I am not upset, I just think we need to take a different approach with it. Instead of passively just accepting the way that the Login Server has been acting up, I think it is time to take action. I know that work has already begun on making an alternate Login Server of some sort. I am sure that the source of that one won't be open source either. It is just disappointing that it comes to needing to re-invent the wheel. The current Login Server code is perfectly fine. I believe the only issue is with the configuration of the host server it is on. This whole issue could have possibly been resolve long long ago by just having someone that is actively involved in the project managing the server and getting it configured properly.

When things come to push and shove, stuff gets done, and it is already past that point IMO. I am sure it is only a matter of time until we have an alternative to the current Login Server. I just wish that Rogean and doodman would realize how dire the situation is and maybe lend a hand in resolving the issues with the current Login Server. I don't blame them for the current state of things and I think we are lucky that they have kept everything running as well as it still does even though they aren't involved in the project at all anymore.

Maybe the new Login Server will be done around the same time I get SoF done, and eqemu will be more popular than ever <--- I'm an optimist after-all!

[Angelox]

There's already a whole lot of people that use it (Minilogin) as-is. I get 'thank you' emails and PMs all the time from Minilogin users, they just don't post because they got their own thing going with friends and family.
I really am not interested in the public login anymore, even if it is not open source, there still is nothing else 'open' about it - and if it does one day come to and end, MiniLogin will keep EqEmu alive.

EDIT; By 'thank you' emails, I mean for all the help we gave people getting them going under MiniLogin.

Quote:

Originally Posted by leslamarch

I think if minilogin was changed to use username and password vs. IP address more people would be able to use it, and that itself would reduce the load on the public login server. I'm sure it would not be to much to accomplish this to whoever holds the source.

I know the biggest reason why people shy away from minilogin is the extra steps involed to make boxing happen without getting accounts booted. I'm still unsure why the login needs to be controlled by a select few, if the binaries are released the source is still protected.

We want to grow and having huge downtime is never a good thing. I Know this is all wasted words since this topic has been hashed over for a long time now, and it still is as it was.

[leslamarch]

Quote:

Originally Posted by Angelox

There's already a whole lot of people that use it (Minilogin) as-is. I get 'thank you' emails and PMs all the time from Minilogin users, they just don't post because they got their own thing going with friends and family.
I really am not interested in the public login anymore, even if it is not open source, there still is nothing else 'open' about it - and if it does one day come to and end, MiniLogin will keep EqEmu alive.

EDIT; By 'thank you' emails, I mean for all the help we gave people getting them going under MiniLogin.

I agree 110 % with this And i think your idea to use a unique number for accounts BRILLIANT

[Angelox]

I'm thinking, since Minilogin looks for IP address, have a script that converts the incoming username into a unique number, and insert it into the account table/ip.

Quote:

Originally Posted by leslamarch

I think if minilogin was changed to use username and password vs. IP address more people would be able to use it, and that itself would reduce the load on the public login server. I'm sure it would not be to much to accomplish this to whoever holds the source.

I know the biggest reason why people shy away from minilogin is the extra steps involed to make boxing happen without getting accounts booted. I'm still unsure why the login needs to be controlled by a select few, if the binaries are released the source is still protected.

We want to grow and having huge downtime is never a good thing. I Know this is all wasted words since this topic has been hashed over for a long time now, and it still is as it was.

[AndMetal]

Quote:

Originally Posted by Angelox

I'm thinking, since Minilogin looks for IP address, have a script that converts the incoming username into a unique number, and insert it into the account table/ip.

If Minilogin could use the encrypted username/password string as a unique identifier (think of it as an account ID rather than a username & password), that might work. In other words, allow everyone to login with whatever username/password they want to, but if you enter the wrong one, you won't see your characters. On the plus side, it would be relatively easy to engineer, and you wouldn't have to worry about registering user accounts. On the downside, it could create a lot of confusion if you enter in the wrong username or password, not to mention server admins tracking down a specific account. At the very least, this might make a good idea for a Minilogin2.

However, I agree, something needs to be done sooner rather than later. Ideally, the underlying issue for the downtime can be resolved now, and we can look toward a better way to handle the inherent negatives of having a central loginserver (limited ability to make enhancements, single point of failure) in the long run.