Previous | Table of Contents | Next |
RealPlayer allows you to view streaming video and audio from the Internetwithout waiting for it to download. RealPlayer is easy to configure if you use one of its preconfigured proxies (see Figure 20.5). Unfortunately, most networks dont have a RealPlayer PNA proxy or a RealPlayer RTSP proxy. Unless your business relies heavily on audio and video from the Web, its very unlikely that management has decided to install such proxy servers.
Figure 20.5 RealPlayer works best with its own proxies, but it does support an HTTP application proxy as well.
An HTTP proxy is supported, and this is how youll want to go if you have an HTTP proxy. However, Im frequently asked how to configure RealPlayer for use over an outgoing-only socks 4 or 5 proxy server.
Heres the scoop: For some reason, RealPlayer will not work with NECs SocksCap32; either RealPlayer is using 16-bit network functionality or it works some nonstandard black magic with TCP/IP.
How do I know that it doesnt work with the NEC client? I ran RealPlayer through the NEC socks client, and while it tried to connect, I ran netstat -a in a DOS window. I saw that RealPlayer was trying to directly contact the host on the Internet, because I saw a foreign IP address and a SYN_SENT socket state. (See Hour 18 for socket state details.) Had it talked properly to the NEC client, I would have seen a socket to my socks server in the ESTABLISHED state, or at worst, CLOSE_WAIT or TIME_WAIT. This would have told me that my problem was not with the client software.
In any event, RealPlayer will work using the Hummingbird socks client. Youll still have to do some RealPlayer configuration, however. Socks 4 does not support UDP, and some socks 5 servers are not configured for any incoming connections at all. To get RealPlayer to work without touching your proxy server, youll want to configure RealPlayer to use TCP connections only. You sacrifice some speed by doing thisTCP connections are slower than UDP connectionsbut who cares? See Figure 20.6 for the proper setup to make RealPlayer only use TCP connections.
Figure 20.6 Sometimes youll need to specify TCP-only connections for RealPlayer to work through a firewall.
Some games are very well behaved. For example, Origins Ultima Online is extremely proxy friendly. It uses TCP connections only, and it initiates the connection from the workstationthat is, from inside your network. As such, it will run from the NEC or Hummingbird socks launcher or through a packet-filtering firewall without a problem. I really like network toys that work like thisno muss, no fuss, no problem!
Other games, such as Blizzards StarCraft and Diablo, want you to open up incoming UDP and TCP sockets on your firewall. (All of Blizzards Battle.Net games use TCP and UDP port 6112.) Again, they will not work on an outgoing-only firewall or a proxy server; they require incoming access to your network. Although Im a huge StarCraft fan, Im not a huge fan of opening up incoming ports on a firewall to allow game play. Youve got to draw the line somewhere, I suppose.
Of course, there are other things that will keep your network toys from working; dont forget basic black box troubleshooting strategies. In particular, youll want to monitor system resources (some of these toys are resource hogs) and check, as we did in Hour 18, whether the server on the other side of the Internet is listening for connections. If youre able to telnet to the TCP port that a particular game uses (and TCP is the only thing its trying to use), its extremely unlikely that your firewall is interfering with the operation.
You can practice your network troubleshooting skills and create goodwill with your network users all at the same time. Network toys such as chat programs, streaming video and audio, and games are loads of fun to use on your network, but they are usually designed for home use or for a specific corporate customer. To successfully use these, youll either need to enable their built-in proxy support, add an external client for proxy support, or fix your firewall to allow their socket numbers to pass through unmolested.
If your company policy allows incoming connections, its a simple matter to add additional ports to your firewall configuration. Nonetheless, I personally hate adding incoming ports merely for network play, because its unnecessary diddling with a very important piece of network security equipment. You should think twice about doing this!
Q How do I figure out which port a specific game or toy uses?
A Id be very surprised if the vendor didnt tell you. Still, some dont. Youll want to do the difference trick again to find out which port your Net toy uses. Dial into your personal Internet account, and type the following:
netstat -a > before.txt
Then run the game, stay connected, get back to a DOS prompt, and type this:
netstat -a > after.txt fc before.txt after.txt
Youll be rewarded with the socket number(s) that your game uses. This method has two drawbacks: UDP ports wont show up this way, because there is no connection. Also, you have no idea whether theres a different TCP connection used at login versus during gameplay.
If you must know exactly which ports your game usescheck out Hour 21, Tell Me About Your Network: Network Analyzers, and use a network analyzer to capture the packets of a game session. Youll have to do this from your DMZ, unless you have a serial (dial-up) analyzer. At this point, you should ask yourself whether you really want to play that badly?
Previous | Table of Contents | Next |