I think what we’re seeing here isnt Valve messing up but rather the middle east conflict expanded to cyberspace and spilling over to impact civilians. Look at the timing and affected countries. China isnt also exactly known for free internet.
WebRTC works as fallback. WebRTC is encrypted and cant be used for much else.
STUN in the otherhand is unencrypted and the protocol itself can be used for DDoS reflection/amplification. I would not be surprised if this is somehow weaponized and/or blocked/analyzed in real time that then breaks the connectivity.
STUN/TURN is basically icanhazip for WebRTC. STUN gives you your public IP:port. TURN is the same, but the returned IP:port is the one that had been dynamically allocated to you at time of querying, rather than the actual ones.
WebRTC clients take that STUN/TURN response and send to peers through out-of-band, through e.g. a lobby server chat mechanism, to set up the connection. This allows NAT table entries to be created as if they are outbound connection at both ends.
You can't make P2P connection with STUN/TURN alone. STUN/TURN is just a tool required for WebRTC.
I think you have it sideways. STUN [1] is the NAT traversal / "NAT hole punching" process that allows peers to discover their public IP addresses and establish direct P2P bidirectional UDP communication. WebRTC depends on STUN to establish P2P communication. You may be thinking of TURN [2] which amounts to routing traffic through an intermediary node that is visible to the two peers.
The network shenanigans that apparently affect the p2p gaming is allegedly by the militaries of many countries, related to the Iran war. Much like GPS disturbancs in Northern and Eastern Europe are due to the war in Ukraine. Dudes delivering pizza have to suffer them, even though they never signed up to take part in the war.
I know I'm just preaching to the choir here but my favourite thing about open source/published source libraries/applications is discussions on bug reports/pr's like this.
It's just something so heartwarming of multiple people coming together to describe their symptoms, workarounds and theories of what could be causing it.
GitHub discussions used to be so much higher quality though when the platform was for professionals. Now, I see so many discussions that devolve into practically being reddit/4chan threads. Another reason to leave.
I wish HN would ban posting links to issue trackers with comment sections, like lobsters has done. Although the spam volume from HN and reddit is pretty small compared to that from youtube reaction video influencers
I feel like it's gotten more professional. 10+ years ago people were dropping the hard R in pull request reviews, now everyone is acting like LinkedIn-speak and Stars will get them their next job
Wild hypothesising here on HN but if you read to the end of the GH issue users have been reporting that STUN has been failing (i.e. no P2P link establishment, fallback to high-latency relay servers.) Multiple users have been able to work around the issue by manually substituting older Valve WebRTC dlls. I'd love to read a postmortem from the Valve devs.
It's so funny when people come up with these arguments so confidently and then seeing them getting disproved so quick. Bro was never more glad there's anonymity on the internet
Then don't make this thread. One can't discuss an issue about Israel/middle east's internet connection while pretending the war doesn't exist. Technical issues don't float in a perfect vacuum sphere.
The rabbit hole started as a major P2P issue in Israel and possibly other middle east countries and further investigations revealed it seems to be a worldwide problem.
Valve fascinates me because the devs there occasionally seem to be simply the best on earth in a given field, but despite that, bizarre bugs will persist for a long time. My favorite was how steam in home streaming from a PC to a steam deck wouldn't work if the steam deck had an Ethernet and wifi connection - one of the connections had to be disabled or the stream would always crash.
Maybe they need a few average devs there to spend time sweeping up behind the paragons that are pushing the envelope into these features existing at all.
The company is very small, and they're doing a lot with what they have. Steam alone is full of arcane features that I keep discovering. There's a lot of backend stuff. They're making games and hardware.
Perhaps some of this is contracted, similar to the Linux compat and drivers, but it's still impressive to me, compared to the orgs like Spotify, order of magnitude larger with barely any features at all. (I understand there's legal, huge backend, and I didn't see many bugs over time, but still)
My favorite bug family, that somehow to sneak in every time, is how their react frontend (or whatever the store runs) manages to semi-crash and the controller inputs are no longer recognized.
I kind of hope at least they'll fix such issues permanently before the steam machine release.
That is the bane of my existence. Steam's UI is so slow to react due to its web roots, that I feel like people must be insane to think that Steam is somehow this great app. It's terrible.
Steam was rewritten in React relatively recently. I think most people formed their opinion of Steam back when it was mostly developed in VGUI, the same in-house native UI framework Valve used in games for stuff like the Half-Life 2 title screen and the TF2 server browser.
Valve famously has a very flat org structure so it's possible that that problem just isn't sexy enough for someone to pick it up on their own, without being told by a higher-up.
I wish they offered remote; I'd happily work there doing those sorts of unglamorous bug fixes. High-reliability engineering is my jam.
People keep blaming the flat org, as if conventionally-organised companies never had any bugs or never focused on very visible and marketable features rather than bug fix.
In fact, the flat org allows a random person to work on a niche bug management doesn’t seem to care about, which wouldn’t be possible if you had a boss breathing down your neck.
interesting, people speculated that Street Fighter6 went from P2P to relay a few months ago on one of the updates. never wouldve thought it would be actually a valve issue
This is basically the plot to the movie Zone of Interest, which was inspired by modern day Israeli society.
We have kids complaining online about 40ms ping on their video games, and right down the road kids are online complaining about how they're being hunted for sport.
Hm, I have always wanted to use this to play couch co-op remotely but is this even the same "service" that provides that?
Looks like they tracked it to a steam update in March, and there's a workaround for at lest 3 games that involves all players copying steamwebrtc.dll to the game's ./binaries folder.
Government-controlled inspection wouldn't be solved by switching to older DLLs (unless the code itself is compromised, which is unlikely for video game code)
Many organizations, surprisingly, still do things like using Kubernetes with TLS terminated at the ingress. In that case, you just need the splitter in the same network as the nodes hosting the ingress controller. Or inspect the unencrypted traffic within the cluster.
It takes a non-trivial amount of work to set up a service mesh (and mutual TLS between services), so many k8s clusters end up with unencrypted traffic inside the cluster network.
> It takes a non-trivial amount of work to set up a service mesh
I feel like configuring wireguard between a group of physical hosts is fairly trivial. After all I do it semi-manually in order to access my LAN when I'm elsewhere and I'm certainly no expert sysadmin.
My unpopular opinion: Valve is basically a parasite or a landlord. They've been so successful it's hard to imagine a world without them, and they say "you gotta give the parasite its due" and we believe them and comply.
It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
And their engineering culture is... odd. They hire senior people and then let them all fuck sound aimlessly. Their APIs are terrible, their infrastructure is all over the place, they still have patch Tuesdays. But because they are the landlord that owns every house in town, what are you going to do, not pay rent?
Gabe is out there cruising the world in a billion dollar yacht, eating thousand dollar meals. All that came off the backs of developers who actually make the games.
> It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
This is true, but "treat their customers ok" goes a long way. When everybody else severely abuses their customers, the one company that doesn't generates a lot of goodwill.
Eh, Steam is kind of like the liberal democratic US empire. It may be evil in a lot of ways but it could actually be a LOT worse. We may actually historically be very lucky to have had a non-shittificationmaxxing games platform for a couple decades, just like we were lowkey lucky that the world was briefly ruled by a somewhat democratic country.. Enjoy both while they last, may not be around long.
> just like we were lowkey lucky that the world was briefly ruled by a somewhat democratic country
This is just what you tell yourself to feel comfortable about living as a beneficiary of the empire. From the perspective of those invaded, there is no difference. Do you think in Vietnam they thought "I'm glad it is a democratic nation dropping dropping 7.5 million tons of bombs on us and raping our villagers, it would be so much worse if they were authoritarian!". Do you think in Cuba they think, "I'm glad it is a democratic nation that is blockading our entire economy, condemning us into poverty". Do you think in Iran they think "I am glad it is a democratic nation that assassinated our leader and bombed our school"?
I'd question the idea that they treat developers poorly. Epic Games Store exists and Famously beats Steam (and others) over the head by charging only a 12% fee
Hell, they even buy timed exclusive access to certain games
I lack an informed opinion on the matter but I have to wonder what you think the one thing has to do with the other? Developers have very little choice but to go where the customers are.
Totally agreed. I'm building a Steam competitor, that's web-based (WebGPU/WASM) as well as cross-platform. Light on games atm, but the goal is to replicate over time virtually every feature Steam has to offer, as well as more. You can check out a preview of the portal here:
WebRTC works as fallback. WebRTC is encrypted and cant be used for much else.
STUN in the otherhand is unencrypted and the protocol itself can be used for DDoS reflection/amplification. I would not be surprised if this is somehow weaponized and/or blocked/analyzed in real time that then breaks the connectivity.
WebRTC clients take that STUN/TURN response and send to peers through out-of-band, through e.g. a lobby server chat mechanism, to set up the connection. This allows NAT table entries to be created as if they are outbound connection at both ends.
You can't make P2P connection with STUN/TURN alone. STUN/TURN is just a tool required for WebRTC.
[1] https://en.wikipedia.org/wiki/STUN
[2] https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_...
I'm sure it was unintentional, but this phrase implies a pretty ugly sentiment
Who signed up for what?
These dudes and dudettes playing video games
> what?
Military service
FWIW I don't agree with the comment chain's source, I read "regular people" as "civilians" and don't think there was any nasty connotation meant.
aka civilians
It's just something so heartwarming of multiple people coming together to describe their symptoms, workarounds and theories of what could be causing it.
Don’t blame Github for getting spammed whenever an issue reaches the front page.
Why did you leave this part of title out? For clicks?
Nope. Right within the limit.
Maybe they need a few average devs there to spend time sweeping up behind the paragons that are pushing the envelope into these features existing at all.
Perhaps some of this is contracted, similar to the Linux compat and drivers, but it's still impressive to me, compared to the orgs like Spotify, order of magnitude larger with barely any features at all. (I understand there's legal, huge backend, and I didn't see many bugs over time, but still)
I kind of hope at least they'll fix such issues permanently before the steam machine release.
I shop on GOG.
I wish they offered remote; I'd happily work there doing those sorts of unglamorous bug fixes. High-reliability engineering is my jam.
In fact, the flat org allows a random person to work on a niche bug management doesn’t seem to care about, which wouldn’t be possible if you had a boss breathing down your neck.
We have kids complaining online about 40ms ping on their video games, and right down the road kids are online complaining about how they're being hunted for sport.
Looks like they tracked it to a steam update in March, and there's a workaround for at lest 3 games that involves all players copying steamwebrtc.dll to the game's ./binaries folder.
It takes a non-trivial amount of work to set up a service mesh (and mutual TLS between services), so many k8s clusters end up with unencrypted traffic inside the cluster network.
I feel like configuring wireguard between a group of physical hosts is fairly trivial. After all I do it semi-manually in order to access my LAN when I'm elsewhere and I'm certainly no expert sysadmin.
It's been kept around because they treat their customers ok, but they absolutely exsanguinate their developers.
And their engineering culture is... odd. They hire senior people and then let them all fuck sound aimlessly. Their APIs are terrible, their infrastructure is all over the place, they still have patch Tuesdays. But because they are the landlord that owns every house in town, what are you going to do, not pay rent?
Gabe is out there cruising the world in a billion dollar yacht, eating thousand dollar meals. All that came off the backs of developers who actually make the games.
This is true, but "treat their customers ok" goes a long way. When everybody else severely abuses their customers, the one company that doesn't generates a lot of goodwill.
This is just what you tell yourself to feel comfortable about living as a beneficiary of the empire. From the perspective of those invaded, there is no difference. Do you think in Vietnam they thought "I'm glad it is a democratic nation dropping dropping 7.5 million tons of bombs on us and raping our villagers, it would be so much worse if they were authoritarian!". Do you think in Cuba they think, "I'm glad it is a democratic nation that is blockading our entire economy, condemning us into poverty". Do you think in Iran they think "I am glad it is a democratic nation that assassinated our leader and bombed our school"?
Hell, they even buy timed exclusive access to certain games
And yet. Steam persists
https://gameselect-knvxf8av.manus.space/