High latency need a guide


I want to make a self hosted game server(2nd pc) to play with my friend but i'm under nat so no port forwarding also 16/32g of ram dedicated server are expensive.
so i tried zrok and everything works, me and my friend can join the server.

I hope i'm not wrong, My friend isp -> **.production.netfoundry.io -> my game server

The problem when we tried to play, game latency was unbearable around 300-500ms,
ohh yeah me and my friend are from sea, could it be distance between our isp and netfoundry also a factor?

i read the guides and the solution was to self host zrok with a linux vps and a domain
again, sorry if i'm wrong
My friend isp -> rented server/vps -> my game server

if so what specs zrok need core/ram? should be cheaper than rent a full dedicated server with 16/32g of ram.

Sorry i'm still learning about networking.

1 Like

Hi @Santiana, welcome to the community, to zrok, OpenZiti and networking! :slight_smile:

Yikes! That's no good for a game. To be honest that's a lot higher than I'd expect. The distance definitely is a factor, but even with terrible latency 300-500 is much more than I would expect. I'd expect something like 20 for "really good/close" to 150 for "really bad" so 300-500 -- ugh! ISP is a factor as well.

Is your VPS "in between" you and the friend? zrok needs very little to run. I run it on my home computer and minecraft (or palworld) and it's not even noticable overall... I've also run it on my "inovato" (a raspberry pi clone/competitor)

1 Like

Thanks @TheLumberjack

yeah we both from come from sea, from my place to his my isp latency are pretty decent around 70-90ms(around 500mi) pingtest, right now i'm currently looking for a vps for tunneling between me and my friend, too bad normal vps forbid the use for tunneling here.
nice, i also using zrok to play palworld.

1 Like

i got this error

	ziti           = {
		api_endpoint = ""
		username     = "admin"
		password     = <SECRET>
	tls            = <nil>
[   0.010]    INFO zrok/controller/store.Open: database connected
[   0.042]    INFO zrok/controller/store.(*Store).migrate: applied 0 migrations
[   0.042]    INFO zrok/controller.Bootstrap: connecting to the ziti edge management api
panic: error connecting to the ziti edge management api: Get "": dial tcp connect: connection refused

goroutine 1 [running]:
main.(*adminBootstrap).run(0xc000065630, 0xc0006dfbb0?, {0xc00033ee40?, 0x0?, 0x0?})
	/home/runner/work/zrok/zrok/cmd/zrok/adminBootstrap.go:40 +0xf7
github.com/spf13/cobra.(*Command).execute(0xc000440f08, {0xc00033ee00, 0x2, 0x2})
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.8.0/command.go:987 +0xab1
	/home/runner/go/pkg/mod/github.com/spf13/cobra@v1.8.0/command.go:1115 +0x3ff
	/home/runner/work/zrok/zrok/cmd/zrok/main.go:106 +0x1a[/code]

● ziti-controller.service - Ziti-Controller
     Loaded: loaded (/etc/systemd/system/ziti-controller.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-03-13 03:52:16 WIB; 19min ago
   Main PID: 511 (ziti)
      Tasks: 7 (limit: 1098)
	  sudo systemctl -q status ziti-router --lines=0 --no-pager
● ziti-router.service - Ziti-Router for MyPersonalPW-edge-router
     Loaded: loaded (/etc/systemd/system/ziti-router.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-03-13 03:52:16 WIB; 22min ago
   Main PID: 512 (ziti)
      Tasks: 6 (limit: 1098)
     Memory: 50.0M
        CPU: 7.081s
     CGroup: /system.slice/ziti-router.service
``` (clint edited -- used code block)

Are you self-hosting zrok? (i updated your post and put the stuff into a code block)

yes, using vps but got that error when bootstrap zrok

Ok -- I don't know how I missed that from before, i thought you were using zrok.io.

It would appear the controller is not running or is on a different port than 8441 based on dial tcp connect: connection refused. Since I see it's running from your systemctl status command, I would assume it's just not listening on 8441. You can either look in the controller config file or use ss to find what port the controller is on.


NAME             VERSION
ziti             v0.31.4
ziti-controller  not installed
ziti-prox-c      not installed
ziti-router      not installed
ziti-tunnel      not installed
ziti-edge-tunnel not installed

that's weird, i run ExpressInstall

can you run these commands:

grep address: $HOME/.ziti/quickstart/$(hostname)/$(hostname).y*
ss -lntp

and report back what ports are open? ziti version isn't what you need to run, that only shows the version of ziti installed. You really want to look in in the config file:

grep address: $HOME/.ziti/quickstart/$(hostname)/$(hostname).y*
    address: ec2-3-18-113-172.us-east-2.compute.amazonaws.com:8441
        address: ec2-3-18-113-172.us-east-2.compute.amazonaws.com:8441

see how my quickstart/expressInstall has the address set? do you see something like this?

tate     Recv-Q    Send-Q       Local Address:Port        Peer Address:Port    Process                                                                         
LISTEN    0         128           *        users:(("sshd",pid=517,fd=3))                                                  
LISTEN    0         4096                     *:1280                   *:*        users:(("ziti",pid=511,fd=10))                                                 
LISTEN    0         4096                     *:10080                  *:*        users:(("ziti",pid=512,fd=7))                                                  
LISTEN    0         4096                     *:3022                   *:*        users:(("ziti",pid=512,fd=8))                                                  
LISTEN    0         4096                     *:6262                   *:*        users:(("ziti",pid=511,fd=8))                                                  
LISTEN    0         128                   [::]:22                  [::]:*        users:(("sshd",pid=517,fd=4))                                                  
LISTEN    0         2                    [::1]:3350                [::]:*        users:(("xrdp-sesman",pid=515,fd=11))                                          
LISTEN    0         2                        *:3389                   *:*        users:(("xrdp",pid=558,fd=11))

i'll take a little break for now, thanks @TheLumberjack

Yeah. it's running on 1280 not 8441. I don't know what/how you have 8441 but you'll just want to adapt your ports accordingly.

@TheLumberjack i followed the guide in

but ziti-controler and edge -tunnel always not installed

I've not personally followed the video, but you absolutely will need the ziti controller to be installed and you do not need ziti-edge-tunnel whatsoever.

You should minimally need:

  • a ziti process running a controller ziti controller run
  • a ziti process running a router ziti router run
  • a zrok front end
  • a zrok controller
  • some proxy to front/offload TLS
  • a lets encrypt wildcard cert

I assume you have some or most or all of these things... Unfortunately, you're not giving me enough information to help you here.

You have installed an OpenZiti quickstart, right? Based on a message a few messages ago I assume you've gotten that far.

Can you outline what commands you have run and where it's failed maybe? I just don't know where you're at or what the problem is now I can help with...

okay, i'll try rebuild and start again from from the start

seems like the vps server that forbid tunneling, can't even saved ziti to path
thanks for the help @TheLumberjack

That's a shame. What provider were you using? If I get some time, I'll see if I can try it myself. :face_with_diagonal_mouth: Using the SaaS zrok.io isn't an option, I assume? You wanted to selfhost?

Yeah it's definitely my hosting,in my country indonesia,under 10$ vps seems to forbid tunneling.
i don't think we can play through zrok SaaS directly, worst latency i got reached 1400ms.
maybe my friend will try vultr or linode singapore nodes.

thanks for all the help @TheLumberjack