Author Topic: L4D2 Server Guide (VPS/Dedicated Machine)  (Read 48879 times)

Sir

  • *
  • Posts: 915
    • View Profile
L4D2 Server Guide (VPS/Dedicated Machine)
« on: August 02, 2013, 07:36:15 am »
Introduction:
I've been getting increasingly more questions regarding L4D2 Server setup for Linux as well as on how to protect them from simple DoS attacks. Seeing as most Server Install guides have not been updated to work with SteamCMD, a lot of people are left with confusion and I was hoping I could help a few people out.

This guide is intended to help Linux VPS/Dedicated Server owners out, I'm aware that there are still a few people using Windows as their Server OS and that they'd like some guidance as well, but I'm afraid that Linux is the "weapon of choice" for L4D2 Servers as they don't have "unfix-able" crashes related to confoglcompmod and are just much easier to protect against DoS. (I have a gut feeling the crashes could possibly be resolved with the arrival of lgofnoc though, I might add Windows to this guide later on)
Chapter 2 will of course also work for Windows.

Note: Regular GameServer owners can only make use of the server.cfg in this guide, you could possibly make use of DoS protection, but there's also only a handful of providers that will help you setup your IPTables.
Most Providers simply don't care and will let your server get attacked over and over again.
This is why running a VPS/VDS/Dedicated Machine is always better than a simple GameServer.
Full Control with little knowledge is always better than Limited Control and no support.

Chapters

VPS/VDS/Dedicated Machine Setup
- 1. Setting Up
- 2. DoS Protection

1. Setting up your Machine:

Alright so you've either purchased a VPS/VDS/Dedicated Machine, are ordering one right now or are thinking of purchasing one.
The first choice you will have to make is picking the Linux Distribution.
My personal recommendation would always be Debian, as it's probably the easiest to use and it seems to have the most benefits for Gaming Servers in terms of performance, due to its lightweight and efficiency.

This guide might contain several bits that are handled differently by other Distributions, I will make notes on parts that might require a different setup. You can either google for the answer or contact me on Steam if you need help on those.
----

After setting up the Linux distribution and logging into your Server by the use of (Putty - Click Me!) it is recommended to install screen before you begin your Install.
Screen is a full-screen window manager that multiplexes a physical terminal between several processes (This basically means that it will run processes in the background, while also allowing you to keep processes running when you log off)
Code: [Select]
apt-get install screen
After installing screen, it is advised to create a separate user where you will run your L4D2 Server(s) on. Running servers on Root is never a good thing as it increases security risks.

Code: [Select]
// This will setup a user called l4d2 and allow you to set a password for it.
adduser l4d2

// This will switch from the root user to the l4d2 user
su - l4d2

// This will retrieve SteamCMD, which is used to get the L4D2 Files.
wget http://media.steampowered.com/client/steamcmd_linux.tar.gz

// This will extract the package to the current folder.
tar -xvzf steamcmd_linux.tar.gz

// This will start SteamCMD
./steamcmd.sh

// Time to log in with the anonymous account, you don't need your own.
login anonymous

// This one is optional, you can choose a folder to install to or it will create a default structure (Steam/Steamapps/Common/..)
force_install_dir <path>

// Download and Validate L4D2 Files!
app_update 222860 validate

// After you're done, you might want to leave this crazy SteamCMD Thing
quit

Voila, you have now aquired all the server files on your separate user.
Depending on how many servers you wish to run, you will have to setup your server.cfg now

Single Server (Only need server.cfg):
Code: [Select]
//Left 4 Dead 2 Server.cfg
//This file goes inside your L4D2 Server's "cfg" folder
 
//This is the name for your Left 4 Dead 2 Server
hostname "This Server is Cakey"

//Use this to prevent your custom hostfile and motdfile to be overwritten (rename the files accordingly)
hostfile host.txt // default, rename if custom.
motdfile motd.txt // default, rename if custom.

//Steam group # to assign to server & making server private
sv_steamgroup 13377331
sv_steamgroup_exclusive 1  // 1 = Restrict Server to SteamGroup (ID Above)
sv_search_key serveryolo
 
//Gametypes sets the gametypes you want your server to run
//----> Versus Only: sv_gametypes "versus"
//----> Survival Only: sv_gametypes "survival"
//----> Coop Only: sv_gametypes "coop"
//----> Realism Only: sv_gametypes "realism"
//----> Team Versus Only: sv_gametypes "teamversus"
//----> Scavenge Only: sv_gametypes "teamscavenge"
sv_gametypes "versus,realism,teamversus"

// No Tips from Game & Timeout
sm_cvar sv_gameinstructor_disable 1            // Disable Game Instructor?
sm_cvar sv_timeout 15                                  // Time players out after this many seconds after losing connection.

//Stableness and Networking stuff.
sm_cvar fps_max 0                                        // Forces Server to perform the best it can.
sm_cvar net_splitpacket_maxrate 30000      // Set Value to: (Tickrate / 2) * 1000
sm_cvar nb_update_frequency 0.024           // Lowest possible value before noticing stuttering common.
sm_cvar sv_minrate 30000                           // Should never change this.
sm_cvar sv_maxrate 60000                          // Set Value to: Tickrate * 1000
sm_cvar sv_mincmdrate 30                           // Should never change this.
sm_cvar sv_maxcmdrate 60                          // Set Value to Tickrate.
sm_cvar sv_minupdaterate 30                      // Should never change this.
sm_cvar sv_maxupdaterate 60                    // Set Value to Tickrate.
sm_cvar sv_client_min_interp_ratio -1
sm_cvar sv_client_max_interp_ratio 2

//Rcon password - Sets the password for remote rcon admin
rcon_password "passwordisfornibs"

//Allow connections without creating lobby. Set to 1 to allow lobby connections only
sv_allow_lobby_connect_only 0
 
//Region - This sets the lobby in which your server will be part of
//You will want to set this to the closest location to your server
//eastcoast - sv_region 0
//westcoast - sv_region 1
//south america - sv_region 2
//europe - sv_region 3
//asia - sv_region 4
//australia - sv_region 5
//middle east - sv_region 6
//africa - sv_region 7
//world - sv_region 255
sv_region 255
 
// Server Logging
sv_log_onefile 0 //Log server information to only one file.
sv_logbans 1 //Log server bans in the server logs.
sv_logecho 0 //Echo log information to the console.
sv_logfile 1 //Log server information in the log file.
sv_logflush 0 //Flush the log file to disk on each write (slow).
sv_logsdir logs //Folder in the game directory where server logs will be stored.
exec banned_user.cfg //List of banned steam ids.
exec banned_ip.cfg //List of banned IP addresses.
writeid
writeip
 
//Allow use of cheats
//0 = Off
//1 = On
sv_cheats 0
 
//All talk - Allow both teams to use audio chat to speak with each other
//0 = Off
//1 = On
sv_alltalk 0

Multiple Servers:
Most people will go for forking, this should be okay for pure basics, but can be quite problematic if you wish to have different launch parameters per server. (For example; Different Tickrates or wanting to run specific servers on constant ports)

Quote from: Valve
As part of the forking functionality mentioned below, the server parameters support substitution. For instance, if you specify +exec autoexec##.cfg, then the first server will execute autoexec01.cfg, the second autoexec02.cfg, and so on.

-fork <number> - Starts up the specified number of servers at once. They will each use the first available port number at 27015 or above.


I personally use the following approach;

Server.cfg contents
Code: [Select]
// This will be used as an alias to tell the server which server##.cfg to load
loadservercfg

For every server you're going to run, create a server.cfg and a run.cfg
Name the first one server01.cfg and run01.cfg, the next server02.cfg and run02.cfg and so on.
Setup the Server##.cfgs with the same data as you would setup a Single Server, but adjust the rates, hostname and the like to match the server's needs (Explained in the server.cfg above)

The run##.cfgs are setup like this
Code: [Select]
// Run01 will work with Server01, Run02 with Server02, etc
alias loadservercfg "exec server01"

// Hostport for the Server mentioned above, 27016 for the next server, etc.
hostport 27015

Now that we have everything setup for our Single or Multiple Servers, we're ready to setup a starting script to start/stop the servers.
I recommend using Notepad++ if you want to write Scripts for Linux without running into errors after uploading them to your server. (Standard Notepad editors will save everything in a DOS format, which makes Linux sad)

Start up Notepad++ and set the format to UNIX (Edit -> EOL Conversions -> Unix)
Save the following code as serverS.sh;
Code: [Select]
#### Define your Server's External IP
SERVER_IP="xxx.xxx.xxx.xxx"

#### Define the path for your L4D2 Server Files
#### Change if needed!
SERVER_PATH="/home/l4d2/Steam/SteamApps/common/left 4 dead 2/srcds_run"

#### Add/Remove/Change lines if needed, I'm sure you get the basic idea now
#### I personally remove "-tickrate" when using a 30 Tick Server, leaving it in shouldn't cause any harm if you have the tickrate enabler installed.
#### Taskset is to assign a Server to a certain CPU Core, if you don't define it the server will pick the least busy core. (0 = Core 1, 1 = Core 2, etc)
screen -mdS server01 taskset -c 0 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run01.cfg
screen -mdS server02 taskset -c 1 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run02.cfg
screen -mdS server03 taskset -c 2 "$SERVER_PATH" -game left4dead2 -tickrate 100 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run03.cfg
screen -mdS server04 taskset -c 3 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run04.cfg
screen -mdS server05 taskset -c 4 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run05.cfg
screen -mdS server06 taskset -c 5 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run06.cfg

Next, create another file and name it serverQ.sh, this will serve as your Server Quit script.
Code: [Select]
#### Only kill existing ones, if you remove/added/renamed "screens" you'll have to edit this too.
screen -r server01 -X quit
screen -r server02 -X quit
screen -r server03 -X quit
screen -r server04 -X quit
screen -r server05 -X quit
screen -r server06 -X quit

Once you're done, upload the files to your user's main folder, which is /home/<yourusername>
This way it'll be easy to launch the scripts directly after logging in.

Make sure you can run them though!
Code: [Select]
chmod +x /home/<yourusername>/serverS.sh
chmod +x /home/<yourusername>/serverQ.sh

2. DoS Protection (VPS/VDS/Dedicated):

Seeing as lately a lot more people think it's funny or cool to attack servers with whatever they find on Google's first result, I think more server owners should be aware on how to protect their Linux Servers.
I've spent a bit of time on testing/tweaking IPTables, which is Linux's main line of defense against kids.

Luckily, I won't have to write an entire paragraph on this, as I've already done that! Phew!
I've uploaded and commented everything on my Github, which you can find here

Don't forget that not every dropped/flood packet is a DoS attempt, a lot of people (including me) have made that mistake in the past.
I've had several reports of Flooding Packets being caused by HLSW packets, adjusting the rules to prevent HLSW packets from being dropped results into allowing some DoS attacks coming through, so we'll just have to live with a few dropped packets because of HLSW. It should be easy to make a difference between a serious flood and HLSW being silly though.

----------------------------------------------------------------------------------------------------------------------

< FAQ >
Q: If I'm interested in getting a VPS/VDS/Dedicated Machine, what should I look for?
A: CPU Speed and Model as well as Location (Where are most of your players located?) and checking out Reviews isn't a bad idea either, as this will likely give you a better picture of Customer support, Network Quality and Server Performance.
Most providers also have public IPs/Servers available which you can ping to get an idea of average Pings

Personally, I have (had) pleasant experiences with the following;
US Based: NFO Servers (VPS)
EU/US Based: SingleHop (Full Dedicated Machine)

Q: I have issues with permission when trying to download the files!
A: Logging into the User directly when starting up PuTTy should resolve your problem.

Q: How can I see the servers that are currently active?
A: Use the command "screen -ls", this will list all the active screens, each has its own server inside.
Switch to a specific screen by typing "screen -r <screenname>"
If you wish to leave the screen and go back to where you were, press Ctrl + A +D

Q: Wouldn't it be better to quit the servers instead of killing the process?
A: Nobody's stopping you from writing up your own script!
I can safely assure you that it won't make a difference though, nothing will be harmed.

< Changelog >
August 2nd, Friday, 12:36PM GMT:
Published

August 5th, Monday, 12:26PM GMT:
Fixed $SERVER_PATH being useless on directories with spaces/symbols
Added some additional entries on the FAQ


August 14th, Wednesday 12:02PM GMT
Cut the guide a bit, my intention was to add a Promod Install guide to it, but I've decided to split it up into another Guide for readability.
Renamed Thread accordingly.

< Contribution/Testing >

fig newtons
Canadarox
ZenDigital
« Last Edit: August 14, 2013, 07:02:11 am by Sir »
Group Owner of :| SirPlease
Config Dev :| Zonemod 1.8

CanadaRox

  • *
  • Posts: 589
    • View Profile
    • Confogl home page
Re: L4D2 Server Guide
« Reply #1 on: August 02, 2013, 02:05:16 pm »
If you are using Debian you may want to check out the iptables-persistent package (it also exists for Ubuntu).  It is just an official init.d script for automatically restoring the IPTables rules.  When you first install it, it should save your current rules so you can get away with running Sir's script once and having it saved.  Another thing people should probably be installing is fail2ban (or something similar) which helps prevent brute force attacks over SSH.

If anyone is just running a single server you might want to try out this bash script I wrote: http://sprunge.us/MFYO?bash.  Just edit lines 4-17 to set what you want and you can use it to start/stop/restart the server easily from the command line.
"Now I've seen people running kite scripts making perfect and I do mean geometry class perfect circles around a moving tank." - The average pub

Sir

  • *
  • Posts: 915
    • View Profile
Re: L4D2 Server Guide
« Reply #2 on: August 02, 2013, 02:50:20 pm »
If you are using Debian you may want to check out the iptables-persistent package (it also exists for Ubuntu).  It is just an official init.d script for automatically restoring the IPTables rules.  When you first install it, it should save your current rules so you can get away with running Sir's script once and having it saved.


Ah cool, I've already went into depth on how to make sure the IPTables are saved after Server Reboots, but I guess a package like that could work, I'll add it in, thanks :)

Edit:
The only thing that's a bit bothersome is that it comes without a configuration wizard as it's aimed at experienced administrators.
I haven't actually gotten to check it out yet as I don't have time at the moment, but it sounds like it'd require additional explanation, which I've already given on the method I'm using in my IPTables setup.

Quote from: CanadaRox
Another thing people should probably be installing is fail2ban (or something similar) which helps prevent brute force attacks over SSH.


Fail2Ban, I kind of have mixed feelings with this one. In theory it's a pretty cool tool and it sounds like a big plus.
Unfortunately in action, I have to say I am kind of disappointed with it. I've personally decided to drop them and let the IPTables I've got setup in that script protect SSH instead.
« Last Edit: August 02, 2013, 05:07:37 pm by Sir »
Group Owner of :| SirPlease
Config Dev :| Zonemod 1.8

fig newtons

  • *
  • Posts: 1882
    • View Profile
    • configs
Re: L4D2 Server Guide
« Reply #3 on: August 02, 2013, 10:30:41 pm »
Use rsa keys and disable passworded login

ZenDigital

  • ***
  • Posts: 143
  • I wanna fill yer hoohah with GOOF JUICE!!!!!!
    • View Profile
    • Team StickUpKidz MOTD
Re: L4D2 Server Guide
« Reply #4 on: August 04, 2013, 05:06:12 am »
Use rsa keys and disable passworded login

Explain plz, for those like myself who are completely new to this.
"You're completely retarded and more toxic than chemical waste. Get lost." ~Visor 2016

Sir

  • *
  • Posts: 915
    • View Profile
Re: L4D2 Server Guide
« Reply #5 on: August 04, 2013, 06:00:06 am »
Explain plz, for those like myself who are completely new to this.


Same kind of method can be used for github (I believe bitbucket has something like this as well, can't remember)
It takes a little bit of an extra push, but if you suffer from a lot of bruteforce attacks it's definitely something to consider.

All in all, I'm pretty sure you'll be fine without it (while running just L4D2/most other Gameservers)
Here's a bit more info if you're still interested; RSA SSH Authentication
--

It's definitely very useful if you manage multiple machines though, as you don't have to remember the passwords.
Group Owner of :| SirPlease
Config Dev :| Zonemod 1.8

fig newtons

  • *
  • Posts: 1882
    • View Profile
    • configs
Re: L4D2 Server Guide
« Reply #6 on: August 04, 2013, 08:03:19 pm »
Quote
screen -mdS server01 taskset -c 0 $SERVER_PATH -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run01.cfg
screen -mdS server02 taskset -c 1 $SERVER_PATH -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run02.cfg
screen -mdS server03 taskset -c 2 $SERVER_PATH -game left4dead2 -tickrate 100 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run03.cfg
screen -mdS server04 taskset -c 3 $SERVER_PATH -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run04.cfg
screen -mdS server05 taskset -c 4 $SERVER_PATH -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run05.cfg
screen -mdS server06 taskset -c 5 $SERVER_PATH -game left4dead2 -tickrate 60 -maxplayers 16 -ip $SERVER_IP +map c5m1_waterfront +exec run06.cfg
Quote all your substitutions in bash. Otherwise this will choke if $SERVER_PATH has whitespace or special characters in it. Like this:

Quote
screen -mdS server01 taskset -c 0 "$SERVER_PATH" -game left4dead2 -tickrate 60 -maxplayers 16 -ip "$SERVER_IP" +map c5m1_waterfront +exec run01.cfg

fig newtons

  • *
  • Posts: 1882
    • View Profile
    • configs
Re: L4D2 Server Guide
« Reply #7 on: August 04, 2013, 08:28:36 pm »
Quote
Next, create another file and name it serverQ.sh, this will serve as your Server Quit script.
I don't know if this is an issue for the server but I'm pretty sure this just terminates the screen session rather than giving the server a chance to quit gracefully.

Sir

  • *
  • Posts: 915
    • View Profile
Re: L4D2 Server Guide
« Reply #8 on: August 04, 2013, 10:18:43 pm »
Quote all your substitutions in bash. Otherwise this will choke if $SERVER_PATH has whitespace or special characters in it. Like this:

Hehe, I've never used whitespaces in my directories in Linux.
ZenDigital came to me with the server path not being recognized and I was hoping I could make it until today to edit that in without getting sniped here. xD

Need to make a few changes to the guide, which I will do when I come back home later this afternoon, thanks for pointing it out though :)

I don't know if this is an issue for the server but I'm pretty sure this just terminates the screen session rather than giving the server a chance to quit gracefully.

That's true, but it's not an issue at all :)
Group Owner of :| SirPlease
Config Dev :| Zonemod 1.8

CanadaRox

  • *
  • Posts: 589
    • View Profile
    • Confogl home page
Re: L4D2 Server Guide
« Reply #9 on: August 04, 2013, 10:34:56 pm »
I don't know if this is an issue for the server but I'm pretty sure this just terminates the screen session rather than giving the server a chance to quit gracefully.

Half the time when I run 'quit' from the console the server segfaults anyways so I wouldn't be too worried about it closing gracefully.
"Now I've seen people running kite scripts making perfect and I do mean geometry class perfect circles around a moving tank." - The average pub

World of Noise

  • ****
  • Posts: 290
    • View Profile
Re: L4D2 Server Guide
« Reply #10 on: August 08, 2013, 12:35:55 am »
Can we sticky this thread?  :D

S-Server

  • *
  • Posts: 49
    • View Profile
Re: L4D2 Server Guide (VPS/Dedicated Machine)
« Reply #11 on: August 15, 2013, 09:19:08 am »
Great guide thanks a lot , but you can get DDoS protected l4d2 servers for as little as £2.50 a month in europe

Visor

  • *
  • Posts: 1149
    • View Profile
    • Steam Profile
Re: L4D2 Server Guide (VPS/Dedicated Machine)
« Reply #12 on: August 15, 2013, 11:51:02 am »
Great guide thanks a lot , but you can get DDoS protected l4d2 servers for as little as £2.50 a month in europe

Lol nope, best that can do is protect against 10 mb farts. Aside from that, anything lower than 1 gbps can't really be labelled as a 'distributed' denial of service. No fool is gonna lend you gigabit channels and raw horsepower for 5 bucks a month.
$10 says you aren't anywhere near a controlling position of the L4D3 scene in any continent when it happens.

Thing is he does what he wants, cause his able to and we are letting him do that. He abuses hes place and power in this community and people like me get banned for no reason. Only thing visor wants is more and more control so he can do what ever he wants.

Sir

  • *
  • Posts: 915
    • View Profile
Re: L4D2 Server Guide (VPS/Dedicated Machine)
« Reply #13 on: August 15, 2013, 02:41:32 pm »
Great guide thanks a lot , but you can get DDoS protected l4d2 servers for as little as £2.50 a month in europe

As Visor pointed out, don't believe everything your hosts claim, at least be realistic about it.
Most Providers will actually take your server down if it gets DDoSed. (Null route)
Group Owner of :| SirPlease
Config Dev :| Zonemod 1.8

S-Server

  • *
  • Posts: 49
    • View Profile
Re: L4D2 Server Guide (VPS/Dedicated Machine)
« Reply #14 on: September 07, 2013, 03:08:22 pm »
As Visor pointed out, don't believe everything your hosts claim, at least be realistic about it.
Most Providers will actually take your server down if it gets DDoSed. (Null route)

OVH in europe offer 450Gbit DDoS protection for free on all servers , and it works well , but OVH support is another story

 

A dedicated community website to competitive L4D and L4D2, ran by the community, for the community. L4DNation supports all continents of play and focuses on bringing together the community as a whole to a central hub of information.