NATNEG connection issues during docker port mapping

[t3r6]

From what I understood NATNEG allows you to connect to the game server behind NAT without opening ports on a router. However, this technology does not work on most of the modern routers. They just block its traffic no matter how you configure them. If you open port on a router, NATNEG check should be disabled from the OpenSpy side.

Sometimes NATNEG does not allow you to connect to the server even though router ports are open.

My setup: Win11; Ubuntu 22.04 on Virtual Box 7.0.18 (host network); docker 27.0.3 (bridge network).

Router ports 3455 and 3456 are open.

I don't have any issues with the Docker/Podman host network driver but I have issues with the default Docker bridge network driver.

Here is my issue:

Let's assume that the default game port is 3455.
The game has 2 hardcoded natneg domains: natneg1.openspy.net and natneg2.openspy.net

• When I run a docker server this way (I map 3455 on host to 3455 on the container):

docker run --rm --name ffa -itd -p 3455:3455/udp  docker.io/painkillergameclassic/pkserver:main

A client can see the ping of my server and is able to join.

• When I try to run a second sever with mapping to a different host port (I map 3456 on host to 3455 on the container):

docker run --rm --name ctf -itd -p 3456:3455/udp  docker.io/painkillergameclassic/pkserver:main

A client can see my server ping as zero and are not able to join automatically if they click on a server. They get this error:

NAT Negotiation error: Partnet did not register with the NAT Negotiation Server

Nevertheless, they can join my server via typing /connect ip_address:port in the game.

• If I run the game this way (I map 3456 on host to 3456 on the container and I do a hack to change the server port config to 3456):

docker run --rm --name ctf -itd -e CFG_SERVERPORT="3456" -p 3456:3456/udp  docker.io/painkillergameclassic/pkserver:main

A client can see the ping of the server and can join a server in the game by clicking on it.

My conclusion:

The game tells OpenSpy that it is up on port 3455, while another port is mapped from the docker engine to the guest system - 3456, but this is not an address translation, but simply a port mapping. Apparently NATNEG is trying to negotiate with port 3455 when it should be with 3456.

In short

• This port mapping works:
  

• This port mapping does not work
  

Is it possible to have some workarounds from OpenSpy regarding it?

P.S. Unlike Docker, none of the above scenarios work on Podman bridge network for some reason. Everything works only via the Podman host network.

[anzz1]

The docker environment is meant for testing and development purposes, you are obviously not supposed to use docker or other containerization nonsense when deploying it

[t3r6]

The docker environment is meant for testing and development purposes, you are obviously not supposed to use docker or other containerization nonsense when deploying it

Have you thoroughly read the topic? Did you get the key points? I suppose you've never heard about kubernetes and containerization in general since most of the IT industry is running containers in production for a decade already.