Originally Posted by abhishek_deshkar
I'm looking to hide my main IP. Is is possible to have multiple ips to one servers ?
First of all: Please get out of your dreams with "hiding IP addresses", as that is not *really* what you want, and not anything you can really do anyway.
CS:GO can only use one IP address at a time, so you need to configure your game server to use the so-called "anycast IP".
You also need to make sure that your "VPS" is always routing your game server's OUTBOUND
traffic (such as traffic towards the Steam network, heartbeats and GSLT related stuff) out via the anycast IP address, at the very moment where it goes out from the main IP address, you will have the issues where it will not work.
Unless Steam network sees your traffic from the "anycast IP address", Steam will not let users connect to it. Steam believes the IP it sees as the origin of your game server's request(s) are the one your server has.
Most of it can (most often) be done using various firewall rules, but which exact rules you need to apply, will depend very much on the underlying set up, which you haven't shared a single fact about.
- Run "ip a" and/or "/sbin/ifconfig" (or any similar command showing all the network interfaces of your VPS and it's IP addresses):
- Do you see both your regular public IP and the anycast IP in the list?
- ... Or do you see one or more local (192.168.x, 10.x, 172.16.x towards 172.31.x) IP addresses?
- ... ... or both?
- Are all your IP addresses attached towards same interface, or are there multiple interfaces, one holding each?
iptables -t mangle -A OUTPUT -m owner --uid-owner darkdevil -s 203.0.113.251 -j ACCEPT
iptables -t mangle -A OUTPUT -m owner --uid-owner darkdevil -j DROP
Should only allow the user "darkdevil" on the system to go outbound through 203.0.113.251, anything else will be dropped.
But that also means that the user "darkdevil" will be forced to run over the "anycast IP" to e.g. download new game updates from Steam, which might not be that optimal (or even work) after all.
The more complicated your provider's set up is, the more complicated your own local set up needs to be, in order to (eventually
) be able to make it work, ... if you're ever getting it to work at all.