Steamworks - New networking APIs for developers/Access to the Valve network - Better security, improved connectivity, lower latency and open source.
For the past few years we have been
working on improving the quality of multiplayer experiences in DotA and CS:GO by relaying the traffic and carrying it on our network backbone. This protects our gameservers from denial-of-service attacks and gives players all over the world a lower-latency, higher-quality connection.
Today we are releasing
APIs that make this service available to all Steam partners. This gives you:
- Access to our network, giving your players protection from attack, 100% reliable NAT traversal, and improved connectivity.
- Tools for instantly estimating the ping between two arbitrary hosts without sending any packets.
- A high quality end-to-end encrypted reliable-over-UDP protocol.
These updates are available as part of the Steamworks SDK v1.44 release,
available now.
Access to the Valve network
Valve has relays deployed in 30 network points-of-presence worldwide and several terabits of edge bandwidth. Using these APIs, you can take advantage of this infrastructure. Relaying your game traffic over our network gives you several benefits.
First, relaying traffic anonymizes it, protecting both gameservers and clients from denial-of-service attacks. Furthermore, because routing decisions are made dynamically by the client, if a relay becomes unavailable, clients can switch to a different relay within seconds, perhaps at a different point-of-presence if necessary. For an attacker to disrupt gameplay, they must mount an attack large enough to overwhelm multiple data centers.
Second, clients can select a route that gets off of the public Internet and onto our dedicated links as early as possible. On our backbone we can ensure that the routing is optimal, since we have peered with over 2,500 ISPs. We also prioritize the latency-sensitive game traffic over HTTP content downloads, which we can afford to do because game traffic makes up a relatively small percentage of our overall bandwidth utilization. And on our backbone, a sudden surge of traffic unrelated to gaming won’t degrade the experience.
Finally, by relaying the traffic in software, we can often improve the ping time!
How can a relayed route be faster than a direct route? The Internet is a packet-switched network; there is no such thing as a “direct” route. When a packet is sent “directly” to the remote host's IP address, it takes the route determined by standard IP routing protocols. This route is often not optimal! Our protocol puts the client in charge of routing decisions. The client considers each relay point-of-presence, and determines the end-to-end latency along this route. It then selects the route with the lowest latency.
Giving clients their choice of route makes a difference surprisingly often. Based on a sample of 16M connections from unique client IP addresses to dedicated servers in our data centers:
- 43% of players experienced an improvement in their ping time.
- 25% of players experienced an improvement of 10ms or more
- 10% of players experienced an improvement of 40ms or more.
The amount of improvement varies considerably by region. Here is a breakdown by region.
Ping estimation tools
The
ISteamNetworkingUtils API includes tools for estimating pings, powered by the relay network. By measuring the ping times to many different relays, we generate “coordinates” that describe the location of the host on the Internet. Given any two such sets of coordinates, we can generate a high-quality estimate for the ping time between two arbitrary hosts, without sending any packets. This is an extremely useful feature for matchmaking and peer selection.
Open-Source end-to-end protocol
In addition to the features powered by Valve’s relay network and backbone that Steam partners can access, the SteamnetworkingSockets API is also a general-purpose transport library for games, with the following features:
Fragmentation, reassembly, and retransmission. In your code you send and receive “messages”, which can be smaller or larger than a network packet. The protocol combines multiple small messages into a single packet for efficiency, fragments large messages into multiple packets, reassembles them on the receiving side, and retransmits segments of reliable messages that are dropped due to packet loss.
Encryption and authentication. Security is not an optional afterthought for a modern networked game; a vulnerability can destroy the experience for your players. Doing crypto properly is really hard. We took state-of-the art standards for reliable streams and applied them to the unreliable messages used by games. Out-of-the box, the encryption will protect against casual eavesdropping. To protect against a man-in-the-middle attack requires a trusted third party to issue certificates or distribute a shared secret. Steam does this for Steam games; in order for an attacker to eavesdrop or modify packets, they must be inside the game process, where VAC can detect them.
These basic features are also available in an
open-source version[github.com] of this API. We want developers to take full advantage of the other benefits this API provides, and they cannot do that without the confidence that comes from having access to the source code for free.
More to come
This is the first of a series of updates aimed at improving the networked gaming experience for Steam partners. Specifically, while this update has primarily improved peer-to-peer networking, we're also working on making the solutions we have developed for our own dedicated servers available to partners. Let us know if you have any questions, and check out our plans for the future of the open-source project on github.