Something like a Minecraft server that would typically require me to open a port to allow connection. Please feel free to go into depth too, I find VPNs confusing and would like to learn more. Is LogMeIn hosting these VPNs around the world that me and my friends are connected to and then the server is technically being hosted at my computer then proxied to that network? How does my computer connect to that proxy then if thats the case?
VPN is Virtual Private Network. Join a VPN makes the machine part of the network. It will not make your server public available, but accessible within the VPN. Anyone inside the VPN can access.
The server is hosted on your computer.
If you want to play Minecraft with your friends, you need to open a hole in your firewall that says anyone who comes sending information to Minecraft specifically is cool and should be let through - information like chat messages and player positions and blocks.
When you install Hamachi, you open a hole in your firewall that also allows the same kind of communication, but to Hamachi only. Hamachi then passes it to Minecraft.
VPNs in general work the same way. When you send out a request for a blocked website, some filter (your firewall, isp) will stop the request somewhere along the line, because the filter’s blacklist contains that website. That filter doesn’t blacklist a VPN server’s address, though, so you can send a request to the VPN server instead, have the VPN server retrieve the website’s information on your behalf, and send it to you.
so it’s just an intermediate network that all the traffic gets routed through?
maybe this varies based on the provider, but does this mean that all of my friends and I are connected to the same physical vpn server? If not (since we all are assigned unique vpn ips) how does that private network get established?
Does the vpn just use a port thats already open then? Why do I need to manually open the port for minecraft, but a vpn doesnt require me to configure a port to reach the server? If it’s using a port that already open like 443, what’s stopping me from unbinding the port from current services and assigning minecraft to 443 for my friends to connect to?
intermediate, yes, pretty much. You can join and quit easily. it does not need to be the same physical VPN server. Usually big company will have many servers to manage the large VPN. The key part, for you, as a user is that the ip of your machine and your friends are on the same subnet. When you are all on the VPN, then try use ipconfig (or ifconfig if linux) to check the IP. I believe you will see why.
The establish of VPN, is very complex. Usually it uses a secured tunnel. All your traffice goes to the server packed in a package. And it forward it to other server and to other machines on the VPN.
Sorry I’m not good at writing articles. You may need find some lengthy articles online for this topic.
Just to clarify. Hamachi has a VPN server they are running elsewhere. When you install Hamachi, you are installing a VPN client. In the VPN scenario YOU are initiating the connection to the VPN server (outbound). It is solicited network traffic so to speak. You opened a session with the VPN server. So any traffic between you and the VPN server is allowed because you reached out and established the connection.
Port forwarding is really for the opposite. It is for unsolicited, inbound connections. Meaning some random person on the internet tried to send a request to your public ip address on port 25565. How do you know whether to trust them and let the traffic through? Well port forwarding basically just says ‘its ok’, let the port 25565 traffic into my network and pass it to the minecraft server.
So in reality it is kind of about who initiated the connection. Obviously this is a bit of an over simplification, but hopefully you get the point.
It is due to convention. If you check the IANA documentation, Minecraft should use port 25565.
You need to open ports for Minecraft specifically because usually you aren’t the one hosting the server, so 25565 sees no use and is closed. Leaving ports open willy nilly is dangerous, since anyone can spam 65536 pings to all port ranges and find out which ones are open based on the response they get.
When you write code, you will specify the port your code wishes to communicate with on the other end. For example, if I want to get a webpage, I will send requests to port 443 on the web server. This is because it is internationally understood that port 443 is for HTTPS.
Similarly, it is internationally understood that port 25565 is for Minecraft. If you were to change it to port 443, your will have to inform your friends that they should make Minecraft connection requests to port 443 as well. Otherwise, your firewall will block it, because no application on your computer is listening to 25565 anymore.
Then you will run into a massive problem: other applications on your computer really want to listen to port 443 too, because that’s the conventional port for HTTPS communication . Unfortunately, your Minecraft server is hogging the port. A lot of your other applications will break, because their programmers told it to use 443.
You will have to change all affected applications to use other ports as well, as well as call the application developer or host and tell them that you want their communication to you to now use a different port, and to make an exception in their code for you only. But you absolutely can unbind 443 provided you know what services you won’t need for that time being.
Therefore you can see that it is better if everyone sticks to their assigned convention, and nobody tried anything funny. I believe Hamachi has its own conventional port as well, and it actually DOES open a port for you to get to the VPN server, by the way. You agreed to it, after all, when you clicked agree on the pop up the installer.exe gave you. A side note, this is also why it’s dangerous to install random apps.
I think Hamachi opens 12975 and 32976. Ports 0-1023 are in general considered ‘don’t touch this please’ ports, so if you use another open port up to 65535, your Minecraft server should still work with a lower risk of meddling with other apps. Of course, you still need to tell your friends and your local settings about the new port agreement.
Ah I see this clarifies so much. The reason I asked about using an already opened port like 443 was that my landlord doesn’t allow me access to the router to port-forward. So was looking for ways around it. But then that got me wondering how Hamachi can get through but minecraft can’t. The other comment helped clarify that too for me. thanks a bunch