Today, I learned that people used to use a program called Hamachi by LogMeIn Inc to remotely play multiplayer games as if on the same LAN. I had never needed to do this before, since my friends growing up have always had someone who was willing to forward a port. Unfortunately, today, the server software for the Minecraft modpack we were playing with didn't run properly, so I had to attempt to set up Hamachi on my computer. When installing, I got enough popups about system extensions being blocked that I thought it would be trouble trying to install it. After some quick googling, I learned that Hamachi doesn't work on any versions of macOS that run on Apple Silicon. Unfortunately, I don't have any other computers that have adequate horsepower to run the game, and not wanting to resort to a VM, I decided to make a Raspberry Pi 4 run Hamachi and port forward the server address to port 8000.
When reading about this, I learned that they do build a version for ARM Linux, so I assumed it was possible in theory. danielef on github has a gist called hamachi.sh that showed up in the Google results when I searched for how to install Hamachi on Ubuntu. Even though I am using Raspbian, Ubuntu is the most popular distro to my knowledge and I usually have good results when adding it as a keyword to a search looking for command line configuration.
I got the following excerpt from the gist:
sudo dpkg --add-architecture armhf
sudo apt-get update
sudo apt-get install libc6:armhf
sudo ln -s /lib/ld-linux-armhf.so.3 /lib/ld-linux.so.3
sudo apt-get install libstdc++6:armhf
sudo wget https://www.vpn.net/installers/logmein-hamachi_2.1.0.203-1_armhf.deb
sudo dpkg -i logmein-hamachi_2.1.0.203-1_armhf.deb
sudo hamachi login
sudo hamachi attach-net [email protected]
I noticed that the Hamachi download link for Linux on ARM is marked as beta and any references to installing it on Pis are about 3 years old, so after the fact, I looked to see how long there's been an ARM build. It appears that there's a lifehacker article published over 11 years ago, specifically talking about installing Hamachi on a Raspberry Pi. I think LogMeIn decided to build a version for RPI and then just not warranty it because they don't want to deal with it. The program is antiquated enough that I doubt many businesses actually use it over more modern options like whatever service Cloudflare provides or just doing the basic task of hosting a site-to-site VPN.
I replaced the installer with whatever the latest armhf URL is at https://www.vpn.net/linux then after some fiddling, Hamachi finally linked to my account. I think the trick is to request connection to your account, log out, then log back in. Then I just joined the LAN with network name and password.
Next, I had to forward the Minecraft server so that I could access it from my Mac.
I checked the peers on the network:
sudo hamachi list
* [network_name] capacity: X/5, subscription type: Free, owner: XXXXXXX (XXX-XXX-XXX)
[...]
I read that Hamachi chooses to allocate peer IP addresses to public address space, placing peers over addresses reserved for the British military because the addresses reserved on that IP range supposedly aren't exposed to the public.
Knowing the IP address for the server, I looked up port forwarding on Debian and found this article on Stack Exchange AKA serverfault.com
The reply lists a bunch of iptables rules and I just substituted the IP addresses given with my own. This didn't work. To troubleshoot, I installed tcpdump and glanced at an article from opensource.com to troubleshoot where the packets were getting lost.
sudo tcpdump -D
sudo tcpdump --interface ham0
In this process, I found that packets from MYMAC.local were getting received on my friend's LAN game. However, no packets were getting forwarded back.
Checking back on the Stack Exchange post, the following was in the replies to that accepted answer:
An easier SNAT approach for the traffic back (which also works for additional DNAT) would be
iptables -t nat -A POSTROUTING -j MASQUERADE–Claudio Kuenzler | Jun 14, 2023 at 5:45
I wasn't sure what to do next but guessed that the MASQUERADE option sounded something along the lines of what I was trying to do. My final config script was the following:
#!/bin/sh
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -A PREROUTING -p tcp --dport 8000 -j DNAT --to-destination 25.XX.XXX.XXX:xxxxx
iptables -t nat -A POSTROUTING -j MASQUERADE
Putting my Pi's hostname: hamachi.local:8000 into Minecraft just magically showed replies when pinging the server. Despite the fact that my Mac was on Wi-Fi and all packets were getting forwarded through a Pi into a P2P connection, I was averaging ping times in game that were basically unnoticeable. I didn't actually do any benchmarking, but my client showed ≈84ms when I logged off.