I am currently in the process of setting up a private SMP server for some of my friends and me to play on. I've fully configured the server and setup the properties file the way I want, and run some tests over my LAN to make sure everything worked smoothly. Now, I am ready to host the server, but here I grow concerned over a number of things, primarily, what is the best way to host the server?
I've looked into using Hamachi, but unfortunately, the host machine does not have the capability to run Hamachi as well as the server, as I had to allocate most of its RAM to the server to ensure it runs smoothly. So now, I am at a loss as to what is the most secure option for hosting my server:
I've looked into numerous options, including port forwarding, static NAT mapping, and even DMZ hosting. Unfortunately, hours of Googling these yielded little. So here are my inquiries:
- Ideally, I'd like to use a VPN, but as mentioned, Hamachi has been ruled out. What would be some other (decent) options for VPN freeware? Also, would a P2P VPN work, or does it need to be a mesh VPN? (I place utmost stress on freeware; paying for a VPN service is something that I absolutely am unable to do.)
- Currently, my router has dynamic NAT enabled. What are the security drawbacks of using static NAT mapping to map the server's internal IP with one external IP? Additionally, would users outside the LAN be able to connect to the server if I didn't use static NAT mapping?
- Security-wise, what drawbacks are there if I was to enable port-forwarding for the server? (Also, some links to some guides on how to set up the server by port-forwarding would be nice)
- Is it even recommended that I go the way of DMZ hosting? This one is the biggest gray area for me, as I have a bunch of other questions about DMZ hosts:
* If I set up a the server as a DMZ host in my LAN (keep in mind this is not a true DMZ, as it's on a home broadband network), what security precautions should be taken to ensure this DMZ host stays separate from the rest of the computers?
* What would be the best way to isolate the DMZ host from the rest of the LAN?
- Should there be any other options, please, by all means, post them.
I thank you all in advance for your answers and advice.
just portforward, all your other questions are void. Also if you dont have enough ram free for hamachi then you are giving mc too much memory and the os too little. Hamachi will take little to no memory. And if you mean cpu just a nice tip, any cpu pentium 4 and up can run mc server well