View Single Post
Old 11-30-2007, 11:04 AM   #2
Flagship's Avatar
Join Date: May 2005
Location: Some insignifcant planet.
Posts: 8,054

Version 3.0.x now uses UDP and TCP in order to communicate with the server and the new synchronization system.

Every major firewall / router on the market these days (LinkSys, Netgear, Cisco, etc) supports a security feature called SPI (Stateful Packet Inspection), or a variation of it, that will protect your internal network from the criminals and hackers of the world without being intrusive about what software you can use on your internal network in order to properly communicate with machines on the outside (global internet).

This is accomplished by letting an application on the internal network send requests to any machine on the outside network either via UDP or TCP and any replies from that specific IP/Port will be allowed to come back into the local network and routed to specific machine that sent the initial request. Using this type of system prevents any errant or malicious inbound UDP/TCP packets from making it into the local LAN because the router was not tracking any initial request to the source of the incoming packet from the internal network. Consequently the router will simply discard all malicious traffic.

If you are using an SPI based router then you should not be having any problems what so ever unless you have turned on some kind of option that tells your router to block all inbound traffic except for certain ports like HTTP, POP3, SMTP, FTP, etc. The Ventrilo software was developed behind an SPI router and tested by many people using different types of SPI based routers.

However, as it has been discovered that some network administrators have locked down their networks to either block all outbound UDP traffic or all inbound UDP traffic except for explicitly opened ports. This sledgehammer, and manual labor intensive, style of network administration creates all kinds of problems in a modern internet based world. It also creates more work for the administrators then they should have to worry about, nor is it bullet proof as these admins tend to allow unrestricted outbound TCP requests thus negating the security measures they were trying to enforce.

Despite the fact that this is not the best way to admin a network it does happen, especially on college campuses. In these cases specific ports must be open in order for Ventrilo 3.0 to function properly.

Ventrilo clients must be able to communicate with the Ventrilo servers via UDP and TCP. UDP is used to check to see if the server is there before trying to establish a TCP connection, in addition to some new features that will be available in future versions. This requires that the UDP port for the specific server be open for sending requests to it and receiving replies from it. This port will vary from one Ventrilo server to the next since [URL=""]licensed hosting companies[/URL] will have multiple servers running on the same IP address. Then again, if your network admins were to use an SPI based firewall then this would not be an issue.

If your client is displaying “MSG: Contacting” then your network is either blocking the UDP port that the requested server is listening on, or the server has not been upgraded to 3.0 yet as mentioned in the first post of this thread.

Ventrilo also uses port 6100 to verify the authenticity of the server and must be open for UDP based communication. Again, if your network admins were to use an SPI based firewall then this would not be an issue.

If your client is displaying “MSG: Synchronizing” then your network is either blocking port 6100 outbound UDP requests or possibly blocking all inbound UDP traffic even if the replies are legitimate.

In both of these cases you would only need to contact your network administrator and direct them to this thread or just tell them to open the UDP and TCP port for the Ventrilo server you wish to connect to and UDP port 6100. Problem solved.

For those of you who play internet based games like WoW, BF2, UT, CS, Quake, etc from college campuses then you should already be familiar with making requests like this to your network administrators who block all inbound UDP traffic since every major game on the market uses UDP.
Flagship Industries, Inc.

Last edited by Flagship; 11-30-2007 at 11:11 AM.
Flagship is offline