Valve is opening its network forwarding infrastructure that reduces latency and protects DoS to all developers using its platform Steamworks.
A few years ago, large-scale denial-of-service attacks against game servers were making headlines and were becoming an extremely frustrating event in online games and e-sports. To protect its games, Valve has worked for several years on the development of a network infrastructure that makes the system more resilient against denial-of-service attacks and lower latency for startup and the company uses this system for both Dota 2 and CS: GO .
In 30 different locations around the world, Valve has established forwarders that route network traffic between clients and servers. These relay points provide DoS resiliency in several ways. They come with an aggregate of different bandwidth terabits, so they can handle a certain amount of flooding in any case. Games can also switch from one relay to the other without necessarily interrupting the connection. This switching can be performed on another relay in the same position or even on another completely presence point.
The forwarder also allows Valve to mask both the IP address of the game server and the IP addresses of the clients connected to the server. This prevents direct attacks against another person on the same server.
The Valve system also makes decisions on how to drive traffic. The company has a private network of backbones installed with over 2,500 ISPs worldwide, used for both Steam download and video game network traffic, and prioritizes network traffic over downloads. Clients can estimate latency between two endpoints via relays without having to send traffic between these endpoints, allowing customers to make decisions about which point of presence to use to ensure the best ping time. Valve says this has allowed about 43% of players to see a reduction in ping times, with 1
Furthermore, Valve manages STUN / TURN servers, which provide a reliable way for machines behind firewalls and network address translation systems to send and receive network traffic.
This relaying system is now available for any developer who builds a game using Valve's Steamworks toolkit. The underlying network protocol, without relaying, has been available as open source for some time. As with many custom network protocols (such as the upcoming HTTP / 3), this is based on the light, unreliable UDP (User Datagram Protocol) rather than on the more complex but reliable TCP (Transmission Control Protocol), with reliability features custom integrated top of the UDP level. The protocol is encrypted and handles many of the various tasks required to build a reliable transmission over UDP, making it useful even without the Steamworks retransmission features.
As a fan of  Dota 2 I can report that the work of Valve's network seems to have done the job admirably. For a time, attacks were a common feature of the professional scene, with many pro games interrupted as both players and servers were flooded with traffic. These same attacks seem to have completely disappeared.