Geek Answers Handbook

Forward TCP Connection

I have something like a proxy server (written in java) working between my clients and the actual video server (made in C ++). All sent clients go through this proxy server and then are redirected to the server.

It works fine, but I have some problems and I think it would be better if I could make this proxy server only to listen for client requests, and then somehow tell the server that the request was made from the client side, and that it is supposed to create a connection with the client directly.

Basically at the TCP level, what I want to do is something like this:

1- whenever a client sends a SYN to my proxy, the proxy just sends a message to the real server telling the ip and port of the client.

2- Then the server will send the appropriate SYN-ACK to the specified client, creating a direct connection between the client and the server.

Then, the proxy server should simply forward the initial requests (but no later data transfer) to the actual server. I just don't know if this is possible.

Many thanks

Nelson R. Perez

+6
java c ++ tcp connection
source share
3 answers

You do not have TCP handshake control in your user environment. This is what firewalls / routers do, but it all happens in the kernel. Take a look at the firewall software for your platform - you don’t even need to encode anything.

+1
source share

This is very similar to how some games (and Fog Creek CoPilot) do it, but this requires support both on the server and on the client. Basically, the proxy server should tell the client and server to β€œtry to communicate directly with this ip and this port,” and if they cannot pass through (since one or both are behind NAT or the firewall), they return to the move through the proxy.

I found this nice description of "peer to peer tcp hole punching" at http://www.brynosaurus.com/pub/net/p2pnat/

+2
source share

Proxy and server live on the same machine? If so, you can transfer the connection to the server using Socket Transfer or File Descriptor Passing. Here you can find examples here.

http://www.wsinnovations.com/softeng/articles/uds.html

If they are located on different computers, it is not possible to transfer the connection to the server. However, you can proxy IP packets to the server using VIP (Virtual IP). This is below the socket, so you need to use a link level interface like DLPI .

+2
source share

More articles:


All Articles