coderrr / tunnel_splitter

tunnel tcp connection over multiple tcp connections

This URL has Read+Write access

ping both ways rather than deal with stale acks; simpler and less code
steve (author)
Thu Oct 29 13:14:23 -0700 2009
commit  60ee7f81163f79560686ea3067944fff346f8ae9
tree    a01d21348cd2e88782dc0fc5b68ebeefab403cc9
parent  18126f54c9a6274b15b29508b2c3de717e55b30d
name age
history
message
file .gitignore Sat Apr 18 22:08:05 -0700 2009 rearch to use persistent tunnels and command pr... [coderrr]
file README.markdown Loading commit data...
file ROUTING Mon Apr 27 21:49:52 -0700 2009 experimental buffering strategy ala nagle [coderrr]
file Rakefile Tue Mar 24 01:10:09 -0700 2009 rakefile for tests [coderrr]
file TODO
file eventmachine-0.12.9-pause.gem Tue Jul 28 13:01:12 -0700 2009 added em gem w pause/resume support [coderrr]
directory lib/
directory shorewall_config/ Thu Jun 25 10:26:42 -0700 2009 added example shorewall config files [coderrr]
directory test/ Wed Aug 05 09:56:39 -0700 2009 join small packets and split big ones into max_... [coderrr]
file ts_client.rb Thu Jun 25 10:15:59 -0700 2009 fix resetting of connections; add swallow pings... [coderrr]
file ts_forwarder.rb Sat Mar 14 10:31:19 -0700 2009 wrapped cmds with EM.run [coderrr]
file ts_server.rb Sat Jun 13 17:44:36 -0700 2009 only auto pong if setting is enabled [coderrr]
README.markdown

Tunnel Splitter

Tunnel splitter is a client/server which allows you to split a single TCP connection over multiple TCP connections. More specifically, it opens a group of tunneling connections, then round robins (not exactly) your packets through them.

What's it good for? I'm not exactly sure yet, but here's a few possibilities:

  • Using tunnel splitter to tunnel to a SOCKS proxy allows you to:
    • Get past ISP imposed per connection TCP caps (ala download accelerators, except for any type of TCP connection)
    • Make your connections harder to detect/fingerprint by dragnet snooping operations by
      • Having each tunnel going through different backbone networks and
      • Each TCP connection will only contain 1/Nth of your information
    • Fight for bandwidth on a shared network by having more connections than your peers (hehe yes that's evil)
    • Transparently pool multiple internet connections into a single faster connection (mutlihoming)

Usage

Client:

ts_client <listen_address:port> <ts_server_address:port>[:bind_dev[:bind_port]][~N] [ <ts_server_address:port>[:bind_dev[:bind_port]][~N] ... ]
  ~N - create N duplicate tunnels for this specific server address

Server:

ts_server <listen_address:port> <tunnel_to_address:port>

Forwarder:

ts_forwarder <listen_address:port> <forward_to_address:port>

Examples

Split Tunneling For Connection Acceleration

In this example we use tunnel splitter to get around ISP imposed per connection caps and/or throttling. This is similar to "download acceleration" but can work with any type of TCP connection. When making the endpoint a SOCKS server this can transparently accelerate any internet application which supports SOCKS proxying.

       LOCAL HOST                                              REMOTE HOST 

                               +---------------------+
                              /                       \
(SOCKS client) -> (ts_client)  ------------------------ > (ts_server) -> (SOCKS server)
                              \                       /
                               +---------------------+
  • 'SOCKS client' could be Firefox, Skype, SSH, or any other application which either lets you set a SOCKS proxy or can be socksified with a socksification utility

LOCAL HOST:

ts_client 127.0.0.1:20000 remote.host.com:20000~3  ( 3 tunnels )

REMOTE HOST:

ts_server 0.0.0.0:20000 127.0.0.1:5000  (SOCKS server running on port 5000)

Split Tunneling Over Multiple Routes (Hosts)

This example is similar to the above except that instead of directly connecting to the destination host we forward our tunnels through any number of different remote hosts. This means that snooping of any single tunnel will only provide 1/Nth of your actual connection.

     LOCAL HOST              FORWARDING HOSTS             REMOTE HOST 

                         +--> (ts_forwarder) --+
                        /                       \
(client) -> (ts_client)  ---> (ts_forwarder) ---- > (ts_server) -> (server)
                        \                       /
                         +--> (ts_forwarder) --+

LOCAL HOST:

ts_client 127.0.0.1:20000 first.forwarder.com:20000 second.forwarder.com:20000 third.forwarder.com:20000

ON EACH FORWARDING HOST:

ts_forwarder 0.0.0.0:20000 remote.host.com:20000

REMOTE HOST:

ts_server 0.0.0.0:20000 127.0.0.1:5000
  • Note, the ports that need to match here are:
    • The last argument to ts_forwarder and the first argument to ts_server
    • The 2nd+ arguments to ts_client and the first argument to ts_forwarder

Multihoming

This example requires you have multiple internet connections. Each one must be setup on your local machine as a different interface and have its own IP. When using this setup tunneling to a SOCKS proxy your bandwidth will be increased to the sum of all your ISPs' throughput, and only limited by the throughput of the remote host.

        LOCAL HOST                                          REMOTE HOST 

                                +--> (ISP1) ---+
                               /                \
(SOCKS client) -> (ts_client)  ---> (ISP2) ------ > (ts_server) -> (SOCKS server)
                               \                /
                                +--> (ISP3) ---+

Assume your local interfaces are setup as such, each one using a different internet connection:

  • eth0 192.168.1.5 (ISP1)
  • eth1 192.168.16.10 (ISP2)
  • eth2 192.168.17.8 (ISP3)

LOCAL HOST:

ts_client localhost:5000 remote.host.com:6000:eth0 remote.host.com:6000:eth1 remote.host.com:6000:eth2

REMOTE HOST:

ts_server 0.0.0.0:6000 localhost:5000  (SOCKS server running on port 5000)