coderrr / tunnel_splitter

tunnel tcp connection over multiple tcp connections

This URL has Read+Write access

name age
history
message
file .gitignore Sat Apr 18 22:08:05 -0700 2009 rearch to use persistent tunnels and command pr... [coderrr]
file README.markdown Loading commit data...
file ROUTING Mon Apr 27 21:49:52 -0700 2009 experimental buffering strategy ala nagle [coderrr]
file Rakefile Tue Mar 24 01:10:09 -0700 2009 rakefile for tests [coderrr]
file TODO
directory lib/
directory shorewall_config/ Thu Jun 25 10:26:42 -0700 2009 added example shorewall config files [coderrr]
directory test/
file ts_client.rb Thu Jun 25 10:15:59 -0700 2009 fix resetting of connections; add swallow pings... [coderrr]
file ts_forwarder.rb Sat Mar 14 10:31:19 -0700 2009 wrapped cmds with EM.run [coderrr]
file ts_server.rb Sat Jun 13 17:44:36 -0700 2009 only auto pong if setting is enabled [coderrr]
README.markdown

Tunnel Splitter

Tunnel splitter is a client/server which allows you to split a single TCP connection over multiple TCP connections. More specifically, it opens a group of tunneling connections, then round robins (not exactly) your packets through them.

What's it good for? I'm not exactly sure yet, but here's a few possibilities:

  • Using tunnel splitter to tunnel to a SOCKS proxy allows you to:
    • Get past ISP imposed per connection TCP caps (ala download accelerators, except for any type of TCP connection)
    • Make your connections harder to detect/fingerprint by dragnet snooping operations by
      • Having each tunnel going through different backbone networks and
      • Each TCP connection will only contain 1/Nth of your information
    • Fight for bandwidth on a shared network by having more connections than your peers (hehe yes that's evil)
    • Transparently pool multiple internet connections into a single faster connection (mutlihoming)

Usage

Client:

ts_client <listen_address:port> <ts_server_address:port>[:bind_addr[:bind_port]][~N] [ <ts_server_address:port>[:bind_addr[:bind_port]][~N] ... ]
  ~N - create N duplicate tunnels for this specific server address

Server:

ts_server <listen_address:port> <tunnel_to_address:port>

Forwarder:

ts_forwarder <listen_address:port> <forward_to_address:port>

Examples

Split Tunneling For Connection Acceleration

In this example we use tunnel splitter to get around ISP imposed per connection caps and/or throttling. This is similar to "download acceleration" but can work with any type of TCP connection. When making the endpoint a SOCKS server this can transparently accelerate any internet application which supports SOCKS proxying.

       LOCAL HOST                                              REMOTE HOST 

                               +---------------------+
                              /                       \
(SOCKS client) -> (ts_client)  ------------------------ > (ts_server) -> (SOCKS server)
                              \                       /
                               +---------------------+
  • 'SOCKS client' could be Firefox, Skype, SSH, or any other application which either lets you set a SOCKS proxy or can be socksified with a socksification utility

LOCAL HOST:

ts_client 127.0.0.1:20000 remote.host.com:20000~3  ( 3 tunnels )

REMOTE HOST:

ts_server 0.0.0.0:20000 127.0.0.1:5000  (SOCKS server running on port 5000)

Split Tunneling Over Multiple Routes (Hosts)

This example is similar to the above except that instead of directly connecting to the destination host we forward our tunnels through any number of different remote hosts. This means that snooping of any single tunnel will only provide 1/Nth of your actual connection.

     LOCAL HOST              FORWARDING HOSTS             REMOTE HOST 

                         +--> (ts_forwarder) --+
                        /                       \
(client) -> (ts_client)  ---> (ts_forwarder) ---- > (ts_server) -> (server)
                        \                       /
                         +--> (ts_forwarder) --+

LOCAL HOST:

ts_client 127.0.0.1:20000 first.forwarder.com:20000 second.forwarder.com:20000 third.forwarder.com:20000

ON EACH FORWARDING HOST:

ts_forwarder 0.0.0.0:20000 remote.host.com:20000

REMOTE HOST:

ts_server 0.0.0.0:20000 127.0.0.1:5000
  • Note, the ports that need to match here are:
    • The last argument to ts_forwarder and the first argument to ts_server
    • The 2nd+ arguments to ts_client and the first argument to ts_forwarder

Multihoming

This example requires you have multiple internet connections. Each one must be setup on your local machine as a different interface and have its own IP. When using this setup tunneling to a SOCKS proxy your bandwidth will be increased to the sum of all your ISPs' throughput, and only limited by the throughput of the remote host.

        LOCAL HOST                                          REMOTE HOST 

                                +--> (ISP1) ---+
                               /                \
(SOCKS client) -> (ts_client)  ---> (ISP2) ------ > (ts_server) -> (SOCKS server)
                               \                /
                                +--> (ISP3) ---+

Assume your local interfaces are setup as such, each one using a different internet connection:

  • eth0 192.168.1.5 (ISP1)
  • eth1 192.168.16.10 (ISP2)
  • eth2 192.168.17.8 (ISP3)

LOCAL HOST:

ts_client localhost:5000 remote.host.com:6000:192.168.1.5 remote.host.com:6000:192.168.16.10 remote.host.com:6000:192.168.17.8

REMOTE HOST:

ts_server 0.0.0.0:6000 localhost:5000  (SOCKS server running on port 5000)