1

I know you can use ssh to forward a local or remote port to another destination and port. So for example let's say I have this command:

ssh -L *:8443:10.0.0.1:443 [email protected]

So this allow to open a listening socket on the machine where the command is issued (let's say that its ip is 10.0.0.3) on port 8443. When some client connect to 10.0.0.3:8443 the packets flow through the ssh channel established between 10.0.0.3 and 10.0.0.2 then the ssh server on 10.0.0.2 forward the packets to the destination which is in this case 10.0.0.1:443.

I'm wondering if the server 10.0.0.2 can makes a permanent connection to 10.0.0.1:443 so that the connection 10.0.0.2:xxxxx -> 10.0.0.1:443 is opened once and never dropped. All the traffic coming from the clients connecting to 10.0.0.3:8443 should use this permanent channel.

So basically I don't want that when a new client connect to 10.0.0.3:8443 a new channel 10.0.0.2:xxxxx -> 10.0.0.1:443 is established. This prevent me from reusing the same session and invalidate a the request sent by another client after the first one.

Improve this question

1 Answer 1

Reset to default
1

One cannot do this with SSH. And such a generic approach would not be a good idea in the first place anyway.

TCP is a byte stream and not a message protocol. This means if multiple clients send messages in parallel, then the messages might be mixed up. The resulting data might start with the beginning of msgA from client A, continue with parts from msgB from client B, the continue with another part from msgA etc.

Thus, instead of a generic approach one would actually need a mixer which understands the specific application protocol spoken and would make sure that the message syntax in the merged data stream is preserved, no matter how the clients send the messages.

Note that this would be different with UDP since UDP is message based. But your use case seems to be TCP.

Improve this answer
2
  • Yes in my case the protocol is HTTP so TCP at the network level. Commented May 22, 2021 at 20:02
  • 1
    @Bemipefe: In this case you would need some mixer which can merge HTTP traffic and keep it as proper HTTP. Maybe haproxy can do what you need - see the chapter Keep-alive and server side connection pooling in this blog entry. Commented May 22, 2021 at 21:33

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.