Port number used by server when using dynamic port forwarding in SSH?
Common practice is to use the Dynamic port forwarding feature of SSH to make a secure connection while browsing the web, i.e.
ssh -D 1234 me@some_server where "me" is my user login ID and "some_server" is a trusted server somewhere that is running SSHD. If I configure my web-browser to use a socks proxy with the socks host set to "localhost" (or 127.0.0.1) and port set to 1234, I can browse the web and the web servers will think the traffic is to/from server "some-server" rather than my local computer. Not to mention that the connection between my local computer and "some_server" will now be encrypted. But what port number is the server "some_server" using for communication to/from the other web servers on the internet? I know the connection between my local computer and "some_server" is using port 22 (standard SSH port), but what port is "some_server" using to request/receive internet traffic? I know typical HTTP servers listen on port 80. And I believe the web-clients use the ephemeral/dynamic ports (ports 49152 to 65535). I'm a little unclear on which ports are used to/from web-server and "some_server." Any help people could offer to clear this up fro me would be greatly appreciated! -Keith |
just about all client connections use ephemeral ports, if that's what you mean. This is something that the operating system handles, so will happen to all tcp/ip connections unless instructed otherwise (e.g. ntp which is on udp/123 on both ends)
Also note the ephemeral port range varies a lot, there is no fixed range. |
What seems odd to me is that a web-browser running directly on "some_server" is unable to connect to the internet, yet a web-browser running on my local PC configured to use SSH and socks proxy through "some_server" has no problem reaching the internet. I know "some_server" sits behind a firewall and that many ports are blocked, so I'm not surprised that the web-client on "some_server" wouldn't work. But I am surprised that SSH tunneling from my PC to "some_server" does work. I can browse the web from my PC and I've confirmed that the web sees the IP address of "some_server" rather than my local PC.
Is it possible that "some_server" would use port 22 to request/receive internet traffic when my local PC is configured for SSH tunneling? -Keith |
from what you've described, it sounds like you must be missing something simple. using a server for socks proxying, the server IS going to the remote site, there's no difference in the network traffic. A TCP/IP connection will use a local ephemeral port and a specific remote port, 80 or 443, whichever way round you try it. A better comparison would probably be to use curl on the proxy machine to grab a site, that should work if the ssh route does.
|
Problem fixed. Turns out that the server's network settings for DNS were configured wrong. I'm guessing the fact that SSH tunneling worked is a red-herring and that DNS lookup using SSH tunneling must be done on the client-side rather than server-side, and that's why the server was still able to properly request/receive internet traffic.
-Keith |
All times are GMT -5. The time now is 05:54 PM. |