[clug] A routing question

Chris u4123459 at anu.edu.au
Thu Apr 19 02:56:24 GMT 2007 

Hi David,

I think it is a good idea. A socks proxy might be a solution, can't use 
http proxy since the traffic isn't http.

I'll test your theory.

Chris

On 19/04/2007, at 9:44 AM, David Tulloh wrote:

> I've helped friends play this game before.  Our situation sounded 
> similar, we were in the residential colleges and all outgoing traffic 
> was charged (at over 30c/mb).  On the other hand the university gave 
> us free traffic and we had an open connection to the university.  By 
> playing bouncing games we were able to route through the university 
> cache or directly out to the internet.
>
> Assuming you don't have access to the routers I don't think that you 
> can do this using standard IP routing.  I think that the easiest way 
> to do it is to set up a proxy server on the middle computer, so it 
> does the external requests on your behalf.  A http proxy server is 
> fairly easy to find but if you want a lot of different ports you could 
> try playing with socks.  I'd also suggest some fairly strict blocking 
> rules to stop other people jumping through your proxy.
>
> If you want a specific site like a game server you can set up a tunnel 
> using ssh, the manual explains how to do it fairly well.
>
> A final warning, the ANU monitors traffic levels from all computers 
> and as soon as your traffic starts to go above the normal levels they 
> will pay you a visit.  They have all seen these tricks done many times 
> before.
>
>
> David
>
> Kim Holburn wrote:
>> It really depends on what sort of routers you have and how much you 
>> control them.
>>
>> The simplest way would probably be to remove the A to B link.  What 
>> do you need it for anyway?
>>
>> Make all the machines on subnet A use the router that handles A to 
>> C.  Tell the A to C router that subnet B traffic goes to the router 
>> handing C to B.  On subnet B tell the router that to find subnet A go 
>> the the router handing B to C.
>>
>>
>> On 2007/Apr/18, at 3:54 PM, Christopher Zhang wrote:
>>
>>> Hi list,
>>>
>>> Say if the connections from subnet A to B are throttled down, but 
>>> the connections from subnet A to C and from subnet B to C aren't. 
>>> The way the connections are throttled is by applying rules on the 
>>> default gateways of subnets A and B.
>>>
>>> Is there a way to speed up the connections from subnet A to B?
>>>
>>> The closest idea I can think of is to setup a gateway within subnet 
>>> A, let's call it D. Setup a host in subnet C, let's call it E, and 
>>> finally another gateway in subnet B, and call it F.
>>>
>>> The idea is to route all traffic from subnet A to C, then bounce it 
>>> off C to B. Since the connections from A to C and B to C are fast, 
>>> this effectively increases speed from A to B. So instead of using 
>>> the default gateways for subnet A and B, we can use our own new 
>>> gateway D, then somehow pipe all traffic to E, and then from E pipe 
>>> all traffic to our new gateway F in subnet B.
>>>
>>> The reason this increases the speed from subnet A to B is that the 
>>> connection is unthrottled from subnet A to C, and from subnet C to B.
>>>
>>> Eventually this is like a man in the middle setup, in subnet A, tell 
>>> all machines to use D as the default gateway. What D does is to 
>>> forward to the traffic to E, D still uses the real default gateway 
>>> for subnet A to do that however since this connection is to host E 
>>> in an unaffected subnet, the connection is fast. Then E forwards 
>>> whatever is forwarded to it to F, if we tell all computers to use F 
>>> in subnet B, the traffic will reach any host fin subnet B, without 
>>> any speed loss.
>>>
>>> It is easy to setup D as a gateway and route traffic through it, but 
>>> how can I tell D to route the traffic to E (in subnet C) and from E 
>>> route all traffic to F (in subnet B)? I cannot tell D to use E as 
>>> the default gateway since they are on different subnets. If I use 
>>> iptables to forward the traffic, the packet will lose the original 
>>> header which means the reverse won't come through.
>>>
>>> Maybe a tunnel needs to be setup, but I have no idea how to do that, 
>>> does anyone have better ideas?
>>>
>>> Thanks
>>>
>>> Chris
>>>
>>> --linux mailing list
>>> linux at lists.samba.org
>>> https://lists.samba.org/mailman/listinfo/linux
>>
>> --Kim Holburn
>> IT Network & Security Consultant
>> Ph: +39 06 855 4294  M: +39 3494957443
>> mailto:kim at holburn.net  aim://kimholburn
>> skype://kholburn - PGP Public Key on request
>>
>> Democracy imposed from without is the severest form of tyranny.
>>                           -- Lloyd Biggle, Jr. Analog, Apr 1961
>>
>>
>>
>> --linux mailing list
>> linux at lists.samba.org
>> https://lists.samba.org/mailman/listinfo/linux
>>
>

More information about the linux mailing list