Press "Enter" to skip to content

Month: October 2011

Networking tricks

Networking

Recently, a French friend of mine, Mr C, was visiting Italy. He wanted to watch a streaming video on a French media website, say www.media.fr. The problem was that this website blocks accesses from outside France due to capitalistic reasons. So Mr C asked if he can use a sort of proxy based in France and accessible from Italy in order to watch his video. We have thus two constraints: throughput and location. This post is devoted to the quick description of two possible solutions using some knowledge in IPv4 TCP/IP networking.

IP level solution : Virtual Private Network. This is the best solution in principle, since it solves the problem at the IP level, for all services, not only for the web. For this solution, Mr C needs a machine in France, say machine.domain.fr, connected to the Internet, with a high capacity in upstream and downstream (this excludes machines connected with commercial ADSL due to the limited upstream). On machine.domain.fr, Mr C may install for instance as root the free software OpenVPN (this is quite easy on Debian GNU/Linux for instance). Mr C can then connect his laptop in Italy to this Virtual Private Network (VPN). The main problem for this solution is to find such a machine. Most machines in academic networks are protected by a firewall, blocking arbitrary connections from outside the academic network. Of course, one can break the firewall using SSH, but this complicates things and produces an ugly solution. Mr C is lucky if his university provides a VPN service. Some universities do. Mine does not. The Mathrice VPN (CNRS) allows connection on MathSciNet for instance but it seems that it does not allow connections on video streaming sites! (test by yourself).

Application level solution : SOCKS server over SSH. This is the simplest solution. Suppose that Mr C has access to an OpenSSH server located in his French University, say ssh.uni.fr. From his laptop in Italy, Mr C can connect to this server, say using the command ssh -D 6666 ssh.uni.fr. It remains for him to configure his favorite web browser(1) to use a SOCKS proxy with IP 127.0.0.1 and port 6666. One may replace 6666 by any number in [1024,65535]. This solution at the application level works very well for all applications able to use the SOCKS v5 protocol. For other applications, one can use a sockifing wrapper. Of course, this solution will not work if the server ssh.uni.fr blocks the SOCKS feature of the SSH server (test by yourself).

(1) for Firefox: Edit/Preferences/Advanced/Network/Parameters/SOCKS_Host (not HTTP_Proxy).

Note. It is also possible to use other proxies available on the Internet, either generic purpose proxies or specific proxies dedicated to video streams. Some of them are free. Personally, I prefer the solutions above since they do not involve untrusted third parties.

IPv6. Both solutions can be adapted to IPv6 (exercise!).

2 Comments
Syntax · Style · .