SockMux is a newly developed tunneling protocol for inter-DeleGate
communication with the following merits:
Symmetricity
ports are connected and relayed for both direction over the tunnel,
independently of the direction of tunnel establishment between DeleGate servers,
This feature is not supported by SOCKS protocol.
Affinity
the entrance and the exit of SockMux tunnel are controllable by
usual parameters of DeleGate, PORT and (extended) SERVER parameter.
Also DeleGate can be attached at the exit of a tunnel as a proxy server
for relayed protocol,
enabling arbitrary protocol proxies be tunneled via SockMux.
Applicability
not only devices with socket type interface but also FIFO type devices
can be used as a tunnel.
Efficiency
establishing a long distance TCP connection can take long time.
Tunneling multiple connections on a persistent connection (as a tunnel)
reduces the delay.
Privacy Enhancement
the communication on the tunnel can be encrypted by SSL with SSLway
as a FCL/FSV filter.
After many years of not so successful experimental tunneling protocols
for DeleGate, including Vehicle/Teleport, VSAP, ThruWay,
SockMux is designed and implemented to be a protocol as simple as possible.
The author expects that SockMux will supersede those unsuccessful protocols.
clients -->* SockMux tunnel *--> servers
+- DeleGate <========================> DeleGate -+
servers <--* a persistent connection *<-- clients
on tcp/ip or fifo
SockMux is an experimental protocol designed for inter-DeleGate communication.
It is a simple protocol for "port forwarding" to accept, relay and destroy
connections, multiplexed over a single persistent connection.
A pair of SockMux-DeleGate establish and retain a connection between them,
then forward port from local to remote each other over the connection.
The persistent connection is established with "-Phost:port" parameter
at receptor side, and "SERVER=sockmux://host:port" at connector side.
The port to accept outgoing connections to be forwarded to remote is specified
with PORT="listOfPorts parameter.
The server to be connected for incoming connections from remote is specified
with a postfix string ",-in" like SERVER="telnet://host:23,-in".
An incoming connection can be processed with DeleGate as a proxy of the
specified protocol.
If only protocol name is specified like SERVER="telnet,-in", or if "-in"
is postfixed like "-in(option list)", then a DeleGate is
invoked to process the connection.
The option list is passed to the invoked DeleGate as the list of
command line options.
For example, SERVER="telnet://host,-in(+=config.cnf)" will invoke a DeleGate
with command line options like ``delegated SERVER=telnet://host +=config.cnf''.
Example: bi-directional SockMux-DeleGate
hostX% delegated SERVER=sockmux -PhostX:9000 PORT=9023 SERVER="telnet://hostX,-in"
hostY% delegated SERVER=sockmux://hostX:9000 PORT=9023 SERVER="telnet://hostY,-in"
// a pair of SockMux-DeleGate is connected at the port "hostX:9000", then
// the port "hostX:9023" is forwarded to "telnet://hostY"
// the port "hostY:9023" is forwarded to "telnet://hostX"
Example: uni-directional SockMux-DeleGate
hostX% delegated SERVER=sockmux -PhostX:9000 SERVER="telnet://hostX,-in"
hostY% delegated SERVER=sockmux://hostX:9000 PORT=hostY:9023
// hostY:9023 is forwarded to "telnet://hostX".
Example: uni-directional to proxy-Telent-DeleGate
hostX% delegated SERVER=sockmux -PhostX:9000 PORT=hostX:9023
hostY% delegated SERVER=sockmux://hostX:9000 SERVER="telnet,-in"
// hostX:9023 is forwarded to a Telnet proxy on hostY.
There is another way to establish a persistent connection between
two SockMux-DeleGate using a FIFO device like named pipe.
It is specified like SERVER=sockmux:commtype@fifoName
where commtype is one of "commin", "commout", and "comm",
which represents uni-directional input, uni-directional output and
bi-directional input/output respectively.
NOTE: forwarding FTP data connection is not supported (yet).
The destination SERVER for an incoming connection from remotel can be
selected depending on which remote port it was accepted.
A SERVER parameter postfixed with
":-:-Pxxxx"
will be applied only to connections which is accepted on remote host
with PORT=xxxx.
Example: forwarding multiple port
hostX% ... PORT=8023,8080
hostY% ... SERVER=telnet,-in:-:-P8023 SERVER=http,-in:-:-P8080
// hostX:8023 is forwarded to Telnet-proxy on hostY
// hostX:8080 is forwarded to HTTP-proxy on hostY