PageViews: 984 hits / 122 nets

SockMux -- Socket Multiplexer Protocol [last-modified 2002Dec21] [created 2002Dec20]

SockMux is a newly developed tunneling protocol for inter-DeleGate communication with the following merits:

Symmetricity

ports are connected and relayed for both direction over the tunnel, independently of the direction of tunnel establishment between DeleGate servers, This feature is not supported by SOCKS protocol.

Affinity

the entrance and the exit of SockMux tunnel are controllable by usual parameters of DeleGate, PORT and (extended) SERVER parameter. Also DeleGate can be attached at the exit of a tunnel as a proxy server for relayed protocol, enabling arbitrary protocol proxies be tunneled via SockMux.

Applicability

not only devices with socket type interface but also FIFO type devices can be used as a tunnel.

Efficiency

establishing a long distance TCP connection can take long time. Tunneling multiple connections on a persistent connection (as a tunnel) reduces the delay.

Privacy Enhancement

the communication on the tunnel can be encrypted by SSL with SSLway as a FCL/FSV filter.

After many years of not so successful experimental tunneling protocols for DeleGate, including Vehicle/Teleport, VSAP, ThruWay, SockMux is designed and implemented to be a protocol as simple as possible. The author expects that SockMux will supersede those unsuccessful protocols.

 clients -->*                 SockMux tunnel                 *--> servers
            +- DeleGate <========================> DeleGate -+
 servers <--*             a persistent connection            *<-- clients
                            on tcp/ip or fifo

Excerpt from Manual.htm of DeleGate/8.2.3

---

SockMux server

SockMux is an experimental protocol designed for inter-DeleGate communication. It is a simple protocol for "port forwarding" to accept, relay and destroy connections, multiplexed over a single persistent connection. A pair of SockMux-DeleGate establish and retain a connection between them, then forward port from local to remote each other over the connection.

The persistent connection is established with "-Phost:port" parameter at receptor side, and "SERVER=sockmux://host:port" at connector side. The port to accept outgoing connections to be forwarded to remote is specified with PORT="listOfPorts parameter. The server to be connected for incoming connections from remote is specified with a postfix string ",-in" like SERVER="telnet://host:23,-in".

An incoming connection can be processed with DeleGate as a proxy of the specified protocol. If only protocol name is specified like SERVER="telnet,-in", or if "-in" is postfixed like "-in(option list)", then a DeleGate is invoked to process the connection. The option list is passed to the invoked DeleGate as the list of command line options. For example, SERVER="telnet://host,-in(+=config.cnf)" will invoke a DeleGate with command line options like ``delegated SERVER=telnet://host +=config.cnf''.

Example: bi-directional SockMux-DeleGate

hostX% delegated SERVER=sockmux -PhostX:9000 PORT=9023 SERVER="telnet://hostX,-in"
hostY% delegated SERVER=sockmux://hostX:9000 PORT=9023 SERVER="telnet://hostY,-in"
// a pair of SockMux-DeleGate is connected at the port "hostX:9000", then
// the port "hostX:9023" is forwarded to "telnet://hostY"
// the port "hostY:9023" is forwarded to "telnet://hostX"


Example: uni-directional SockMux-DeleGate

hostX% delegated SERVER=sockmux -PhostX:9000 SERVER="telnet://hostX,-in"
hostY% delegated SERVER=sockmux://hostX:9000 PORT=hostY:9023
// hostY:9023 is forwarded to "telnet://hostX".

Example: uni-directional to proxy-Telent-DeleGate

hostX% delegated SERVER=sockmux -PhostX:9000 PORT=hostX:9023
hostY% delegated SERVER=sockmux://hostX:9000 SERVER="telnet,-in"
// hostX:9023 is forwarded to a Telnet proxy on hostY.

There is another way to establish a persistent connection between two SockMux-DeleGate using a FIFO device like named pipe. It is specified like SERVER=sockmux:commtype@fifoName where commtype is one of "commin", "commout", and "comm", which represents uni-directional input, uni-directional output and bi-directional input/output respectively.

Example: use fifo device on a host

% mkfifo /tmp/com0
% mkfifo /tmp/com1
serv1) SERVER=sockmux:commin@/tmp/com0 SERVER=sockmux:commout@/tmp/com1 ...
serv2) SERVER=sockmux:commin@/tmp/com1 SERVER=sockmux:commout@/tmp/com0 ...


Example: use communication port between two hosts (not tested yet)

host1) SERVER=sockmux:comm@com1 ...
host2) SERVER=sockmux:comm@com2 ...


NOTE: forwarding FTP data connection is not supported (yet).

The destination SERVER for an incoming connection from remotel can be selected depending on which remote port it was accepted. A SERVER parameter postfixed with ":-:-Pxxxx" will be applied only to connections which is accepted on remote host with PORT=xxxx.

Example: forwarding multiple port

hostX% ... PORT=8023,8080
hostY% ... SERVER=telnet,-in:-:-P8023 SERVER=http,-in:-:-P8080
// hostX:8023 is forwarded to Telnet-proxy on hostY
// hostX:8080 is forwarded to HTTP-proxy on hostY

---

Yutaka Sato @ DeleGate.ORG