I have a load balancer group with few target servers and they are SSL enabled.
Now I want to do the TCP monitoring on the target servers port (443)
Does TCP monitor work with the backends which are on https ?
TCP Monitor, according to me, does a socket connect on the given Host and Port. What this means is, if there is an open port on the target server, then server is considered alive and kicking.
Since this is only a socket connect; protocol HTTP,HTTPS does not matter as long as there is port open and has a listener on the port.
Related
THIS IS ALL UDP
Let say I have an internal port 25000 that isn't forwarded.
I send a UDP Message through that port to a server.
I now listen to that 25000 port locally for a reply from that server.
The server received my message.
The server thinks the port the message came from is 27833.
How much time does the server have to send a message back to me through port 27833?
If I locally keep listening to port 25000 will the 27833 port stay open indefinitely until I stop listening?
I'm not an expert but I think the timeout of the forwarding of the port on the NAT will not be influenced because you listen to new datagram on a computer behind your NAT (As only the OS will know you want to read those packets, not the NAT).
For the time the port will be forwarded by the NAT, I've find this response on stackoverflow: For how long a router keeps records in the NAT and can they be reused forwarding requests from other hosts? (Shortcut from the response, in practice less than 120 sec)
Let say I have a server XYZ that listens on port 50000 for TCP clients and port 80 for HTTP clients. And on the other side, I have a client that uses a WebSocket to establish a socket connection to port 50000 and will use HTTP port 80 for the handshake (of course).
Now, when the client begins, it will first send a request to server XYZ via the HTTP port 80, and the server will receive its request on port 80 for the handshake and will send a response for welcome. So, in that case, both parties are using port 80 (of course).
Now, when the handshake is done, the standard documentation says that the same TCP connection that is used for HTTP request/response for handshake purposes is then converted to the TCP socket connection. Ok right.
But, but if this whole handshake process and TCP connection for the HTTP request/response uses port 80 the first time, and that the same TCP connection is converted to the TCP socket connection, and this whole process is done via port 80, then how does the same TCP connection get converted to port 50000 for the TCP socket on both parties? Does the client initialize another TCP connection internally for changing to port 50000?
So, can anyone tell how the port conversion is performed and works in the WebSocket from port 80 to a different port in both parties? How does a complete single socket connection get established on the different ports? How does the same TCP connection change/flip its ports?
A TCP socket connection cannot change ports at all. Once a connection has been established, its ports are locked in and cannot be changed. If you have a TCP socket connection on port 80, the only way to have a connection on port 50000 is to make a completely separate TCP socket connection.
A WebSocket cannot connect to port 80 and then switch to port 50000. However, an HTML page that is served to a browser from port 80 can contain client-side scripting that allows the browser to make a WebSocket object and connect it to port 50000. The two TCP connections (HTTP and WebSocket) are completely separate from each other (in fact, the HTTP socket connection does not even need to stay open once the HTML is served, since HTTP is a stateless protocol).
I have a TCP server sitting on one host in a VPC, and a TCP client sitting on a separate host and VPC. Right now they are able to transmit data to each other using any matching ports, but I want their data to be transmitted to each other over HTTPS (port 443), is there a standard way of doing this?
My initial thought it to have Nginx running on both hosts to handle SSL over 443 with streams to handle the TCP traffic, but I'm lost when it comes to configuring the stream block in Nginx to wrap the TCP traffic with SSL on 443 for outgoing traffic for the server, or how to receive it on the client side and forward it to the TCP client. Any and all help is appreciated.
I always check network connectivity using telnet [IP] [port]. However, sometimes the connection timeouts because nothing is listening to that port but the tunnel to that port is open. How do I check the difference, i.e. does telnet timeout because tunnel is not open or because nothing is listening to that port at the other end?
Probably by using tcptraceroute, from the man page
This program attempts to trace the route an IP packet would follow to
some internet host by launching probe packets with a small ttl (time to
live) then listening for an ICMP "time exceeded" reply from a gateway.
We start our probes with a ttl of one and increase by one until we get
an ICMP "port unreachable" (or TCP reset)
set the max_ttl value to be appropriate for your firewall
I am looking at traffic generated by my computer when socks server is defined.
I read over the internet and see that its possible to route udp also trough the proxy server.
when i try using different apps that uses UDP and allows socks settings, it uses it only for tcp traffic. why?
I have defined SOCKS5, as i understand that v4 doesnt support udp (why?)
i tried an example, Vuze client - its expert mode allows to prefer udp traffic, setup socks server and even at this point, any udp goes directly to peers.
My wish is to monitor the traffic and see how its transmitted, is it over UDP connection with socks server, or does it actually connects to the socks server in TCP and sends the data, which is then sent via udp to the destination?
When a client wants to relay UDP traffic over the SOCKS5 proxy, the client makes a UDP associate request over the TCP. SOCKS5 server then returns an available UDP port to the client to send UDP packages to.
Client then starts sending the UDP packages that needs to be relayed to the new UDP port that is available on SOCKS5 server. SOCKS5 server redirects these UDP packages to the remote server and redirects the UDP packages coming from the remote server back to the client.
When client wants to terminate the connection, it sends a FIN package over the TCP. The SOCKS5 server then terminates the UDP connection created for the client and then terminates the TCP connection.
Double SSH Tunnel Manager support SOCKS5 With UDP
3proxy Server support UDP