Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement STUN to avoid relaying all packets in case of client-side NAT #14

Open
Arkanosis opened this issue Feb 24, 2020 · 0 comments
Open

Implement STUN to avoid relaying all packets in case of client-side NAT #14

Arkanosis opened this issue Feb 24, 2020 · 0 comments
Assignees
@Arkanosis
Labels
enhancement

Comments

@Arkanosis
Copy link
Owner

Arkanosis commented Feb 24, 2020
edited
Loading

If there's a NAT not only server-side, but client-side as well, rssht currently works by ssh-ing to a relay server from the server, then ssh-ing again to the same relay server from the client. This works well, but it introduces load on the relay server and impacts both latency and bandwidth.

Implementing STUN / ICE would enable direct SSH connection from the client to the server, by just signalling the server to the client and vice-versa. In the rare cases where it wouldn't work, the current TURN approach could be used as a fallback.

Additionally, it might be possible to rely on some public STUN server to avoid the public server requirement altogether.

Also, see #11 for an approach which doesn't even need a STUN server (pwnat).
@Arkanosis Arkanosis self-assigned this Feb 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Arkanosis Arkanosis

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Arkanosis