1. Home

Product groups

Support

dns lookup through forward - WeOnlyDo Discussion board

dns lookup through forward (wodSSHServer)

by caden, Thursday, July 10, 2008, 17:09 (5762 days ago)

Here's our process:

First we set up a ssh connection to:
ssh.mydomain.com
In order to do that we do a dns lookup, which resolves 49.124.581.2.

Then we set up a port forward to
ssh.mydomain.com:8080
Again we do a dns lookup which is supposed to resolve 10.1.1.155

Here's the first question. Can we do a dns lookup through our ssh connection? Is there a problem with the domain names being the same internally and externally?

Once connected we need to get an xml feed

intranet.mydomain.com (resolves 10.1.1.120)

This is same as the first question. Is it possible to do a dns lookup through our ssh connection?

If we have a successful ssh connection, how do we find out that intranet.mydomain.com resolves to 10.1.1.120?

locked
  3939 views

Re: dns lookup through forward

by wodDamir, Thursday, July 10, 2008, 18:29 (5762 days ago) @ caden

Hi Caden,

Unfortunately, this won't really work.

The reason to this is that dns lookup uses UDP ports (default 53), but UDP traffic can't be forwarded. You can only tunnel TCP traffic thru wodSSHTunnel.

Hope I helped.

Regards,
Damba

locked
  3956 views

Re: dns lookup through forward

by caden, Thursday, July 10, 2008, 21:32 (5762 days ago) @ wodDamir

Here's our current setup:

clientpc --> app ---> ssh connection ---> ssh server --> proxy server --> target website.

The initial connection to the ssh server by the app, is under the control of the clientpc's dns, whatever that might be. However, fowareded-to remote hosts, are looked up by the ssh SERVER, and thus under our DNS control.

Example; you want a direct forward from your localhost/port to google.com port 80, so that hitting your localmachine on port 8081 is a direct foward link to google.com. The ssh command is something like:

ssh mysshserver.com -L localhost:8081:google.com:80

In this case, mysshserver.com, will be looked up by the client machines dns....but google.com will be resolved by the ssh SERVER - not the client. The ssh server is being asked to forward to google.com, and IT will (or should) do the lookup.

Additionaly we use a proxy server, located on the same localhost as the ssh server. So we forward to localhost , wrt the ssh server, the proxy port. When a browser is configured to use a proxy server, the PROXY server will do the dns lookups as well...not the local client dns.


So - DNS should not be an issue anywhere here, since we're using the traditional model, UNLESS there is something in the ssh library that is PRE-resolving the forward-to remote host, and coming up with an IP for the forward command BEFORE sending the command to the ssh server.


Is this the case?

locked
  3933 views

Re: dns lookup through forward

by wodSupport, Thursday, July 10, 2008, 21:36 (5762 days ago) @ caden

wodSSHTunnel doesn't resolve anything related to tunnels - so request is forwarded 'as is' to SSH server.

However, I'm not even sure why are you worried about resolving on the client side? Once tunnel is made, you will connect to http://127.0.0.1:8081 anyway, you don't know about google at all - SSH server needs to know.

Regards,
Kreso

locked
  3866 views

Re: dns lookup through forward

by caden, Thursday, July 10, 2008, 21:39 (5762 days ago) @ wodSupport

wodSSHTunnel doesn't resolve anything related to tunnels - so request is forwarded 'as is' to SSH server.

However, I'm not even sure why are you worried about resolving on the client side? Once tunnel is made, you will connect to http://127.0.0.1:8081 anyway, you don't know about google at all - SSH server needs to know.

Ahh ok good. That's what I wanted to hear [:happy:]

Thanks!

locked
  3887 views

Fantastic product by the way, it has helped us tremendously on a daily basis. Keep up the good work.

Ben Lewis
Waterson Consulting Ltd.

...wodFtpDlx was exactly what I needed, it worked, and it was priced right...

David Keenan
Serengeti Systems Incorporated

This has been, by far, the best experience I have ever had dealing with a support entity in my long career in the technical arena

Frank Kloskowski
GlobalCare Inc.

May I say how nice it is to work with components so complete and self-explanatory that using them in my application is as instinctive as though I wrote them myself?

Michael Barnett
Full Spectrum Telecommunications

Fantastic product by the way, it has helped us tremendously on a daily basis. Keep up the good work.

Ben Lewis
Waterson Consulting Ltd.

Just thought you'd like to know that my gateway app with your SMTP Server component held the line against a DDOS attack today...

Chris Langsenkamp
Clever Technologies

WeOnlyDo!COM will be the first stop I make should I require any further off-the-shelf components.

Dean Keigan
RBC Capital Markets

...not only that you provide these components at very reasonable cost, your responsiveness to emailed technical questions is simply outstanding...

Michael Thomas
ClownRed Media

Thank you for the great customer service ... I am really impressed with the wodSSH ActiveX control.

Andrew Ross
Kiwi Enterprises

Thank you so much for your hard work and commitment in producing well thought-out solutions. WeOnlyDo is very committed to customer satisfaction!

Mike McPherson
Nokia Inc.