View previous topic :: View next topic |
Author |
Message |
jesnow l33t
Joined: 26 Apr 2006 Posts: 856
|
Posted: Wed Oct 08, 2014 2:25 pm Post subject: dynamic IP without Dynamic DNS |
|
|
Why? Because.
Machine A has a static IP address and is on a fast net connection.
Machine B has a dynamic IP address, behind multiple levels of NAT.
I want to log into machine B from machine A WITHOUT using a dynamic dns server, but how would I do this? Seems to me machine B could ping machine A in some way on a regular basis to let A know its ip address. After all, I can ssh from B to A no problem, it's the *reverse* direction that's hard. I could start a demon on A that listens on a particular high numbered port for a connection, the client demon on B connects to that port, and drops its identity and IP address, maybe with some authentication. The demon on A then logs the ip to /etc/hosts (or updates the bind configuration and restarts if anything's changed) and we're off. Hackers might use this procedure to log in the bots they have infected, so there must be some code out there. As it happens I do control this bot, it's mine.
WHY don't I want to use dynamic dns? Because. So "just use dynamic dns" is not the answer I'm looking for, I know how to do that.
I know this forum loves a challenge. |
|
Back to top |
|
|
javeree Guru
Joined: 29 Jan 2006 Posts: 453
|
Posted: Wed Oct 08, 2014 3:15 pm Post subject: |
|
|
If it is multiple levels of NAT, even dynamic DNS would present a challenge.
Maybe you would be ok with using zeroconf to broadcast B's presence by name and miniupnp to pass through the NAT levels. I think you should adapt the iptables rules that miniupnp installs for each NAT level. |
|
Back to top |
|
|
jesnow l33t
Joined: 26 Apr 2006 Posts: 856
|
Posted: Thu Oct 09, 2014 9:54 am Post subject: |
|
|
Maybe not multiple levels. It was when my DSL modem gave out one local private ip address, then my wireless router gave another, but now they're combined. Anyway, DDNS worked sorta, but had other issues. |
|
Back to top |
|
|
ChrisJumper Advocate
Joined: 12 Mar 2005 Posts: 2390 Location: Germany
|
Posted: Thu Oct 09, 2014 3:33 pm Post subject: |
|
|
Its all easy.
If you have a Machine in the Internet with a fix IP adress. You could build a VPN or SSH forwarding Tunnel from your dynamic Machine. That Way you could set up a "fix" IP Adress to that other Machine.
I did not setup this myself but i am sure that you could buy or lease a Ipv6 Address Range That you should route from the Static IP Adress to your Dynamic IP Machine.
But be aware that the connection itself, your Dynamic Client have to update and reinitialize the Tunnel. Its nice to work with, but a strange setup to find bottlenecks. |
|
Back to top |
|
|
|