what is tunnelling (ssh tunneling and ppp tunneling)? I searched in google but it is confusing.. can anyone provide some good material on this tunneling topic?
SSH tunneling is as far as my understanding goes, a way of using a remote computer's internet connection much like a proxy.
Basically, you have a network connection at the base computer and you use said connection to connect to a remote computer via SSH tunneling. Now, instead of network traffic going directly to your computer, it goes through the remote computer first. Your computer will think all network traffic is coming from one connection (the remote computer) instead of many connections like normally.
Tunneling is a general term that refers to the encapsulation of one protocol within another.
Usually TCP/IP is transported over a lower-level transport (such as Ethernet). One can, however use a higher-level protocol (such as SSH) as a base for transporting TCP/IP.
This means that the protocols are nested:
- (native) TCP/IP transports SSH
- SSH transports (tunneled) TCP/IP
This may look useless and complex at first, but allows one to leverage the advantages of a high-level protocol (for example encryption for SSH) using a lower-level protocol (such as TCP/IP).
Note that VPNs are usually implemented using some kind of tunneling.
Well, basically you have 3 machines:
- A your machine
- B server
- C remote machine
Basic tunnel would be any communication on port X of A gets forwarded to port Y of C by B. I.e. instead of A → C you have A → B → C. So to the machine C it seems that communications is coming from B, not A. Useful if C's firewall doesn't allow connection from A (e.g. territory restricted). So for example with:
ssh -L8080:www.example.com:80 your.server
Accessing localhost:8080
from your machine you're actually accessing www.example.com:80
from your.server
.
Other type of tunnel would be:
- A machine in local net
- B server
You open port X on server B, any communication on that port gets forwarded to port Y on local machine A. Useful if you're behind NAT/firewall. For example:
ssh -R8080:192.168.1.1:80 your.server
Anyone accessing to your.server:8080
is actually accessing 192.168.1.1:80
in your local net.
Tunnelling is when instead of sending a packet directly through the network you send in inside another (often encrypted) connection by means of encapsulation. In case of SSH tunnelling, TCP/IP packets are sent inside an SSH connection to another host which then decides how to treat those packets (usually forward to internal network).
The Wikipedia article about Tunnelling is helpful, but to understand it better you should have a basic idea how encapsulation and OSI model work.