dns lookup through forward (wodSSHServer)

Here's our process:

First we set up a ssh connection to:
ssh.mydomain.com
In order to do that we do a dns lookup, which resolves 49.124.581.2.

Then we set up a port forward to
ssh.mydomain.com:8080
Again we do a dns lookup which is supposed to resolve 10.1.1.155

Here's the first question. Can we do a dns lookup through our ssh connection? Is there a problem with the domain names being the same internally and externally?

Once connected we need to get an xml feed

intranet.mydomain.com (resolves 10.1.1.120)

This is same as the first question. Is it possible to do a dns lookup through our ssh connection?

If we have a successful ssh connection, how do we find out that intranet.mydomain.com resolves to 10.1.1.120?

Hi Caden,

Unfortunately, this won't really work.

The reason to this is that dns lookup uses UDP ports (default 53), but UDP traffic can't be forwarded. You can only tunnel TCP traffic thru wodSSHTunnel.

Hope I helped.

Regards,
Damba

Here's our current setup:

clientpc --> app ---> ssh connection ---> ssh server --> proxy server --> target website.

The initial connection to the ssh server by the app, is under the control of the clientpc's dns, whatever that might be. However, fowareded-to remote hosts, are looked up by the ssh SERVER, and thus under our DNS control.

Example; you want a direct forward from your localhost/port to google.com port 80, so that hitting your localmachine on port 8081 is a direct foward link to google.com. The ssh command is something like:

ssh mysshserver.com -L localhost:8081:google.com:80

In this case, mysshserver.com, will be looked up by the client machines dns....but google.com will be resolved by the ssh SERVER - not the client. The ssh server is being asked to forward to google.com, and IT will (or should) do the lookup.

Additionaly we use a proxy server, located on the same localhost as the ssh server. So we forward to localhost , wrt the ssh server, the proxy port. When a browser is configured to use a proxy server, the PROXY server will do the dns lookups as well...not the local client dns.

So - DNS should not be an issue anywhere here, since we're using the traditional model, UNLESS there is something in the ssh library that is PRE-resolving the forward-to remote host, and coming up with an IP for the forward command BEFORE sending the command to the ssh server.

Is this the case?

wodSSHTunnel doesn't resolve anything related to tunnels - so request is forwarded 'as is' to SSH server.

However, I'm not even sure why are you worried about resolving on the client side? Once tunnel is made, you will connect to http://127.0.0.1:8081 anyway, you don't know about google at all - SSH server needs to know.

Regards,
Kreso

wodSSHTunnel doesn't resolve anything related to tunnels - so request is forwarded 'as is' to SSH server.

However, I'm not even sure why are you worried about resolving on the client side? Once tunnel is made, you will connect to http://127.0.0.1:8081 anyway, you don't know about google at all - SSH server needs to know.

Ahh ok good. That's what I wanted to hear [:happy:]

Thanks!