Re: dns lookup through forward (General questions)

by caden, Thursday, July 10, 2008, 21:32 (5978 days ago) @ wodDamir

Here's our current setup:

clientpc --> app ---> ssh connection ---> ssh server --> proxy server --> target website.

The initial connection to the ssh server by the app, is under the control of the clientpc's dns, whatever that might be. However, fowareded-to remote hosts, are looked up by the ssh SERVER, and thus under our DNS control.

Example; you want a direct forward from your localhost/port to google.com port 80, so that hitting your localmachine on port 8081 is a direct foward link to google.com. The ssh command is something like:

ssh mysshserver.com -L localhost:8081:google.com:80

In this case, mysshserver.com, will be looked up by the client machines dns....but google.com will be resolved by the ssh SERVER - not the client. The ssh server is being asked to forward to google.com, and IT will (or should) do the lookup.

Additionaly we use a proxy server, located on the same localhost as the ssh server. So we forward to localhost , wrt the ssh server, the proxy port. When a browser is configured to use a proxy server, the PROXY server will do the dns lookups as well...not the local client dns.

So - DNS should not be an issue anywhere here, since we're using the traditional model, UNLESS there is something in the ssh library that is PRE-resolving the forward-to remote host, and coming up with an IP for the forward command BEFORE sending the command to the ssh server.

Is this the case?