Tunneling vs. Redirection


The ASP pages presented in this article forward Web browsers to your local machine by keeping track of your floating IP address. The downside of this approach is that browsers must always connect to a Web server that has a permanent IP address before being redirected to your dynamic host.

Another way to handle dynamic IPs is with tunneling, which is the practice of encapsulating packets of one network protocol inside those of another. In particular, the Secure Shell (SSH) program has a mechanism that easily handles two types of tunneling. To use it, you must make the SSH server listen on a port and forward incoming requests to your dynamic client. (SSH can also perform the reverse service, where packets directed to a local port are sent to a remote server somewhere else on the Internet.)

There are several ways you can achieve this. The exact details will vary depending on what SSH software you use and how your system is configured—for example, whether you're behind a firewall—or if you are allowed to open ports on the server. If you use the Unix version of SSH, check out the -g, -L, and -R options. As a bonus, all traffic between the two hosts is encrypted, and can even be compressed.

Incidentally, while this technique is handy for tracking a dynamic IP address, it also works well when you need to slip past a firewall, since you can access any port on the other side of the firewall while the SSH port is open.

For more information, check out the SSH FAQ at www.onsight.com/faq/ssh/ssh-faq.html, and www.openssh.org. There are versions of SSH available for many platforms including most Unix, Linux, and Windows operating systems.

—AW