Re: [FRIAM] virtualized public IPs

2018-08-22 Thread Russell Standish 
On Wed, Aug 22, 2018 at 11:44:14AM +0200, Stephen Guerin wrote:
> Markus, 
> 
> While not exactly virtualized IP, can you accomplish what you need via a
> dynamic DNS solution, ngrok.com or localtunnel.me and then manage routing on
> your internal network?

dynamic DNS is not really important - ISTM that your solution is to
move up the protocol stack. Markus's original problem was that the
restrictive nature of his client network was such that he couldn't
distinguish between requests at layer 3 (TCP). You're right that
layering the requests on a layer 4 protocol like http allows you to
distinguish requests by inserting the distinguishing label in a field
in http request header - eg the Host field, which can contain a domain
name and a port.

ISTM, it is not necessary for the domain inserted into the Host field
to be resolvable - if it is, then just distinguish on the port part -
so dynamic DNS is not necessary.

Cheers


-- 


Dr Russell StandishPhone 0425 253119 (mobile)
Principal, High Performance Coders
Visiting Senior Research Fellowhpco...@hpcoders.com.au
Economics, Kingston University http://www.hpcoders.com.au



FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] virtualized public IPs

2018-08-22 Thread Marcus Daniels 
Thanks Stephen and Gary.   Since what I’m doing at the moment is just with ssh, 
I can just use ProxyJump<https://www.madboa.com/blog/2017/11/02/ssh-proxyjump/>.
Good to know about the web-oriented ones too.   ZeroTierOne will have to wait 
for a few more free cycles, but that does look ideal.

Marcus
From: Friam  on behalf of Stephen Guerin 

Reply-To: "stephen.gue...@redfish.com" , The Friday 
Morning Applied Complexity Coffee Group 
Date: Wednesday, August 22, 2018 at 3:44 AM
To: Friam Friam 
Subject: Re: [FRIAM] virtualized public IPs

Markus,

While not exactly virtualized IP, can you accomplish what you need via a 
dynamic DNS solution, ngrok.com<http://ngrok.com> or 
localtunnel.me<http://localtunnel.me> and then manage routing on your internal 
network?
On Wed, Aug 22, 2018, 7:45 AM Marcus Daniels 
mailto:mar...@snoutfarm.com>> wrote:
Hi,

The following seems like it is simple thing to address, but it doesn’t seem 
common.  Here are my assumptions:

1) I have several computers configured in complicated ways that I’d like to 
keep under my physical control.

2) I have an ordinary residential type of internet connection with one public 
IP.

3) I use various other computers, and some of them have irritatingly 
restrictive network policies.  I would like these computers to ask my computers 
to do things.
But they won’t route traffic on unusual ports to the internet.  So, for 
example, remapping ssh traffic to high ports and then using NAT to map them 
back on my end won’t work.
They also will refuse to allow VPN traffic to be initiated from their end.

I have looked at several VPN providers, but as far as I can tell all of them 
try as hard as possible to obfuscate the exit node.   I don’t want to do that, 
I want to have public points of contact, esp. for ssh that map directly back to 
me.

I suppose I could go to Azure or AWS and make a node do whatever I wanted, but 
I was hoping there was a standard service for this.   I don’t want to pay 
per-hour charges for compute that isn’t even compute.

Any ideas?Sorry for the pedestrian question.  We all know how important it 
is to have the best 
words<https://www.washingtonpost.com/video/national/trump-i-have-the-best-words/2017/04/05/53a9ae4a-19fd-11e7-8598-9a99da559f9e_video.html>.

Marcus



FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] virtualized public IPs

2018-08-22 Thread Gary Schiltz 
I struggled for years with a proprietary product called Hamachi (
http://vpn.net - a "zero config" "hole punching" VPN). It worked more or
less well to connect computers behind restrictive firewalls, but the Linux
version was in perpetual beta for years. Once the company and software were
bought by Logmein, it seems to be pretty well abandoned. I found an
actively developed, well supported open source alternative called Zero Tier
(https://github.com/zerotier/ZeroTierOne). I don't know if it will suit
you, but it works perfectly for my needs.

On Wed, Aug 22, 2018 at 12:45 AM Marcus Daniels 
wrote:

> Hi,
>
>
>
> The following seems like it is simple thing to address, but it doesn’t
> seem common.  Here are my assumptions:
>
>
>
> 1) I have several computers configured in complicated ways that I’d like
> to keep under my physical control.
>
>
>
> 2) I have an ordinary residential type of internet connection with one
> public IP.
>
>
>
> 3) I use various other computers, and some of them have irritatingly
> restrictive network policies.  I would like these computers to ask my
> computers to do things.
>
> But they won’t route traffic on unusual ports to the internet.  So, for
> example, remapping ssh traffic to high ports and then using NAT to map them
> back on my end won’t work.
>
> They also will refuse to allow VPN traffic to be initiated from their end.
>
>
>
> I have looked at several VPN providers, but as far as I can tell all of
> them try as hard as possible to obfuscate the exit node.   I don’t want to
> do that, I want to have public points of contact, esp. for ssh that map
> directly back to me.
>
>
>
> I suppose I could go to Azure or AWS and make a node do whatever I wanted,
> but I was hoping there was a standard service for this.   I don’t want to
> pay per-hour charges for compute that isn’t even compute.
>
>
>
> Any ideas?Sorry for the pedestrian question.  We all know how
> important it is to have the best words
> 
> .
>
>
>
> Marcus
>
>
>
>
> 
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

Re: [FRIAM] virtualized public IPs

2018-08-22 Thread Stephen Guerin 
Markus,

While not exactly virtualized IP, can you accomplish what you need via a
dynamic DNS solution, ngrok.com or localtunnel.me and then manage routing
on your internal network?

On Wed, Aug 22, 2018, 7:45 AM Marcus Daniels  wrote:

> Hi,
>
>
>
> The following seems like it is simple thing to address, but it doesn’t
> seem common.  Here are my assumptions:
>
>
>
> 1) I have several computers configured in complicated ways that I’d like
> to keep under my physical control.
>
>
>
> 2) I have an ordinary residential type of internet connection with one
> public IP.
>
>
>
> 3) I use various other computers, and some of them have irritatingly
> restrictive network policies.  I would like these computers to ask my
> computers to do things.
>
> But they won’t route traffic on unusual ports to the internet.  So, for
> example, remapping ssh traffic to high ports and then using NAT to map them
> back on my end won’t work.
>
> They also will refuse to allow VPN traffic to be initiated from their end.
>
>
>
> I have looked at several VPN providers, but as far as I can tell all of
> them try as hard as possible to obfuscate the exit node.   I don’t want to
> do that, I want to have public points of contact, esp. for ssh that map
> directly back to me.
>
>
>
> I suppose I could go to Azure or AWS and make a node do whatever I wanted,
> but I was hoping there was a standard service for this.   I don’t want to
> pay per-hour charges for compute that isn’t even compute.
>
>
>
> Any ideas?Sorry for the pedestrian question.  We all know how
> important it is to have the best words
> 
> .
>
>
>
> Marcus
>
>
>
>
> 
> FRIAM Applied Complexity Group listserv
> Meets Fridays 9a-11:30 at cafe at St. John's College
> to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
> FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove
>

FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove

[FRIAM] virtualized public IPs

2018-08-21 Thread Marcus Daniels 
Hi,

The following seems like it is simple thing to address, but it doesn’t seem 
common.  Here are my assumptions:

1) I have several computers configured in complicated ways that I’d like to 
keep under my physical control.

2) I have an ordinary residential type of internet connection with one public 
IP.

3) I use various other computers, and some of them have irritatingly 
restrictive network policies.  I would like these computers to ask my computers 
to do things.
But they won’t route traffic on unusual ports to the internet.  So, for 
example, remapping ssh traffic to high ports and then using NAT to map them 
back on my end won’t work.
They also will refuse to allow VPN traffic to be initiated from their end.

I have looked at several VPN providers, but as far as I can tell all of them 
try as hard as possible to obfuscate the exit node.   I don’t want to do that, 
I want to have public points of contact, esp. for ssh that map directly back to 
me.

I suppose I could go to Azure or AWS and make a node do whatever I wanted, but 
I was hoping there was a standard service for this.   I don’t want to pay 
per-hour charges for compute that isn’t even compute.

Any ideas?Sorry for the pedestrian question.  We all know how important it 
is to have the best 
words.

Marcus



FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
FRIAM-COMIC http://friam-comic.blogspot.com/ by Dr. Strangelove