what is tunnelling (ssh tunneling and ppp tunneling)

Question

what is tunnelling (ssh tunneling and ppp tunneling)? I searched in google but it is confusing.. can anyone provide some good material on this tunneling topic?

Answer 1

what is tunnelling (ssh tunneling and PPP tunneling)? I searched in google, but it is confusing.. can anyone provide some good material on this tunneling topic?

To understand what tunneling is you need to know about the packets encapsulation first.

Packets can be encapsulated in another package to send to another protocol or OSI level. For example, your connection to this website it's a HTTP request, which will be translated to TCP connection, and TCP packets then will be encapsulated in IP packets, and so on.

It's around of you everywhere. For another example, when you are browsing from your smartphone your HTTP requests are encapsulated to IP packages, and they are encapsulated in WiFi 802.11 frames. It's like the Russian dolls, where one will be inside another, and there can be many others.

You can look here for SSH tunneling example, and how to use it to proxy your traffic from local PC to remote server.

And the best way to understand what encapsulation is to read something about OSI model first.

Answer 2

Tunnelling is when instead of sending a packet directly through the network you send in inside another (often encrypted) connection by means of encapsulation. In case of SSH tunnelling, TCP/IP packets are sent inside an SSH connection to another host which then decides how to treat those packets (usually forward to internal network).

The Wikipedia article about Tunnelling is helpful, but to understand it better you should have a basic idea how encapsulation and OSI model work.

Answer 3

Well, basically you have 3 machines:

• A your machine
• B server
• C remote machine

Basic tunnel would be any communication on port X of A gets forwarded to port Y of C by B. I.e. instead of A → C you have A → B → C. So to the machine C it seems that communications is coming from B, not A. Useful if C's firewall doesn't allow connection from A (e.g. territory restricted). So for example with:

ssh -L8080:www.example.com:80 your.server

Accessing localhost:8080 from your machine you're actually accessing www.example.com:80 from your.server.

---

Other type of tunnel would be:

• A machine in local net
• B server

You open port X on server B, any communication on that port gets forwarded to port Y on local machine A. Useful if you're behind NAT/firewall. For example:

ssh -R8080:192.168.1.1:80 your.server

Anyone accessing to your.server:8080 is actually accessing 192.168.1.1:80 in your local net.

Answer 4

Tunneling is a general term that refers to the encapsulation of one protocol within another.

Usually TCP/IP is transported over a lower-level transport (such as Ethernet). One can, however use a higher-level protocol (such as SSH) as a base for transporting TCP/IP.

This means that the protocols are nested:

• (native) TCP/IP transports SSH
• SSH transports (tunneled) TCP/IP

This may look useless and complex at first, but allows one to leverage the advantages of a high-level protocol (for example encryption for SSH) using a lower-level protocol (such as TCP/IP).

Note that VPNs are usually implemented using some kind of tunneling.

Answer 5

SSH tunneling is as far as my understanding goes, a way of using a remote computer's internet connection much like a proxy.

Basically, you have a network connection at the base computer and you use said connection to connect to a remote computer via SSH tunneling. Now, instead of network traffic going directly to your computer, it goes through the remote computer first. Your computer will think all network traffic is coming from one connection (the remote computer) instead of many connections like normally.