[Ndn-interest] reaching NDN testbed from behind a firewall

Alex Afanasyev aa at CS.UCLA.EDU
Wed Dec 16 15:16:29 PST 2015

Hi Craig,

ssh tunnels TCP port, so it is understandable why you have failed.

You can try workarounds discussed here: http://superuser.com/questions/53103/udp-traffic-through-ssh-tunnel <http://superuser.com/questions/53103/udp-traffic-through-ssh-tunnel> or use tcp-based face when using the tunnel (tcp://localhost:5000)


> On Dec 16, 2015, at 3:09 PM, Murray, Craig <cmurray at verisign.com> wrote:
> Hi all,
> I am trying to use NdnCom to connect with others on the testbed, but I am behind a firewall and port 6363 is not open.  I thought I might be able to tunnel using ssh, but this does not work (below is more detail on what I tried).  Does anyone have experience and/or suggestions that would help me?  My guess is this is obvious to someone who knows more than I.  My apologies if so.
> Thanks in advance for any help,
> Craig
> ---------------------------------
> Detail:
> I have three machines running NFD inside the firewall.
> First I tested that ndnping works between machines inside:
> On machine B I do the following:
> ndnpingserver /ndn/internal/B
> On machine A I do the following:
> nfdc register /ndn/internal udp://<address.of.B>
> ndnping /ndn/internal/B
> Of course this works.  Next I remove entries from NFD tables
> On machine A I do the following:
> nfdc unregister /ndn/internal <face-id-of-B>
> Next I ssh from machine A to machine B, forwarding a port
> On machine A I do the following:
> ssh <address.of.B> -L 4000:localhost:6363
> nfdc register /ndn/internal udp://localhost:4000
> ndnping /ndn/internal/B
> This does not work.  Packets time out.
> I have also tried the following:
> On machine C I do:
> nfdc register /ndn/internal udp://<address.of.B>
> ndnping /ndn/internal/B
> This works so then I try tunneling form A to C:
> First I end the ssh running between A and B.
> Then on machine A:
> ssh <address.of.C> -L 5000:<address.of.B>:6363
> nfdc unregister /ndn/internal <face-id-of-localhost:4000>
> nfdc register /ndn/internal udp://localhost:5000
> ndnping /ndn/internal/B
> Of course, this does not work either.  I have not tried the same thing with ssh from a machine inside the firewall to a machine outside the firewall (also running NFD) but if it does not work without a firewall in between machines, it certainly won’t work with the firewall added.  Thanks for any help.
> _______________________________________________
> Ndn-interest mailing list
> Ndn-interest at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndn-interest

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20151216/e4622742/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.lists.cs.ucla.edu/pipermail/ndn-interest/attachments/20151216/e4622742/attachment.bin>

More information about the Ndn-interest mailing list