Hello, On Thu, Feb 08, 2024 at 11:59:16AM +0100, Gert Doering wrote: > On Thu, Feb 08, 2024 at 10:36:31AM +0000, Peter Davis via Openvpn-users wrote: > > Is there a way to hide the number of connections to a server? Can an > > intermediate server do this? Instead of connecting directly to the final > > server, people connect to an intermediate server and this intermediate > > server sends requests to the final server! > > Not really, unless that intermediate server sets up a tunnel, and puts > all client connection *into* that tunnel. Then an outside observer would > only see "one connection" - but this has the risk of breaking in interesting > ways, and also tunnel-in-tunnel tends to have bad performance.
On a side note, not linked to OpenVPN: I had routing problems when doing IPv6 over IPv4 tunneling (for some reason the tunnel server was not routed with my Internet connection, so I ping-ponged through a customer's one). Aka client ---> relay server ---> real server. This ressembles (a bit) the problem mentionned by Peter. It could work with OpenVPN with the float option I guess. To do that I implemented a small Perl code over a TCP tunnel. It worked like a charm (the delay was quite big, though). There may be much better options if you can control the kernel firewall rules on the relay host (which I couldn't). Of course, I now have v6 native connectivity :) See: https://wiki.alphanet.ch/Sandbox/BidirectionnalUDPTunnel (dates back 2010! just had to fix the dot image generation today)
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
