zacariaz wrote:But how? I've investigated this subject before without any luck.
Is this question serious ? If yes, then check out this topic:
http://en.wikipedia.org/wiki/Port_forwardingSince you do not have the control over the router / firewall you are behind, it is not possible to expose any internal port for incoming communication of any kind. Since outgoing communication will most likely not be regulated by your firewall (unless you are inside a company or University), you almost always will be able to reach external servers. Hence pagekite is working.
So in order to expose your local services / storage to the external world, you use an external server for routing purposes (hopefully no network guys will kill me for this explanations).
Most remote desktop tools (e.g. Teamviewer, GoTo Meeting, Netviewer) rely on an external server to establish communication between two parties often sitting behind firewalls not knowing each others IPs.
We are obviously not speaking the same language here, but no matter, I would also be somewhat surprices if what I had in mind was possible.
]]>But how? I've investigated this subject before without any luck.
Is this question serious ? If yes, then check out this topic:
http://en.wikipedia.org/wiki/Port_forwarding
Since you do not have the control over the router / firewall you are behind, it is not possible to expose any internal port for incoming communication of any kind. Since outgoing communication will most likely not be regulated by your firewall (unless you are inside a company or University), you almost always will be able to reach external servers. Hence pagekite is working.
So in order to expose your local services / storage to the external world, you use an external server for routing purposes (hopefully no network guys will kill me for this explanations).
Most remote desktop tools (e.g. Teamviewer, GoTo Meeting, Netviewer) rely on an external server to establish communication between two parties often sitting behind firewalls not knowing each others IPs.
]]>zacariaz wrote:Well that's the problem really isn't it? Mr. Smith and Mr. Anderson can't communicate directly, thus all traffic has to go through Mr. Langley. In my work, Mr. Langley would simply SMS the phone number of Mr. Smith to Mr. Anderson and vise versa.
I guess the easiest explanation would be to say that neither Smith nor Anderson are able to receive call?
(I really need to get access to that router)
LOL...this will be my last reply on this topic prior a mod moves this to "Threads leading to nowhere"
To keep the example:
Mr. Anderson (external PC) wants to call Mr. Smith (home server) via cell phone but unfortunately cell phones do not work for Mr. Smith because he lives beyond a mountain (Router plus firewall which does not allow external access to internal services). So the work around for Mr. Smith is that he calls Mr. Langley via a normal wire-driven phone. Mr. Langley has both a working cell phone and a wire-driven phone. So Mr. Anderson calls Mr. Langley via cell phone who then simple puts the cell phone against the handset of the regular phone on which Mr. Smith is listening.Most tools which communicate with other tools over routers / firewalls rely on external servers for "handshake". The communication after successful handshake though might take place without routing all traffic across the external server.
But how? I've investigated this subject before without any luck.
]]>Well that's the problem really isn't it? Mr. Smith and Mr. Anderson can't communicate directly, thus all traffic has to go through Mr. Langley. In my work, Mr. Langley would simply SMS the phone number of Mr. Smith to Mr. Anderson and vise versa.
I guess the easiest explanation would be to say that neither Smith nor Anderson are able to receive call?
(I really need to get access to that router)
LOL...this will be my last reply on this topic prior a mod moves this to "Threads leading to nowhere"
To keep the example:
Mr. Anderson (external PC) wants to call Mr. Smith (home server) via cell phone but unfortunately cell phones do not work for Mr. Smith because he lives beyond a mountain (Router plus firewall which does not allow external access to internal services). So the work around for Mr. Smith is that he calls Mr. Langley via a normal wire-driven phone. Mr. Langley has both a working cell phone and a wire-driven phone. So Mr. Anderson calls Mr. Langley via cell phone who then simple puts the cell phone against the handset of the regular phone on which Mr. Smith is listening.
Most tools which communicate with other tools over routers / firewalls rely on external servers for "handshake". The communication after successful handshake though might take place without routing all traffic across the external server.
]]>To my limited understanding you are not thinking the wrong way.
To keep your example:
Mr. Smith calls Mr. Langley which calls Mr. Anderson.Or more specific for your use case:
Your PC "at home" connects to an external server which IP is know externally (e.g. ssh tunnel). Since communication from your system to an external host causes no problem with most routers, this nearly always works flawlessly. Now for accessing your PC at home from an external IP you "only" need to contact the external server which routes your request to your home system via the established tunnel. Enforcing applications to use a tunnel rather than bounding to a physical NIC can easily be done via proxychains. I guess this is pretty much what pagekite does. If you run their python script it connects to one of their server via ssh tunnel. If you now access their servers with your "subdomain" they route the requests back to your server. Technically no real voodoo but still requires an external server which needs to route the traffic through.
Well that's the problem really isn't it? Mr. Smith and Mr. Anderson can't communicate directly, thus all traffic has to go through Mr. Langley. In my work, Mr. Langley would simply SMS the phone number of Mr. Smith to Mr. Anderson and vise versa.
I guess the easiest explanation would be to say that neither Smith nor Anderson are able to receive call?
(I really need to get access to that router)
]]>To keep your example:
Mr. Smith calls Mr. Langley which calls Mr. Anderson.
Or more specific for your use case:
Your PC "at home" connects to an external server which IP is know externally (e.g. ssh tunnel). Since communication from your system to an external host causes no problem with most routers, this nearly always works flawlessly. Now for accessing your PC at home from an external IP you "only" need to contact the external server which routes your request to your home system via the established tunnel. Enforcing applications to use a tunnel rather than bounding to a physical NIC can easily be done via proxychains. I guess this is pretty much what pagekite does. If you run their python script it connects to one of their server via ssh tunnel. If you now access their servers with your "subdomain" they route the requests back to your server. Technically no real voodoo but still requires an external server which needs to route the traffic through.
In my mind it perfectly liable to think something like this:
Mr. Smith and Mr. Anderson don't know each others phone number, but they both know the phone number of Mr. Langley. Mr. Langley don't even have to know their phone numbers as they show up on his phone when they call. thus it's rather obvious how to establish a connection.
Sadly it would seem the world doesn't quite work this way.
]]>So at least some sort of tunnelling / proxy stuff needs to be done. At least unless you can expose an internal port of your machine to the outside world. Of course all this is possible with existing technology but the blind is not king in between the one eyed
]]>Well, everything in life comes for a certain price
Indeed, but I don't quite understand why it's necessary with a dynamic tunneled reverse proxy. (No I didn't just make that up) Such a solution will of course cost resource and thus money.
I mean data can be transferred both ways, it's just a matter of creating the connection. I'm no network guru, but I really can't see why this should be so complicated.
Obviously you'd need help from "someone" visible. In my case I have a webserver that could do the job, but why on earth does it have to serve as a proxy for it to work in this fashion?
]]>zacariaz wrote:I've always been convinced something like this was possible, but I've never been able to find any solutions.
Thanks a bunch, I'll certainly check it out.You are welcome ! While pagekite costs money in the end, you are still able to try out if it works for you
oh...
That why the package in aur is outdated...
What I can get for that same price as my vpn:
Free pagekite.py software & updates
5 month(s) of service
27 GB of transfer quota
Unlock up to 2 extra .pagekite.me name(s)
The ability to use CNAMEs from your own domain
Of course that's for 5 months instead of just one, but that actually only make things worse, assuming that is not a monthly transfer quota.
No I'm sorry, but it was too good to be true.
edit:
apparently it is possible to get it for free, but if these are the limitations when you pay...
I've always been convinced something like this was possible, but I've never been able to find any solutions.
Thanks a bunch, I'll certainly check it out.
You are welcome ! While pagekite costs money in the end, you are still able to try out if it works for you
]]>zacariaz wrote:Only problem being that I'm on a shared connection behind a router which I do not access to, otherwise I'd never have spend money on a VPS.
So if there's a solution to that problem I'm very interested.Uh oh...a "hostile" network so to speak. Then pagekite might be an option for you to access your system from external:
http://pagekite.net/They provide some sort of reverse-proxy thingie (sorry, I am not a network guy). By running a simply python script at your local machine you are able to access it under a .pagekite domain from external. Even ssh is possible.
You might want to check their webpage. I think the quickstart provides most of what you can do:
http://pagekite.net/support/quickstart/
I've always been convinced something like this was possible, but I've never been able to find any solutions.
Thanks a bunch, I'll certainly check it out.
Best regards.
]]>Only problem being that I'm on a shared connection behind a router which I do not access to, otherwise I'd never have spend money on a VPS.
So if there's a solution to that problem I'm very interested.
Uh oh...a "hostile" network so to speak. Then pagekite might be an option for you to access your system from external:
http://pagekite.net/
They provide some sort of reverse-proxy thingie (sorry, I am not a network guy). By running a simply python script at your local machine you are able to access it under a .pagekite domain from external. Even ssh is possible.
You might want to check their webpage. I think the quickstart provides most of what you can do:
http://pagekite.net/support/quickstart/
zacariaz wrote:If there are other alternatives to DropBox, because it still rather sucks in various areas, I'd very much like to hear about them, but other than that, thanks once again, but no thanks.
For me the most basic "alternative" to DropBox (given you can always use ssh from where you are) simply is sshfs. You can set up a pretty secure ssh Server at home and access it via a dynamic DNS hoster (no-ip, dyndns, etc). Most routers provide the option to refresh your IP at the dyn DNS provider if your ISP changes it.
ssh is pretty versatile. Beside using it for file services you can route http traffic to it or simply access your systems at home.
If you do not like to expose ssh to the outside world there also would be the option to run a chrooted sftp server and use sftpfs as DropBox-alike.Today platforms such as a Raspberry Pi enable you to run power-efficient servers at home without a big power bill.
Software such as OwnCloud IMO go far beyond the sole purpose of serving files.
HTH
D$
Only problem being that I'm on a shared connection behind a router which I do not access to, otherwise I'd never have spend money on a VPS.
So if there's a solution to that problem I'm very interested.
]]>