SEANK.H.LIAO

TURN proxy

using TURN relay as a proxy

TURN

Research project for June.

NATs and firewalls are the bane of peer 2 peer (p2p) connections.

terms:

TURN basics

base protocol, 3 different ways, control and data reuse the same socket pairs

 1Client              TURN Relay            Peer
 2  |                      |                  |
 3  |   UDP(TURN(data))    |     UDP(data)    |
 4  | -------------------> | ---------------> |
 5  |                      |                  |
 6
 7Client              TURN Relay            Peer
 8  |                      |                  |
 9  |   TCP(TURN(data))    |     UDP(data)    |
10  | -------------------> | ---------------> |
11  |                      |                  |
12
13Client              TURN Relay            Peer
14  |                      |                  |
15  | TCP(TLS(TURN(data))) |     UDP(data)    |
16  | -------------------> | ---------------> |
17  |                      |                  |
rfc6062, TCP to peer
 1Client              TURN Relay            Peer
 2  |                      |                  |
 3  |  TCP(TURN(control))  |                  |
 4  | -------------------> |                  |
 5  |   TCP(TURN(data))    |     TCP(data)    |
 6  | -------------------> | ---------------> |
 7  |                      |                  |
 8
 9Client                 TURN Relay            Peer
10  |                         |                  |
11  | TCP(TLS(TURN(control))) |                  |
12  | ----------------------> |                  |
13  |  TCP(TLS(TURN(data)))   |     TCP(data)    |
14  | ----------------------> | ---------------> |
15  |                         |                  |

Forwarding

exposing a SOCKS5 interface

uses,

forwarding UDP

Proxy-Relay can also use TCP/TLS

1Client                Proxy           TURN Relay         Peer
2  |                     |                 |               |
3  | TCP(SOCKS(control)) |                 |               |
4  | ------------------> |                 |               |
5  |   UDP(SOCKS(data))  | UDP(TURN(data)) |   UDP(data)   |
6  | ------------------> | --------------> | ------------> |
7  |                     |                 |               |
forwarding TCP

Proxy-Relay can also use TLS

1Client                Proxy             TURN Relay          Peer
2  |                     |                    |               |
3  |                     | TCP(TURN(control)) |               |
4  |                     | -----------------> |               |
5  |   TCP(SOCKS(data))  |  TCP(TURN(data))   |   TCP(data)   |
6  | ------------------> | -----------------> | ------------> |
7  |                     |                    |               |

Reverse

Proxy Reverse - Relay can also use TCP/TLS

udp

1Target     Proxy Reverse             TURN Relay       Proxy Server               Client
2  |              |                        |                  |                     |
3  |              | UDP(TURN(QUIC(hello))) | UDP(QUIC(hello)) |                     |
4  |              | ---------------------> |----------------> |                     |
5  |              |                        |                  | TCP(SOCKS(control)) |
6  |              |                        |                  | <------------------ |
7  |   UDP(data)  | UDP(TURN(QUIC(data)))  | UDP(QUIC(data))  |  UDP(SOCKS(data))   |
8  | <----------- | <--------------------- | <--------------- | <------------------ |

tcp

1Target     Proxy Reverse             TURN Relay       Proxy Server            Client
2  |              |                        |                  |                  |
3  |              | UDP(TURN(QUIC(hello))) | UDP(QUIC(hello)) |                  |
4  |              | ---------------------> |----------------> |                  |
5  |   TCP(data)  | UDP(TURN(QUIC(data)))  | UDP(QUIC(data))  | TCP(SOCKS(data)) |
6  | <----------- | <--------------------- | <--------------- | <--------------- |

Problems