SSH.COM is one of the most trusted brands in cyber security. We help enterprises and agencies solve the security challenges of digital transformation with innovative access management solutions.
Tunneling involves several addresses, as in, for example:
sshg3 -L 2001:[::1]:2002 127.0.0.1
meaning "connect to the default SSH port on
127.0.0.1 and start a tunnel
localhost:2001 which will forward to
sshg3 -R 1234:remotehost:22 username@sshserver
meaning "connect to
sshserver and start a tunnel listening on
localhost:1234 forwarding to
localhost refers to the machine on which the tunnel is being created. In
this case, the
AddressFamily in effect determines whether IPv4 or IPv6 is
listen part of a tunnel follows the same rules with
respect to IP addressing as does listening on the server. The connection end of the tunnel
is defined according to the same rules as any client connection.
There is nothing new to take into account for IPv6 and tunnels apart from the points mentioned for servers and clients. Tunnels can be established in as complex a way as desired and IPv4 and IPv6 can be mixed as wished.
The following examples illustrate some tunnel commands and their effects.
In the examples,
remote1 have both IPv4 and IPv6
remote2 has IPv4 only:
Example 1: Local tunnel with IPv4 and IPv6
local1$ sshg3 -6 -L [::1]:4444:remote2:333 remote1#22422 local1$ netstat -tln tcp 0 0 ::1:4444 :::* LISTEN local1$ sshg3 localhost#4444 remote2$ netstat -a SSHD2 00000010 0.0.0.0..333 0.0.0.0..0 Listen SSHD2 000005FA 172.29.127.227..333 172.29.127.36..1160 Establsh remote1$ netstat -a SSHD22 00000382 Establsh Local Socket: 172.29.127.36..1160 Foreign Socket: 172.29.127.227..333 SSHD25 0000030E Listen Local Socket: ::..22422 Foreign Socket: ::..0 SSHD26 0000037D Establsh Local Socket: fd02:2382:bb5a::36..22422 Foreign Socket: fd02:2382:bb5a::54..44268
Connect to port 22422 on
This will take us to
Example 2: Remote tunnel with IPv4 and IPv6
local1$ sshg3 -R [fd02:2382:bb5a::36]:3333:remote2:333 remote1#22422 remote1$ netstat -c SERVER SSHD21 00000375 Listen Local Socket: fd02:2382:bb5a::36..3333 remote1$ sshg3 -p3333 fd02:2382:bb5a::36 remote2$ netstat -a SSHD2 000005F5 172.29.127.227..333 172.29.127.54..39631 Establsh
The netstat command on
A client on
The netstat command on