Skip to content

Lightning-fast reverse tunneling solution for NAT traversal, optimized for handling massive concurrent connections with tcp, tcpmux and ws support.

License

Notifications You must be signed in to change notification settings

mehranweb/Backhaul

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Backhaul

Welcome to the Backhaul project! This project provides a high-performance reverse tunneling solution optimized for handling massive concurrent connections through NAT and firewalls. This README will guide you through setting up and configuring both server and client components, including details on different transport protocols.


Table of Contents

  1. Introduction
  2. Installation
  3. Usage
  4. Running backhaul as a service
  5. FAQ
  6. License
  7. Donation

Introduction

This project offers a robust reverse tunneling solution to overcome NAT and firewall restrictions, supporting various transport protocols. It’s engineered for high efficiency and concurrency.

Installation

  1. Download the latest release from the GitHub releases page.
  2. Extract the archive and navigate to the extracted directory.
  3. Run the executable as needed. You can also build from source if preferred.

Usage

The main executable for this project is backhaul. It requires a TOML configuration file for both the server and client components.

Configuration Options

To start using the solution, you'll need to configure both server and client components. Here’s how to set up basic configurations:

  • Server Configuration

    Create a configuration file named config.toml:

    [server]# Local, IRAN
    bind_addr = "0.0.0.0:3080" # Address and port for the server to listen (mandatory).
    transport = "tcp"          # Protocol ("tcp", "tcpmux", or "ws", optional, default: "tcp").
    token = "your_token"       # Authentication token (optional).
    keepalive_period = 20      # Specify keep-alive period in seconds. (optional, default: 20 seconds)
    nodelay = false            # Enable TCP_NODELAY (optional, default: false).
    channel_size = 2048        # Tunnel channel size. Excess connections are discarded. Only for tcp and ws mode (optional, default: 2048).
    connection_pool = 8        # Number of pre-established connections. Only for tcp mode (optional, default: 8).
    mux_session = 1            # Number of mux sessions for tcpmux. (optional, default: 1).
    log_level = "info"         # Log level ("panic", "fatal", "error", "warn", "info", "debug", "trace", optional, default: "info").
    
    ports = [ # Local to remote port mapping in this format LocalPort=RemotePort (mandatory).
        "4000=5201",
        "4001=5201",
    ]

    To start the server:

    backhaul -c config.toml
  • Client Configuration

    Create a configuration file named config.toml for the client:

    [client]  # Behind NAT, firewall-blocked
    remote_addr = "0.0.0.0:3080" # Server address and port (mandatory).
    transport = "tcp"            # Protocol ("tcp", "tcpmux", or "ws", optional, default: "tcp").
    token = "your_token"         # Authentication token (optional).
    keepalive_period = 20        # Specify keep-alive period in seconds. (optional, default: 20 seconds)
    nodelay = false              # Use TCP_NODELAY (optional, default: false).
    retry_interval = 1           # Retry interval in seconds (optional, default: 1).
    log_level = "info"           # Log level ("panic", "fatal", "error", "warn", "info", "debug", "trace", optional, default: "info").
    mux_session = 1              # Number of mux sessions for tcpmux. (optional, default: 1).
    
    forwarder = [ # Forward incoming connection to another address. optional.
       "4000=IP:PORT",
       "4001=127.0.0.1:9090",
    ]

    To start the client:

    backhaul -c config.toml

Detailed Configuration

Transport Protocols

You can configure the server and client to use different transport protocols based on your requirements:

  • TCP (tcp): Basic TCP transport, suitable for most scenarios.
  • TCP Multiplexing (tcpmux): Provides multiplexing capabilities to handle multiple sessions over a single connection.
  • WebSocket (ws): Ideal for traversing HTTP-based firewalls and proxies.

TCP Configuration

  • Server:

    [server] # 
    bind_addr = "0.0.0.0:3080"
    transport = "tcp"
    token = "your_token" 
    channel_size = 2048
    connection_pool = 8
    nodelay = true 
    ports = []
  • Client:

    [client]
    remote_addr = "0.0.0.0:3080"
    transport = "tcp"
    token = "your_token" 
    nodelay = true 
  • Details:

    remote_addr: The IPv4, IPv6, or domain address of the server to which the client connects.

    token: An authentication token used to securely validate and authenticate the connection between the client and server within the tunnel.

    channel_size: The queue size for forwarding packets from server to the client. If the limit is exceeded, packets will be dropped.

    connection_pool: Set the number of pre-established connections for better latency.

    nodelay: Refers to a TCP socket option (TCP_NODELAY) that improve the latency but decrease the bandwidth

TCP Multiplexing Configuration

  • Server:

    [server]
    bind_addr = "0.0.0.0:3080"
    transport = "tcpmux"
    token = "your_token" 
    mux_session = 1
    nodelay = true 
    ports = []
  • Client:

    [client]
    remote_addr = "0.0.0.0:3080"
    transport = "tcpmux"
    token = "your_token" 
    mux_session = 1
    nodelay = true 
  • Details:

    mux_session: Number of multiplexed sessions. Increase this if you need to handle more simultaneous sessions over a single connection.

    • Refer to TCP configuration for more information.

WebSocket Configuration

  • Server:

    [server]
    bind_addr = "0.0.0.0:3080"
    transport = "ws"
    token = "your_token" 
    channel_size = 2048
    connection_pool = 8
    nodelay = true 
    ports = []
  • Client:

    [client]
    remote_addr = "0.0.0.0:3080"
    transport = "ws"
    token = "your_token" 
    nodelay = true 
  • Details:

    • Refer to TCP configuration for more information.

Running backhaul as a service

To create a service file for your backhaul project that ensures the service restarts automatically, you can use the following template for a systemd service file. Assuming your project runs a reverse tunnel and the main executable file is located in a certain path, here's a basic example:

  1. Create the service file /etc/systemd/system/backhaul.service:
[Unit]
Description=Backhaul Reverse Tunnel Service
After=network.target

[Service]
Type=simple
ExecStart=/root/backhaul -c /root/config.toml
Restart=always
RestartSec=3
LimitNOFILE=1048576

[Install]
WantedBy=multi-user.target
  1. After creating the service file, enable and start the service:
sudo systemctl daemon-reload
sudo systemctl enable backhaul.service
sudo systemctl start backhaul.service
  1. To verify if the service is running:
sudo systemctl status backhaul.service
  1. View the most recent log entries for the backhaul.service unit:
journalctl -u backhaul.service -e -f

FAQ

Q: How do I decide which transport protocol to use?

  • tcp: Use if you need straightforward TCP connections.
  • tcpmux: Use if you need to handle multiple sessions over a single connection.
  • ws: Use if you need to traverse HTTP-based firewalls or proxies.

License

This project is licensed under the AGPL-3.0 license. See the LICENSE file for details.

Donation

Crypto donation button by NOWPayments

About

Lightning-fast reverse tunneling solution for NAT traversal, optimized for handling massive concurrent connections with tcp, tcpmux and ws support.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 100.0%