tags: - gost categories: - informational comments: true

date: 2021-12-26 00:00:00

DESCRIPTION

gost: getting started

Retries - The number of retries after a failed connection through the proxy chain.

gost: code: chain.go

func (c *Chain) DialContext(ctx context.Context, network, address string, opts ...ChainOption) (conn net.Conn, err error) {
..
..
for i := 0; i < retries; i++ {
                conn, err = c.dialWithOptions(ctx, network, address, options)
                if err == nil {
                        break
                }
        }
..

Test the ‘retry’ parameter on tunnels with a single or multiple failing chain node.

Observations:

When using default ‘Retries 1’, a single failing node will result in 1st attempt always failing. 2nd attempt works. When ‘Retries’ is set to 2, a single failing node in a chain leg will not fail on 1st attempt.

The script below will create a test environment as follows.

Backend echo server - 127.0.0.200:9000 Backend terminating gost tunnel end point for server.

2 legs - chain nodes - 127.1.0.x and 127.2.0.x Can be considered as site 1 and site 2 networks.

Clients: gost terminating end - port 127.0.0.100:9000 Client test: Using netcat to connect to backend server.

ERRORS

VERIFICATION

Create folder Run script. Script will create all scripts required to run tests.

Testing:

mkdir /tmp/t
cd /tmp/t
create-gost-tunnel-test-env
cd /tmp/t
./start-srv-backend-and-chains
cd /tmp/t
./start-client
cd /tmp/t
./client-test
cd /tmp/t
./start-client-leg-1-node-1-fail
cd /tmp/t
./client-test
cd /tmp/t
./start-client-leg-1-node-1-fail-retry-2
cd /tmp/t
./client-test

COMMANDS

#! /bin/bash

rm -rf service client
mkdir service

for i in $(seq 8); do
  mkdir service/$i
done

for i in 1 2 3 4; do
cat >service/$i/run <<EOF
#! /bin/bash
exec gost -L=127.1.0.$i:8443
EOF
done

for i in 5 6 7 8; do
cat >service/$i/run <<EOF
#! /bin/bash
exec gost -L=127.2.0.$i:8443
EOF
done

for i in 1 2 3 4 5 6 7 8; do
  chmod +x service/$i/run
done

mkdir service/srv
cat >service/srv/run<<EOF 
#! /bin/bash
exec nc -vlk 127.0.0.100 9000
EOF

mkdir service/srv_end
cat >service/srv_end/run<<EOF
#! /bin/bash
exec gost -L 127.0.0.100:8443
EOF

chmod +x service/srv_end/run
chmod +x service/srv/run

mkdir client
cat >client/aok.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 1,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.1:8443,127.1.0.2:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.6:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client<<EOF
#! /bin/bash
gost -C client/aok.json
EOF
chmod +x start-client

cat >start-srv-backend-and-chains<<EOF
#! /bin/bash
svscan service
EOF
chmod +x start-srv-backend-and-chains

cat >client-test<<EOF
#! /bin/bash
nc -v 127.0.0.200 9000
EOF
chmod +x client-test

###############################################################################
# simulate mutations to chainnodes
# options: use svc -d
# or restart client with rogue (non-existent chain nodes)
# run client tests again
###############################################################################

# Retries = 1, leg 1, node 1 - fail (add a non-existing node - 127.1.0.11)

cat >client/leg-1-node-1-fail.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 1,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.6:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-fail<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-fail.json
EOF
chmod +x start-client-leg-1-node-1-fail

# Retries = 1, leg 1, node 1, leg 2, node 2 - fail (add a non-existing node in each leg)

cat >client/leg-1-node-1-leg-2-node-2-fail.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 1,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.66:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-leg-2-node-2-fail<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-leg-2-node-2-fail.json
EOF
chmod +x start-client-leg-1-node-1-leg-2-node-2-fail

# Retries = 2, leg 1, node 1 - fail

cat >client/leg-1-node-1-fail-retry-2.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 2,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.6:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-fail-retry-2<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-fail-retry-2.json
EOF
chmod +x start-client-leg-1-node-1-fail-retry-2

# Retries = 2, leg 1, node 1, leg 2, node 2 - fail

cat >client/leg-1-node-1-leg-2-node-2-fail-retry-2.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 2,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.66:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-leg-2-node-2-fail-retry-2<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-leg-2-node-2-fail-retry-2.json
EOF
chmod +x start-client-leg-1-node-1-leg-2-node-2-fail-retry-2

# Retries = 1, leg 1, node 1, leg 2, node 2 - fail - have 2 additional working chain nodes per leg

cat >client/leg-1-node-1-leg-2-node-2-fail-additional-2.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 1,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443,127.1.0.3:8443,127.1.0.4:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.66:8443,127.2.0.7:8443,127.2.0.8:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-leg-2-node-2-fail-additional-2<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-leg-2-node-2-fail-additional-2.json
EOF
chmod +x start-client-leg-1-node-1-leg-2-node-2-fail-additional-2

# Retries = 2, leg 1, node 1, leg 2, node 2 - fail - have 2 additional working chain nodes per leg

cat >client/leg-1-node-1-leg-2-node-2-fail-additional-2-retry-2.json<<EOF
{
  "Debug": false,
  "Routes": [
    {
      "Retries": 2,
      "ServeNodes": [
        "tcp://127.0.0.200:9000/127.0.0.100:9000"
      ],
      "ChainNodes": [
        "socks5://127.1.0.1:8443?ip=127.1.0.11:8443,127.1.0.2:8443,127.1.0.3:8443,127.1.0.4:8443",
        "socks5://127.2.0.5:8443?ip=127.2.0.5:8443,127.2.0.66:8443,127.2.0.7:8443,127.2.0.8:8443",
        "socks5://127.0.0.100:8443"
      ]
    }
  ]
}
EOF

cat >start-client-leg-1-node-1-leg-2-node-2-fail-additional-2-retry-2<<EOF
#! /bin/bash
gost -C client/leg-1-node-1-leg-2-node-2-fail-additional-2-retry-2.json
EOF
chmod +x start-client-leg-1-node-1-leg-2-node-2-fail-additional-2-retry-2

References