question
- Host 1 can access the external network,
- Host 2 cannot access the external network
- External host wants to access host 2
solve
Create a tunnel between host 1 and host 2.
Do local port forwarding on host 1. You can use ssh to do local port forwarding (forwarding to the remote end).
method:
Execute on (local) host 1
ssh -C -f -N -g -L 10.0.8.3:18888:10.0.8.4:8888 [email protected]
------------------- ------------------ ----------------------------
Host 1 (local) Host 2 (remote) User and address of host 2 (remote)
-C: Compress data transfer.
-f : background authentication user/password, usually used in conjunction with -N, without logging in to the remote host.
-N: Do not execute scripts or commands, usually used in conjunction with -f.
-g : In the -L/-R/-D parameter, the remote host is allowed to connect to the forwarded port established. If this parameter is not added, only the local host is allowed to establish a connection.
-L local port:destination IP:destination port
After the "-L" flag of the ssh local port forwarding command, four parameters can be filled in. The complete format is:
ssh -L [listening interface:] listening port: target host: target port username@hostname
The part in the square brackets of the command, namely The first parameter can be omitted; its default value is generally 0.0.0.0
Access host 1 on the external host
curl 43.138.23.x:18888/[your endpoint]