When transferring data across a WAN under less than optimal network conditions such as high latency, dropped or out of order packets can result in slow transfer speeds. Some operating systems such as Ubuntu Linux are adept at automatically compensating for some network issues, but others for example IBM i are not. One soluition to improve IBM i transfer speeds in these cases is to use a Linux based proxy (SOCKS 4) between the initiating and recieving endpoints.
Dante Server is a widely used, free proxy solution that Skytap has found in most cases to improve WAN transfer speeds significantly.
SOCKS client requirement
To direct traffic to a SOCKS server, requires the initiating machine have a SOCKS client. Some applications such as some browsers and FTP applications have SOCKS clients built in. Specifically for IBM i, the operating system itself has a built in SOCKS client that can control what traffic is sent to a SOCKS server.
Example installation and configuration
The following is an example of installing and configuring Dante Server on Ubuntu 20.04 Server from the Ubuntu repositories.
Step 1: Update Ubuntu and install Dante Server
$ sudo apt -y update
$ sudo apt -y upgrade
$ sudo apt -y install dante-server
Step 2: Edit the Dante Server configuration file
$ sudo vi /etc/danted.conf
# The following is a working configuration file.
# There are many more options that can be found on Dantes official site (https://www.inet.no/dante/)
# Example configuration file:
##### LOGGING #####
logoutput: /var/log/sockd.log
##### INCOMMING INTERFACE/IP #####
# NOTE: "internal" is the inbound data interface or IP, of this proxy server (port 1080 is SOCKS default
internal: ens160 port = 1080
##### OUTGOING INTERFACE/IP #####
# NOTE: "external" is the outbound data interface or IP, of this proxy server (port 1080 is SOCKS default)
external: ens160
##### AUTHENTICATION #####
# NOTE: "none" allows anyone to connect
# NOTE: The client built into IBM i only supports SOCKS 4, without authentication
socksmethod: none
clientmethod: none
##### SERVER IDENTITY #####
# NOTE: Users the server will run under
# NOTE: When installing from repo, user "proxy" is automatically created
user.privileged: proxy
user.unprivileged: nobody
user.libwrap: nobody
##### WHATS ALLOWED FROM CLIENTS #####
# NOTE: Allow everything from all clients (aka from the IBM i)
# NOTE: After initial setup and verification, to prevent the proxy log from growing rapidly, the "connect" and "disconnect" statements can be removed
client pass {
from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0
log: error connect disconnect
}
###### WHATS ALLOWED INTO THE SOCKS SERVER #####
# NOTE: Allow everything into the SOCKS, and everything out of the SOCKS
# NOTE: After initial setup and verification, to prevent the proxy log from growing rapidly, the "connect" and "disconnect" statements can be removed
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
command: connect
log: error connect disconnect
protocol: tcp
}
##### ROUTE CONNECTIONS TO ANOTHER SOCKS SERVER #####
# NOTE: Optionally, use this section forwards SOCKS traffic to another SOCKS server
# NOTE: Via: IP of another SOCKs server to connect to
# NOTE: Protocol: Dante 1.4.3 and lower only supports TCP when forwarding to another SOCKS
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 172.16.0.1 port = 1080
proxyprotocol: socks_v4
command: connect
protocol: tcp
method: none
}
Managing Dante Server
Enable Dante at boot: $ sudo systemctl enable danted.service
Disable Dante at boot: $ sudo systemctl disable danted.service
See Dante status: $ sudo systemctl status danted.service
Start Dante: $ sudo systemctl start danted.service
Stop Dante: $ sudo systemctl stop danted.service
Dante Server file path reference
Configuration file: /etc/danted.conf
Log file: /var/log/sockd.log
Service file: /lib/systemd/system/danted.service
Comments
0 comments
Article is closed for comments.