WinGate Forums

[ChrisH]

What is main difference between mapping and Transparent Redirection and manual redirection? It is easy enough to set up mapping for clients that connect by proxy e.g. map from port 80 to 81 to another proxy server. If I try to do what I think is essentially the same thing by manual redirection in Port security LAN connection to Internet 80 to 127.0.0.1:81 it doesn't work. Should it? Under normal circumstances with TR enabled under Port security it shows a redirect on port 80 (faded out). So I guess there is obviously something different. I hope this isn't a stupid question. If it is, could you TR me to a web site with this info?TIA

[tim]

What is main difference between mapping and Transparent Redirection and manual redirection? It is easy enough to set up mapping for clients that connect by proxy e.g. map from port 80 to 81 to another proxy server. If I try to do what I think is essentially the same thing by manual redirection in Port security LAN connection to Internet 80 to 127.0.0.1:81 it doesn't work. Should it? Under normal circumstances with TR enabled under Port security it shows a redirect on port 80 (faded out). So I guess there is obviously something different. I hope this isn't a stupid question.

Its actually a very smart question...
TR is essentially redirecting to the local machine. It uses the same mechanism as a manual redirection, except that it automates some things - adds smarts to fool the proxies into operation as if the remote client was making a proxy request.
Without these 'fix-ups' the proxies can't get all the info they need to operate (like who to connecto to).
some TR is simple (pop3, www) others (FTP, RTSP) are more complex.
Infact WWW almost works without any smarts at all due to the nature of the protocol.

Tim

[ChrisH]

Thanks for the reply Tim. So if I interpret what you are saying it would mean NAT couldn't be redirected manually without some "smarts" ? Is a mapping then different than a redirection? Is one better than the other? I'm in a questioning mood! TIA.

[adrien]

With a mapping (I take it you mean a TCP Mapping proxy session), a socket listens on the WinGate machine for connections from a client, upon a connection in from a client, a connection is made out, and then any data received from one connection is sent on the other connection. This is all using windows sockets in what is known as ring 3 or user space (where your applications run). Each connection is fairly independently managed by the OS (including buffering, sequencing, timeouts, retries - all the basic TCP stuff). The clients must be configured to connect to the mapping proxy, which is then who they think they are talking to for the duration of the connection.

with NAT, the clients think they are connecting to the end server, and WinGate ENS driver intercepts the packets, and re-writes the addresses. There is no buffering, or re-synchronisation or any TCP control overhead performed, that is left up to the end-points in the single connection. This also goes nowhere near winsock, and takes place entirely in the kernel of the OS. Therefore it is a lot more efficient.

Redirection is like NAT, except that instead of connecting to the end point that the client specified, we forward the packets instead to the location specified in the redirection. This involves changing not only the source address but also the destination address of the packets sent from the client.

Transparent Redirection is a special case of redirection, where the new endpoint is one of WinGate's proxies. In such cases a message is also sent from the driver to WinGate telling WinGate that there is such a connection being redirected, and telling WinGate what the original destination was. WinGate then gives this extra information to the proxy so that it can fulfil the request, since this necessary information would otherwise have been unavailable.