Are you having trouble connecting to the Internet because you do not configure the proxy setting correctly? Do you feel annoyed because of the presence of the proxy? Did you spend a lot of time figuring out how to configure the proxy? If you have the issues above, I will introduce you to a project, which can let your program connect to the Internet without the need to change the proxy server and configure the proxy. This talk will explain how this project achieves the intention with OVS.
Nowadays, many companies have firewalls and proxies installed for network security reasons. The employee’s packets are examined in order to determine if each packet has potential threats and to check if the connected websites are secure. However, the employment of the proxy server introduces trouble to the employees. Because the user’s computer must have the proxy setting well configured. And the user has to dive into the software manual to find out the way to configure it. This workflow is always time-consuming and unproductive. Even worse, some programs do not even have a way to configure the proxy.
One solution for this is to use the transparent proxy, which will redirect the traffic to the proxy server. Users will not know the existence of the proxy server so users do not bother to configure it. Even though there’s already a solution, however, the IT departments of the companies are not necessarily using the transparent proxy. And that is hard to change in a short time.
Is there a way that users do not have to configure the proxy while IT is not using a transparent proxy? The answer is yes. The solution is to make your normal proxy transparent by using OVS’s packet processing technology to redirect the packets and rewriting the requests. This talk will cover the adoption of the man in the middle (MITM) concept, using OVS to redirect the packet to the MITM, rewriting HTTP and HTTPS requests to the proxy server, the flow design of OVS, and how the packet redirection works.
About James Chen
James Chen is a software engineer in network communication. He developed applications of network management on SDN controller and network virtualization for 5G edge computing platform. He invented a patent for QoS for the SDN system. He corrected defects in the open source SDN controller (OpenDaylight) and open source edge computing platform (OpenNESS). Inspired by the work experience in Hong Kong, he created an open source project and hopes this project can help others who face the same issue.