HTTP Tunnel¶
HTTP is the most widely used data exchange protocol on the Internet. With the development of the Internet, the protocol has undergone several major version upgrades, from the original HTTP/1 to HTTP/2, and then to the current QUIC-based protocol HTTP/3.
The original HTTP protocol is a request-response interaction method. The client initiates the request actively, and the server sends the processing result back to the client after receiving the request. This method cannot maintain a long connection between the client and the server, so it is difficult to achieve two-way real-time data transmission. In order to realize full-duplex communication, the HTTP protocol has been extended in various ways, such as adding CONNECT method, Websocket extension protocol, HTTP/2 server push and HTTP/3 WebTransport. GOST already supports most of the above functions.
Note
The CONNECT method is used to establish a proxy connection for HTTP. Strictly speaking, it cannot be called a tunnel. However, its essence is to establish a long connection that can communicate in both directions, so it is uniformly regarded as a tunnel here.
HTTP CONNECT MEthod¶
Server
The above is a simplest HTTP proxy service with authentication function.
Client
The client itself is also an HTTP proxy service and forwards the request to the up-stream HTTP proxy service through the forwarding chain.
Plain HTTP Tunnel(pht)¶
The CONNECT method is not supported by all services. In order to be as general as possible, GOST uses the GET and POST methods in the original HTTP protocol to implement data tunnel, including encrypted phts and plaintext pht modes.
Server
Client
Websocket¶
Websocket is an extension protocol added in HTTP/1 for establishing long connections.
Server
Client
Caution
The authentication information here is set for SOCKS5 proxy, and websocket currently does not support authentication settings.
HTTP/2¶
There are two ways to use HTTP/2 in GOST, proxy mode and tunnel mode.
HTTP/2 CONNECT Method¶
HTTP/2 implements proxy mode using the same CONNECT method as HTTP.
Server
Client
HTTP/2 Tunnel¶
HTTP/2 can use encrypted (h2) and plaintext (h2c) modes as a tunnel.
Server
Client
Server Push
GOST does not support the server push function of HTTP/2.
gRPC¶
gRPC is based on HTTP/2, so it has the inherent advantages of HTTP/2 itself. In addition, gRPC naturally supports bidirectional streaming, so it is very suitable as a tunnel.
Server
Client
gRPC uses TLS encryption by default and can communicate in clear text by setting the grpcInsecure
parameter.
Server
Client
HTTP/3¶
The HTTP/3 protocol supports the CONNECT method and the WebTransport method to establish a tunnel.
GOST currently does not support the above two methods, but establishes a tunnel by using PHT on top of HTTP/3
WebTransport
WebTransport is currently in the early draft stage, and GOST will add support for it when the time is right.
Server
Client