Join Log in
Score:0
Mike Ellis avatar Server

IOT http multiplexing through cloud host

us flag
Mike Ellis

I'm exploring the feasibility of multiplexing http service from up to 100 IOT devices thru a single cloud host. The diagram below represents what's desired.

Situation:

  • We have complete control over the configuration of the IOT devices and the cloud host.
  • We don't have control of the customers' routers and firewalls, but can specify minimum requirements for port openings, etc.
  • FWIW, the IOT devices are BeagleBone Black running Debian Buster and the cloud host will be, typically, a multi-core droplet (or similar) running Linux.
  • The IOT's serve dynamic web pages over HTTP. (HTTPS doesn't seem feasible because of certificate requirements and overall load on the IOT cpu.) The cloud host will have HTTPS capability.
  • This is a low-traffic situation. The IOT's report some overall status information (via rsync/ssh) at 4 minute intervals). Access to an IOT's web service will only occur when a user wants to investigate a problem report in more detail. Typically, only one or two users will have access to the cloud server.

Questions:

  1. Are ssh tunnels established from the IOT's to the cloud host suitable for requesting and receiving the web service?
  2. How to identify which tunnel belongs to which IOT?
  3. How to ensure the HTTP from the IOT's is served from the cloud host over HTTPS?

Configuration

46
0 + 3
paladin avatar
id flag
paladin
1. VPN is better suited than SSH. 2. Use unique machine identification files and/or fixed IP adresses. 3. Just use a reverse http proxy?!
0
Reply
Mike Ellis avatar
us flag
Mike Ellis
@paladin I think that's exactly the what my cloud host needs to do. Thanks for providing the right terminology. Is there existing Linux software that can handle this given that the IOT devices don't have routable ip addresses?
0
Reply
paladin avatar
id flag
paladin
openvpn, use it in server mode on your cloudhost and let your IOT connect with openvpn in client mode to it. /etc/machine-id may be used as unique identifer file. apache2 or nginx may be used as reverse proxy.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.