0

I'm currently writing a Java application where I'm running a primary sever along with a backup one (using VMs). In order to get the backup server to take over as the primary (if the primary crashes) while being completely transparent to the client, I need to get the same application running on both the primary and the backup and both must have the same state.

To do this I have to synchronize the backup with the primary so that it receives the same sequence of packets from the client and sends the same (suppressed) replies. For this I need to get the initial TCP sequence number of the backup to match up with the initial sequence number of the primary.

In order to achieve this I thought of intercepting the packets to and from the backup server and modifying the sequence number in their TCP header so it matches up with that of the primary. Thus I need an application that -

  • Lets me intercept TCP packets on the fly
  • Allows me to modify them and then forward them to their original destination
  • Ensures that the original unmodified packet is dropped
  • Something that can be embedded in Java applications is a huge plus but this isn't a major requirement

Is there any way to achieve this?

Noble Six Taniguchi
  • 189
  • 2
  • 15
  • You can't do this in Java with any package known to me. Everyone will suggest JPcap, but that only lets you capture packets, not modify them. – user207421 Nov 24 '14 at 00:35
  • @EJP Ah that's unfortunate, is there a package for another language that you know of which would do the job? I'm open to using something other than Java if need be. – Noble Six Taniguchi Nov 24 '14 at 00:41
  • There's a C library whose name I misremember which does it. Ports available for most major operating systems. I think it may be the `LibNet` project mentioned [here](http://www.tcpdump.org/related.html). I did some work on JPcap some years ago and I think that's where I noticed this one. – user207421 Nov 24 '14 at 01:04
  • 1
    Is there a reason to not synchronize application state instead? What happens to your backup server's application if one of the replicated/edited packets does not arrive? – cpt_fink Nov 24 '14 at 06:34
  • I agree. I think you're on the wrong track here. You need to look into clustering and load-balancing and failover, not this nitty-gritty stuff. – user207421 Nov 24 '14 at 07:01

1 Answers1

0

To anyone who's facing the same problem, I finally managed to do this using ettercap - http://ettercap.github.io/ettercap/

More specifically, I used the ARP poisoning mode to intercept the packets to and from the server and used a custom ettercap plugin to modify them appropriately

Noble Six Taniguchi
  • 189
  • 2
  • 15