Pull a pass from the loopback interface Linuxer and Cisco np/ie who can explode who

Source: Internet
Author: User

Na,np,ie all day will be exposed to loopback interface, they in training, will learn from the book a lot about loopback, a lot of review outline will have a full page of paper will loopback the role of the interface summed up so that people can not help but want to back down.
Linuxer will also come into contact with this interface, but in the name of more than the professional network management, they will call it lo, syllable less a few tones, but in terms of speaking English, actually more laborious ... In any case, there are few letters written on the wording. This group learned about the usage of LO compared to professional na/np/ie, they generally feel that lo is only used to test the availability of the protocol stack, in fact, want to complete the professional network management, Linuxer chance is not generally more, if you know Ipvs principle, Probably know that Lo actually has a lot of use, but linuxer do not need to face too many exams, not good at summarizing into an outline. Linuxer not only know all the usage of lo, but also can even see its principle, its realization, it is enough to explode any despise linuxer of those na/np/ie.
If I say: Ping the address with the source X (this sentence has an implicit thing, that is, you have to get a loopback, the source you want to bring up, but if you say it out, it appears layman). You must think I am a na/np/ie, because for linuxer, there is no "with the source" such as the saying, nor often use this, usually directly ping, not through the stare ... With the source Ping, the general will be configured on the network card, and then with a iproute2 with a src (compared to source, but also a shorthand) route, even if this is not known to everyone, in fact, many people do not know what the route with SRC is exactly what ... A very simple thing on Cisco, it's so troublesome to get to Linux. For Linuxer, if you really need to bring a source ping such a usage, you can write one yourself, this saying out, wouldn't KO drop any ciscoer? Wait, it's not over yet, I'm configuring the source on the Lo port how to:
ip a dev lo 1.2.3.4/32
IP r a 4.3.2.1/32 via 172.17.176.1 src 1.2.3.4
...

You know what this is? If the address 1.2.3.4 is hidden behind this linux box, then the above configuration is sufficient to verify the connectivity of 1.2.3.4 to the target 4.3.2.1 from the Linux box to the 4.3.2.1 zone. What if you set the address mask for Lo to 24 bits:
ip a dev lo 1.2.3.4/24
In this case, the SRC parameter in the route with SRC will be able to write any address in the paragraph, even if it is not configured at all on the local interface, such as:
IP R a 4.3.2.1/32 via 172.17.176.1 src 1.2.3.100
At this point, although 1.2.3.100 is not on this machine, ping or the same, this conclusion is wonderful? In fact, it is not wonderful to know the IP routing concept and the Linux ICMP implementation (no socket lookup required!) No exact match) people know, if you explain in detail, is not to achieve two explosion effect? Then, in detail the implementation of the protocol stack, three explosions!
And then the netfilter, four explosions! Hash routing table organization, Trie algorithm, five explosions! L2tpvpn,ipsec, six explosions (note, has invaded the field of professional network management ...)! High-speed routing board, LC ... Seven explosions! Dijkstra Shortest path, OSPF, ... I will not mention Nat,openvpn,tcp,ssl, ...
Many people will be equipped with a CISCO/H3C router, I am so insolent, understand VPN? Do you know SSL? Do you know the TCP window? Nothing but the IP layer wandering around, pacing a few staggered pace just. We know that the content of the IP layer said much less, but on a single point is very simple, its complexity lies in the mix of all the nodes to reflect the time, therefore, the complexity of the IP in the topology planning, not the single-machine configuration, if you master, you have to do in the topology of dynamic changes can still grasp the essence, Rather than crackling a bunch of commands, with a source NAT to be a long and straight after the crackling, in fact, 80% knock is all?
But wait a minute, what do you say to professional network netfilter? They don't understand, that's for sure, but what can they do? NetFilter is not exclusive, anyone who is interested can master it, but not everyone can touch the Cisco device, even if you can touch, without those certificates you also have no right to go into the spectacular room to knock the question mark, therefore, Cisco itself is exclusive. So, people are not insolent to give you the strength to dazzle technology, others dazzle is ace. Can you get into the telecom room? You can hit a question mark in the data center. Someone else is a certified card-stamp, do you? Anyway, I am afraid of the fresh and bloody examination room, this life I want to stay away from, so any thing, if finally pulled the exam, for me, withdrew for the

Pull a linuxer from the loopback interface and Cisco Np/ie who can burst who?

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.