Cisco recently has made a small step to improve ASA and has implemented logical tunnels, what means we got route based VPN! Really? Did we? Not so fast. Yes, we got route based VPN but still we have to add routes manually.
Thanks to this lab with simple topology we will study, how to configure iSCSI protocol in Linux and SAN environment. We gonna pass through iSCSI, Network File System and Server Message Block (SMB) also known as CIFS and at the end of the day we will be able to use resources in SAN connected to the file server by iSCSI from Linux and Windows hosts.
First Hop Redundancy Protocols have been invented for one main reason, providing redundancy for a getaway, but by the occassion they provide load balancing as well. There are 3 FHRP: HSRP, VRRP and GLBP, 2 of them belong to Cisco, VRRP is an opened standard.
Each protocol has to calculate somehow the metric in order to choose the best route. So we have the cost in OSPF, K-values in EIGRP, BGP doesn’t differ from them and also calculate the best route, but the metric of BGP is much more complicated.
Generic Route Encapsulation enables us bulding point to point tunnels. There are 2 kinds of tunnels GRE over IPSEC and IPSEC over GRE. They both work in tunnel mode by default but as we see in a while, work in completely different way.
Logical volume manager is a storage virtualization that allows us easily manage the disk space. Without any problems we can expand, shrink, add disks to the virtual Volume and for the sake of redundancy apply RAID if required.
The one of the biggest issue that we may encounter on during redistribution is routing loop. If suboptimal routing causes latencies and network inefficiency , routing loops causes the loops until TTL value gets decrease to 0, what influence not only on network efficiency but also causes that some part of the network will be inaccessible at all.
The ‘BGP community’ is an additional information (attribute) adding to prefixes, that is being advertised to the BGP neighbors. Based on this information a BGP neighbor can make a decision what else to do with received prefix. For example we may mainpulate attributes, filter routes, etc.
Linux provides 3 levels regarding filesystem security: standard permissions, ACL and SELinux. SELinux handles not only with files permissions but with applications, resources and network ports as well. SELinux may put a ban on an application access to the spicified system files or may not allowed a user changing file permission. What is, how work and how to troubleshoot SELinux, let’s get to know!