{"id":475619,"date":"2026-04-12T13:00:19","date_gmt":"2026-04-12T13:00:19","guid":{"rendered":"https:\/\/savepearlharbor.com\/?p=475619"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-29T21:00:00","slug":"","status":"publish","type":"post","link":"https:\/\/savepearlharbor.com\/?p=475619","title":{"rendered":"\u041d\u0430\u0434\u0443\u043c\u0430\u043d\u043d\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b"},"content":{"rendered":"<div xmlns=\"http:\/\/www.w3.org\/1999\/xhtml\">\n<p>\u0416\u0438\u043b-\u0431\u044b\u043b \u044f. \u0418 \u0431\u044b\u043b \u0443 \u044d\u0442\u043e\u0433\u043e &#171;\u044f&#187; \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0443\u043b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u041d\u043e \u043f\u0440\u0438\u0448\u043b\u043e \u0432\u0440\u0435\u043c\u044f, \u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u043e\u0441\u043e\u0437\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0443 \u043c\u043e\u0435\u0433\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 (\u043f\u0443\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0421) \u043d\u0435 \u0432\u0441\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u043c\u043d\u0435 \u043d\u0440\u0430\u0432\u044f\u0442\u0441\u044f. \u0410 \u0432\u043e\u0442 \u0443 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 (\u043f\u0443\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0412) \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u043e\u043a \u043f\u043e\u0432\u043a\u0443\u0441\u043d\u0435\u0435. \u0418 \u0437\u0430\u043c\u044b\u0441\u043b\u0438\u043b \u044f \u043d\u0435\u043b\u0430\u0434\u043d\u043e\u0435. \u042f \u0440\u0435\u0448\u0438\u043b \u0440\u0430\u0437\u043d\u0435\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043c\u0435\u0436\u0434\u0443 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c\u0438. \u041d\u043e \u044d\u0442\u0443, \u0442\u0430\u043a \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u0440\u0443, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u043a\u043e\u043c\u043c\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0433\u043e\u043d\u044f\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u044b &#8212; \u0434\u0443\u0440\u043d\u0430\u044f \u0437\u0430\u0442\u0435\u044f. \u0418 \u0440\u043e\u0434\u0438\u043b\u0441\u044f \u0443 \u043c\u0435\u043d\u044f \u043f\u043b\u0430\u043d. \u0414\u0430\u0436\u0435 \u043d\u0435 \u043f\u043b\u0430\u043d, \u0430 \u041f\u041b\u0410\u0410\u0410\u0410\u041d!!! \u0418 \u0441\u043b\u0435\u0434\u043e\u043c \u044d\u0442\u0430 \u0441\u0442\u0430\u0442\u044c\u044f. \u041f\u0440\u0435\u0434\u0432\u043e\u0441\u0445\u0438\u0449\u0430\u044f \u0432\u043e\u043f\u0440\u043e\u0441: &#171;\u041f\u043e\u0447\u0435\u043c\u0443 \u043d\u0435 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 VPN?&#187;, \u043e\u0442\u0432\u0435\u0447\u0443: \u044d\u0442\u043e, \u0432\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0441\u043a\u0443\u0447\u043d\u043e, \u0432\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, \u043d\u0435 \u043f\u043e\u0434\u043b\u0435\u0436\u0438\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438, \u0432-\u0442\u0440\u0435\u0442\u044c\u0438\u0445, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f VPN \u043d\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u0435\u043d \u0432\u0432\u0438\u0434\u0443 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a.<\/p>\n<p>Disclaimer! \u0426\u0435\u043b\u044c \u0441\u0442\u0430\u0442\u044c\u0438 &#8212; \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u0430\u043d\u0430\u043b\u044b \u0441\u0432\u044f\u0437\u0438. \u0421\u0442\u0430\u0442\u044c\u044f \u043d\u0435 \u0441\u0442\u0430\u0432\u0438\u0442 \u0446\u0435\u043b\u044c\u044e \u043e\u043f\u0438\u0441\u0430\u0442\u044c \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a \u0438 \u043e\u0441\u0443\u0436\u0434\u0430\u0435\u0442 (\u0445\u043e\u0442\u044c \u0438 \u043d\u0435\u0438\u0441\u043a\u0440\u0435\u043d\u043d\u0435) \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438.<\/p>\n<p>\u0418\u0442\u0430\u043a. \u0427\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u0435\u043c?<\/p>\n<p>\u0414\u043e\u043f\u0443\u0441\u0442\u0438\u043c, \u0432 \u0414\u04261 (\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0421) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:<\/p>\n<ul>\n<li>\n<p>\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445<\/p>\n<\/li>\n<li>\n<p>\u0411\u0435\u043a\u0430\u043f\u044b<\/p>\n<\/li>\n<li>\n<p>\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 192.0.2.135 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 eth0<\/p>\n<\/li>\n<\/ul>\n<p>\u0412 \u0414\u04262 (\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0412) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:<\/p>\n<ul>\n<li>\n<p>\u041a\u0430\u043a\u043e\u0439-\u0442\u043e \u0441\u0430\u0439\u0442<\/p>\n<\/li>\n<li>\n<p>\u0411\u0435\u043a\u0430\u043f\u044b<\/p>\n<\/li>\n<li>\n<p>\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 198.51.100.75 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 ens1<\/p>\n<\/li>\n<\/ul>\n<figure class=\"\"><img decoding=\"async\" src=\"https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/1d1\/052\/225\/1d1052225279bb3519c03c35dbc74049.png\" alt=\"\u0412\u043e\u0442 \u0442\u0430\u043a \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u0445\u0435\u043c\u0430\" title=\"\u0412\u043e\u0442 \u0442\u0430\u043a \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u0445\u0435\u043c\u0430\" width=\"336\" height=\"76\" sizes=\"auto, (max-width: 780px) 100vw, 50vw\" srcset=\"https:\/\/habrastorage.org\/r\/w780\/getpro\/habr\/upload_files\/1d1\/052\/225\/1d1052225279bb3519c03c35dbc74049.png 780w,&#10;       https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/1d1\/052\/225\/1d1052225279bb3519c03c35dbc74049.png 781w\" loading=\"lazy\" decode=\"async\"\/><\/p>\n<div><figcaption>\u0412\u043e\u0442 \u0442\u0430\u043a \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u0445\u0435\u043c\u0430<\/figcaption><\/div>\n<\/figure>\n<p>\u041d\u0430\u0447\u043d\u0451\u043c \u0441\u0442\u0440\u0430\u0448\u043d\u0443\u044e \u043c\u0430\u0433\u0438\u044e. \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0443\u0436\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043e\u0431\u0430 \u0414\u0426 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0430\u043d\u0430\u043b\u0430\u043c \u0441\u0432\u044f\u0437\u0438. \u042f \u0432\u044b\u0431\u0440\u0430\u043b\u00a0<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc7348\" rel=\"noopener noreferrer nofollow\">vxlan<\/a>. \u0427\u0443\u0442\u044c \u043f\u043e\u043f\u043e\u0437\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443, \u043f\u043e\u0447\u0435\u043c\u0443 \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0433\u043e.<\/p>\n<p>\u0414\u04261:<\/p>\n<pre><code class=\"bash\">sudo ip link add vxlan0 type vxlan id 1 dstport 4789 dev eth0sudo ip link set vxlan0 upsudo ip link set vxlan0 address de:ad:be:ef:00:01sudo bridge fdb append to 00:00:00:00:00:00 dst 198.51.100.75 dev vxlan0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:87px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0414\u04262:<\/p>\n<pre><code class=\"bash\">sudo ip link add vxlan0 type vxlan id 1 dstport 4789 dev ens1sudo ip link set vxlan0 upsudo ip link set vxlan0 address de:ad:be:ef:00:02sudo bridge fdb append to 00:00:00:00:00:00 dst 192.0.2.135 dev vxlan0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u041c\u0430\u043a \u0430\u0434\u0440\u0435\u0441 \u0437\u0430\u0434\u0430\u043d \u043f\u0440\u043e\u0441\u0442\u043e \u0442\u0430\u043a, \u043d\u043e \u044f \u043e\u0447\u0435\u043d\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u0437\u0430\u0434\u0430\u0432\u0430\u0442\u044c \u0435\u0433\u043e \u0432\u0440\u0443\u0447\u043d\u0443\u044e, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u043f\u043e\u0438\u043c\u0435\u0442\u044c \u0432\u0435\u0441\u0435\u043b\u044c\u044f \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.<\/p>\n<p>\u0415\u0441\u043b\u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u0442\u044c \u043d\u0430 \u044d\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b ip \u0430\u0434\u0440\u0435\u0441\u0430, \u0442\u043e \u0441\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u043e\u0449\u0443\u0442\u0438\u0442\u044c \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u044f\u0432\u043d\u043e. \u0412 tcpdump \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u044f\u0432\u043d\u044b\u0439 vxlan \u0442\u0440\u0430\u0444\u0444\u0438\u043a:<\/p>\n<p>ICMP:<\/p>\n<pre><code>In  IP (tos 0x0, ttl 64, id 28479, offset 0, flags [none], proto UDP (17), length 134)    192.0.2.135.33821 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 11502, offset 0, flags [DF], proto ICMP (1), length 84)    10.255.255.1 &gt; 10.255.255.2: ICMP echo request, id 4, seq 1, length 64...IP (tos 0x0, ttl 63, id 28479, offset 0, flags [none], proto UDP (17), length 134)    192.0.2.135.33821 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 11502, offset 0, flags [DF], proto ICMP (1), length 84)    10.255.255.1 &gt; 10.255.255.2: ICMP echo request, id 4, seq 1, length 64...IP (tos 0x0, ttl 64, id 8166, offset 0, flags [none], proto UDP (17), length 134)    198.51.100.75.52381 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 48699, offset 0, flags [none], proto ICMP (1), length 84)    10.255.255.2 &gt; 10.255.255.1: ICMP echo reply, id 4, seq 1, length 64...IP (tos 0x0, ttl 63, id 8166, offset 0, flags [none], proto UDP (17), length 134)    198.51.100.75.52381 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 48699, offset 0, flags [none], proto ICMP (1), length 84)    10.255.255.2 &gt; 10.255.255.1: ICMP echo reply, id 4, seq 1, length 64<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>SSH:<\/p>\n<pre><code>In  IP (tos 0x0, ttl 64, id 33722, offset 0, flags [none], proto UDP (17), length 110)    192.0.2.135.54311 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x10, ttl 64, id 3431, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.1.52204 &gt; 10.255.255.2.22: Flags [S], cksum 0x2400 (correct), seq 1922400959, win 64860, options [mss 1410,sackOK,TS val 538325349 ecr 0,nop,wscale 7], length 0Out IP (tos 0x0, ttl 63, id 33722, offset 0, flags [none], proto UDP (17), length 110)    192.0.2.135.54311 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x10, ttl 64, id 3431, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.1.52204 &gt; 10.255.255.2.22: Flags [S], cksum 0x2400 (correct), seq 1922400959, win 64860, options [mss 1410,sackOK,TS val 538325349 ecr 0,nop,wscale 7], length 0In  IP (tos 0x0, ttl 64, id 19783, offset 0, flags [none], proto UDP (17), length 110)    198.51.100.75.48800 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.2.22 &gt; 10.255.255.1.52204: Flags [S.], cksum 0x645e (correct), seq 2242386131, ack 1922400960, win 64308, options [mss 1410,sackOK,TS val 1891742331 ecr 538325349,nop,wscale 7], length 0Out IP (tos 0x0, ttl 63, id 19783, offset 0, flags [none], proto UDP (17), length 110)    198.51.100.75.48800 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.2.22 &gt; 10.255.255.1.52204: Flags [S.], cksum 0x645e (correct), seq 2242386131, ack 1922400960, win 64308, options [mss 1410,sackOK,TS val 1891742331 ecr 538325349,nop,wscale 7], length 0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<figure class=\"\"><img decoding=\"async\" src=\"https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/611\/250\/2d4\/6112502d4452f9d2e11353d8ad341041.png\" alt=\"\u0421\u0445\u0435\u043c\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0442\u0430\u043a\" title=\"\u0421\u0445\u0435\u043c\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0442\u0430\u043a\" width=\"442\" height=\"76\" sizes=\"auto, (max-width: 780px) 100vw, 50vw\" srcset=\"https:\/\/habrastorage.org\/r\/w780\/getpro\/habr\/upload_files\/611\/250\/2d4\/6112502d4452f9d2e11353d8ad341041.png 780w,&#10;       https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/611\/250\/2d4\/6112502d4452f9d2e11353d8ad341041.png 781w\" loading=\"lazy\" decode=\"async\"\/><\/p>\n<div><figcaption>\u0421\u0445\u0435\u043c\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0442\u0430\u043a<\/figcaption><\/div>\n<\/figure>\n<p>\u0412\u0441\u0451 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0445\u043e\u0440\u043e\u0448\u043e. \u0421\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u044c \u0435\u0441\u0442\u044c&#8230; \u041d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0430\u043a-\u0442\u043e \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u041c\u043d\u0435 \u044d\u0442\u043e \u043d\u0435 \u043d\u0440\u0430\u0432\u0438\u0442\u0441\u044f. \u041c\u043e\u0436\u043d\u043e \u043e\u0431\u043c\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0434\u043e \u0443\u0448\u0435\u0439 TLS, \u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u043d\u0430\u0448 \u043c\u0435\u0442\u043e\u0434. \u0412\u0435\u0434\u044c \u043d\u0435 \u043d\u0430\u0448 \u0436\u0435, \u0434\u0430? \u0417\u043d\u0430\u0447\u0438\u0442, \u043d\u0430\u0434\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c. \u041d\u0430 \u0443\u043c \u043f\u0440\u0438\u0448\u043b\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435:\u00a0<a href=\"https:\/\/1.ieee802.org\/security\/802-1ae\/\" rel=\"noopener noreferrer nofollow\">MacSec<\/a>. \u0427\u0435\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0445\u043e\u0440\u043e\u0448? \u0422\u0435\u043c, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u044b\u0439 \u043f\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u043f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u044f\u0435\u0442\u0441\u044f MAC \u0430\u0434\u0440\u0435\u0441\u0443, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442 \u0431\u043e\u043b\u0435\u0435-\u043c\u0435\u043d\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0435\u043d. \u0412 \u0447\u0451\u043c \u0438\u0434\u0435\u044f? \u041f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 vxlan \u0442\u0443\u043d\u043d\u0435\u043b\u044c \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u0438\u043c. \u041f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0435\u043c:<\/p>\n<p>\u0414\u04261:<\/p>\n<pre><code class=\"bash\">sudo ip link add link vxlan0 macsec0 type macsec encrypt onsudo ip macsec add macsec0 tx sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip link set macsec0 upsudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1 sa 0 pn 1 on key 02 fedcba9876543210fedcba9876543210sudo ip address add 192.168.255.1\/24 dev macsec0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0414\u04262:<\/p>\n<pre><code class=\"bash\">sudo ip link add link vxlan0 macsec0 type macsec encrypt onsudo ip macsec add macsec0 tx sa 0 pn 1 on key 02 fedcba9876543210fedcba9876543210sudo ip link set macsec0 upsudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1 sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip address add 192.168.255.2\/24 dev macsec0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0427\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u0435\u043c?<\/p>\n<p>\u0412\u0435\u0441\u044c \u0442\u0440\u0430\u0444\u0444\u0438\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0434\u0451\u0442 \u043f\u043e vxlan \u0443 \u043d\u0430\u0441 \u043d\u0430\u0434\u0451\u0436\u043d\u043e \u0437\u0430\u0449\u0438\u0449\u0451\u043d \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c. \u0425\u043e\u0440\u043e\u0448\u043e \u0436\u0435! \u0414\u0430\u0436\u0435 tcpdump \u0440\u0430\u0434\u0443\u0435\u0442:<\/p>\n<pre><code>In  IP (tos 0x0, ttl 64, id 52234, offset 0, flags [none], proto UDP (17), length 166)    192.0.2.135.48609 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:01 &gt; de:ad:be:ef:00:02 802.1AE MACsec, an 0, pn 21, flags ECI, sci deadbeef00010001,        0x0000:  72d9 d31f ade5 9be7 25e3 f9d0 06e5 0774  r.......%......t        0x0010:  7f90 41e7 bf12 b12c 9bd9 06b8 7fde 27c2  ..A....,......'.        0x0020:  1672 3666 9f1b f43f 5dc1 92ca 39c3 bbc5  .r6f...?]...9...        0x0030:  8f27 e3ea 810c 9394 99a5 edc6 64ea 446c  .'..........d.Dl        0x0040:  12ed 6eaa e467 aa2c 751d 4afc 88f4 fcbd  ..n..g.,u.J.....        0x0050:  29ab 1748 0510 c1cd 32a8 3fa8 499b 9f3a  )..H....2.?.I..:        0x0060:  3e32 aec3 1b63                           &gt;2...cOut IP (tos 0x0, ttl 63, id 52234, offset 0, flags [none], proto UDP (17), length 166)    192.0.2.135.48609 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:01 &gt; de:ad:be:ef:00:02 802.1AE MACsec, an 0, pn 21, flags ECI, sci deadbeef00010001,        0x0000:  72d9 d31f ade5 9be7 25e3 f9d0 06e5 0774  r.......%......t        0x0010:  7f90 41e7 bf12 b12c 9bd9 06b8 7fde 27c2  ..A....,......'.        0x0020:  1672 3666 9f1b f43f 5dc1 92ca 39c3 bbc5  .r6f...?]...9...        0x0030:  8f27 e3ea 810c 9394 99a5 edc6 64ea 446c  .'..........d.Dl        0x0040:  12ed 6eaa e467 aa2c 751d 4afc 88f4 fcbd  ..n..g.,u.J.....        0x0050:  29ab 1748 0510 c1cd 32a8 3fa8 499b 9f3a  )..H....2.?.I..:        0x0060:  3e32 aec3 1b63                           &gt;2...cIn  IP (tos 0x0, ttl 64, id 22307, offset 0, flags [none], proto UDP (17), length 166)    198.51.100.75.56215 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:02 &gt; de:ad:be:ef:00:01 802.1AE MACsec, an 0, pn 25, flags ECI, sci deadbeef00020001,        0x0000:  5852 16a6 d772 da3a 96cc 04ce ebe9 06e0  XR...r.:........        0x0010:  bf31 f5c2 3c8b 798e 05e8 5bc4 b9a7 5d7d  .1..&lt;.y...[...]}        0x0020:  1911 9a79 a339 1fbf 49b9 7833 858b a76a  ...y.9..I.x3...j        0x0030:  910c 8a56 8811 ba0b 61d9 d38f a17a 73f6  ...V....a....zs.        0x0040:  843d 5e5b 2df8 57d8 3713 8381 890a da79  .=^[-.W.7......y        0x0050:  e073 75cc cfab 3ab2 0991 1684 72fe 743a  .su...:.....r.t:        0x0060:  a75c fe36 266e                           .\\.6&amp;nOut IP (tos 0x0, ttl 63, id 22307, offset 0, flags [none], proto UDP (17), length 166)    198.51.100.75.56215 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:02 &gt; de:ad:be:ef:00:01 802.1AE MACsec, an 0, pn 25, flags ECI, sci deadbeef00020001,        0x0000:  5852 16a6 d772 da3a 96cc 04ce ebe9 06e0  XR...r.:........        0x0010:  bf31 f5c2 3c8b 798e 05e8 5bc4 b9a7 5d7d  .1..&lt;.y...[...]}        0x0020:  1911 9a79 a339 1fbf 49b9 7833 858b a76a  ...y.9..I.x3...j        0x0030:  910c 8a56 8811 ba0b 61d9 d38f a17a 73f6  ...V....a....zs.        0x0040:  843d 5e5b 2df8 57d8 3713 8381 890a da79  .=^[-.W.7......y        0x0050:  e073 75cc cfab 3ab2 0991 1684 72fe 743a  .su...:.....r.t:        0x0060:  a75c fe36 266e                           .\\.6&amp;n<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0422\u043e \u0435\u0441\u0442\u044c \u043c\u044b \u0432\u0438\u0434\u0438\u043c, \u0447\u0442\u043e \u0447\u0442\u043e-\u0442\u043e \u0445\u043e\u0434\u0438\u0442, \u0430 \u0447\u0442\u043e &#8212; \u043d\u0435 \u044f\u0441\u043d\u043e. \u042f\u0441\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e, \u0447\u0442\u043e \u044d\u0442\u043e macsec. \u0418, \u043f\u043b\u044e\u0441\u043e\u043c, \u044d\u0442\u043e L2!<\/p>\n<figure class=\"\"><img decoding=\"async\" src=\"https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/94d\/907\/1a7\/94d9071a703ebf13825c24c8b1037596.png\" alt=\"\u0410 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u043e\u0442 \u0442\u0430\u043a\" title=\"\u0410 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u043e\u0442 \u0442\u0430\u043a\" width=\"284\" height=\"300\" sizes=\"auto, (max-width: 780px) 100vw, 50vw\" srcset=\"https:\/\/habrastorage.org\/r\/w780\/getpro\/habr\/upload_files\/94d\/907\/1a7\/94d9071a703ebf13825c24c8b1037596.png 780w,&#10;       https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/94d\/907\/1a7\/94d9071a703ebf13825c24c8b1037596.png 781w\" loading=\"lazy\" decode=\"async\"\/><\/p>\n<div><figcaption>\u0410 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u043e\u0442 \u0442\u0430\u043a<\/figcaption><\/div>\n<\/figure>\n<p>\u0410 \u0434\u0430\u043b\u044c\u0448\u0435 \u0447\u0442\u043e? \u0410 \u0435\u0441\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u043d\u043e\u0432\u044b\u0439 \u0414\u0426? \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043e\u043c\u0430\u0448\u043d\u044e\u044e \u0438\u043d\u0444\u0440\u0443?<\/p>\n<p>\u0412 \u0414\u04263 (\u0434\u043e\u043c\u0430\u0448\u043d\u044f\u044f \u043b\u0430\u0431\u0430) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:<\/p>\n<ul>\n<li>\n<p>\u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433<\/p>\n<\/li>\n<li>\n<p>\u0411\u0435\u043a\u0430\u043f\u044b<\/p>\n<\/li>\n<li>\n<p>\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 203.0.113.52 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 enp3s0<\/p>\n<\/li>\n<\/ul>\n<p>\u0427\u0442\u043e \u0436. \u0422\u0443\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u043b\u0435\u0441\u0442\u044c vxlan. \u041d\u0435\u0442 \u043d\u0443\u0436\u0434\u044b \u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0435\u0449\u0451 \u043e\u0434\u0438\u043d \u0442\u0443\u043d\u043d\u0435\u043b\u044c \u0432 \u043a\u0430\u0436\u0434\u043e\u043c \u0414\u0426! \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0438\u0440\u0430 \u043a \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 vxlan \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0432\u0441\u0435\u043c \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043a\u043b\u044e\u0447\u0438 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f:<\/p>\n<p>\u0414\u04263<\/p>\n<pre><code class=\"bash\">sudo ip link add vxlan0 type vxlan id 1 dstport 4789 dev enp3s0sudo ip link set vxlan0 upsudo bridge fdb append to 00:00:00:00:00:00 dst 198.51.100.75 dev vxlan0sudo bridge fdb append to 00:00:00:00:00:00 dst 192.0.2.135 dev vxlan0sudo ip link add link vxlan0 macsec0 type macsec encrypt onsudo ip macsec add macsec0 tx sa 0 pn 1 on key 03 abcdef0123456789abcdef0123456789sudo ip link set macsec0 upsudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1 sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1 sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1 sa 0 pn 1 on key 02 fedcba9876543210fedcba9876543210sudo ip address add 192.168.255.3\/24 dev macsec0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0414\u04261<\/p>\n<pre><code class=\"bash\">sudo bridge fdb append to 00:00:00:00:00:00 dst 203.0.113.52 dev vxlan0sudo ip macsec add macsec0 rx address de:ad:be:ef:00:03 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:03 port 1 sa 0 pn 1 on key 03 abcdef0123456789abcdef0123456789<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0414\u04262<\/p>\n<pre><code class=\"bash\">sudo bridge fdb append to 00:00:00:00:00:00 dst 203.0.113.52 dev vxlan0sudo ip macsec add macsec0 rx address de:ad:be:ef:00:03 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:03 port 1 sa 0 pn 1 on key 03 abcdef0123456789abcdef0123456789<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0418 &#8212; \u0422\u0410\u0414\u0410\u041c! \u0412\u0441\u0451 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442! \u041f\u043e\u043b\u0443\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0432 \u0441\u0432\u044f\u0437\u043a\u0443 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u0443\u0437\u043b\u043e\u0432 \u0431\u0435\u0437 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 \u0437\u0430\u043c\u043e\u0440\u043e\u0447\u0435\u043a!<\/p>\n<figure class=\"\"><img decoding=\"async\" src=\"https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/fdd\/72a\/17e\/fdd72a17ef991abd5412a4f10ad3b3c0.png\" alt=\"\u0423\u0445! \u041a\u0430\u043a \u0445\u043e\u0440\u043e\u0448\u043e!\" title=\"\u0423\u0445! \u041a\u0430\u043a \u0445\u043e\u0440\u043e\u0448\u043e!\" width=\"318\" height=\"418\" sizes=\"auto, (max-width: 780px) 100vw, 50vw\" srcset=\"https:\/\/habrastorage.org\/r\/w780\/getpro\/habr\/upload_files\/fdd\/72a\/17e\/fdd72a17ef991abd5412a4f10ad3b3c0.png 780w,&#10;       https:\/\/habrastorage.org\/r\/w1560\/getpro\/habr\/upload_files\/fdd\/72a\/17e\/fdd72a17ef991abd5412a4f10ad3b3c0.png 781w\" loading=\"lazy\" decode=\"async\"\/><\/p>\n<div><figcaption>\u0423\u0445! \u041a\u0430\u043a \u0445\u043e\u0440\u043e\u0448\u043e!<\/figcaption><\/div>\n<\/figure>\n<p>\u041f\u043e\u0439\u0434\u0451\u043c \u0434\u0430\u043b\u044c\u0448\u0435! \u0410 \u0442\u0435\u043f\u0435\u0440\u044c \u044f \u0445\u043e\u0447\u0443, \u0447\u0442\u043e\u0431\u044b \u0431\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0414\u04261 \u0431\u044b\u043b\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u0431\u0435\u0437 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u043e\u0432, \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u043e \u0441\u0435\u0442\u0435\u0432\u043e\u043c\u0443 \u0430\u0434\u0440\u0435\u0441\u0443. \u041f\u043e\u043f\u0440\u043e\u0431\u0443\u0435\u043c! \u041f\u0443\u0441\u0442\u044c \u0432 \u0414\u04261 \u0435\u0441\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044f\u044f \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0441\u0435\u0442\u044c. \u041d\u0438\u0447\u0435\u0433\u043e \u0441\u0442\u0440\u0430\u0448\u043d\u043e\u0433\u043e. \u042d\u0442\u043e \u0440\u0435\u0448\u0430\u0435\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e: \u0432 \u0414\u04261 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0435\u0442\u044c \u0438 \u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0432 \u043e\u0434\u0438\u043d \u0431\u0440\u0438\u0434\u0436:<\/p>\n<p>\u0414\u04261<\/p>\n<pre><code class=\"bash\">sudo ip link add name bridge0 type bridgesudo ip link set eth1 downsudo ip link set eth1 master bridge0sudo ip link set eth1 upsudo ip address flush macsec0sudo ip link set macsec0 master bridge0sudo ip link set bridge0 upsudo ip address add 192.168.255.1\/24 dev bridge0<\/code><div class=\"code-explainer\"><a href=\"https:\/\/sourcecraft.dev\/\" class=\"tm-button code-explainer__link\" style=\"visibility: hidden;\"><img style=\"width:14px;height:14px;object-fit:cover;object-position:left;\"\/><\/a><\/div><\/pre>\n<p>\u0412\u0441\u0451! \u0415\u0441\u043b\u0438 \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u0442\u044c DB \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0430\u0434\u0440\u0435\u0441 \u0438\u0437 \u043d\u0443\u0436\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 (macsec), \u0441\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441\u0430\u043c\u0430!<\/p>\n<p>\u0412\u043e\u0442 \u0442\u0430\u043a\u043e\u0439 \u0432\u0435\u0441\u0451\u043b\u044b\u0439 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442 \u043d\u0430 \u043a\u043e\u043b\u0435\u043d\u043a\u0435.<br \/>\u0415\u0441\u043b\u0438 \u043a\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430\u00a0<a href=\"https:\/\/hh.ru\/resume\/38c0f3d7ff07ed0a8c0039ed1f5642554c6668\" rel=\"noopener noreferrer nofollow\">hh<\/a><\/p>\n<\/div>\n<p>\u0441\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b \u0441\u0442\u0430\u0442\u044c\u0438 <a href=\"https:\/\/habr.com\/ru\/articles\/1022486\/\">https:\/\/habr.com\/ru\/articles\/1022486\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u0416\u0438\u043b-\u0431\u044b\u043b \u044f. \u0418 \u0431\u044b\u043b \u0443 \u044d\u0442\u043e\u0433\u043e &#171;\u044f&#187; \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u043f\u0443\u043b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d. \u041d\u043e \u043f\u0440\u0438\u0448\u043b\u043e \u0432\u0440\u0435\u043c\u044f, \u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u043e\u0441\u044c \u043e\u0441\u043e\u0437\u043d\u0430\u043d\u0438\u0435, \u0447\u0442\u043e \u0443 \u043c\u043e\u0435\u0433\u043e \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 (\u043f\u0443\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0421) \u043d\u0435 \u0432\u0441\u0435 \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u043c\u043d\u0435 \u043d\u0440\u0430\u0432\u044f\u0442\u0441\u044f. \u0410 \u0432\u043e\u0442 \u0443 \u0434\u0440\u0443\u0433\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 (\u043f\u0443\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0412) \u0443\u0441\u043b\u043e\u0432\u0438\u044f \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u043e\u043a \u043f\u043e\u0432\u043a\u0443\u0441\u043d\u0435\u0435. \u0418 \u0437\u0430\u043c\u044b\u0441\u043b\u0438\u043b \u044f \u043d\u0435\u043b\u0430\u0434\u043d\u043e\u0435. \u042f \u0440\u0435\u0448\u0438\u043b \u0440\u0430\u0437\u043d\u0435\u0441\u0442\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u043c\u0435\u0436\u0434\u0443 \u0440\u0430\u0437\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430\u043c\u0438. \u041d\u043e \u044d\u0442\u0443, \u0442\u0430\u043a \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u0440\u0443, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0441\u043a\u043e\u043c\u043c\u0443\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0436\u0434\u0443 \u0441\u043e\u0431\u043e\u0439, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0433\u043e\u043d\u044f\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u044b &#8212; \u0434\u0443\u0440\u043d\u0430\u044f \u0437\u0430\u0442\u0435\u044f. \u0418 \u0440\u043e\u0434\u0438\u043b\u0441\u044f \u0443 \u043c\u0435\u043d\u044f \u043f\u043b\u0430\u043d. \u0414\u0430\u0436\u0435 \u043d\u0435 \u043f\u043b\u0430\u043d, \u0430 \u041f\u041b\u0410\u0410\u0410\u0410\u041d!!! \u0418 \u0441\u043b\u0435\u0434\u043e\u043c \u044d\u0442\u0430 \u0441\u0442\u0430\u0442\u044c\u044f. \u041f\u0440\u0435\u0434\u0432\u043e\u0441\u0445\u0438\u0449\u0430\u044f \u0432\u043e\u043f\u0440\u043e\u0441: &#171;\u041f\u043e\u0447\u0435\u043c\u0443 \u043d\u0435 \u043e\u0431\u044b\u0447\u043d\u044b\u0439 VPN?&#187;, \u043e\u0442\u0432\u0435\u0447\u0443: \u044d\u0442\u043e, \u0432\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0441\u043a\u0443\u0447\u043d\u043e, \u0432\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, \u043d\u0435 \u043f\u043e\u0434\u043b\u0435\u0436\u0438\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438, \u0432-\u0442\u0440\u0435\u0442\u044c\u0438\u0445, \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f VPN \u043d\u0435\u0441\u0442\u0430\u0431\u0438\u043b\u0435\u043d \u0432\u0432\u0438\u0434\u0443 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a.Disclaimer! \u0426\u0435\u043b\u044c \u0441\u0442\u0430\u0442\u044c\u0438 &#8212; \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u043a\u0430\u043d\u0430\u043b\u044b \u0441\u0432\u044f\u0437\u0438. \u0421\u0442\u0430\u0442\u044c\u044f \u043d\u0435 \u0441\u0442\u0430\u0432\u0438\u0442 \u0446\u0435\u043b\u044c\u044e \u043e\u043f\u0438\u0441\u0430\u0442\u044c \u0441\u043f\u043e\u0441\u043e\u0431 \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043e\u043a \u0438 \u043e\u0441\u0443\u0436\u0434\u0430\u0435\u0442 (\u0445\u043e\u0442\u044c \u0438 \u043d\u0435\u0438\u0441\u043a\u0440\u0435\u043d\u043d\u0435) \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0441\u0442\u0430\u0442\u044c\u0438.\u0418\u0442\u0430\u043a. \u0427\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u0435\u043c?\u0414\u043e\u043f\u0443\u0441\u0442\u0438\u043c, \u0432 \u0414\u04261 (\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0421) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:\u0411\u0430\u0437\u0430 \u0434\u0430\u043d\u043d\u044b\u0445\u0411\u0435\u043a\u0430\u043f\u044b\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 192.0.2.135 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 eth0\u0412 \u0414\u04262 (\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0439 \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440 \u0412) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:\u041a\u0430\u043a\u043e\u0439-\u0442\u043e \u0441\u0430\u0439\u0442\u0411\u0435\u043a\u0430\u043f\u044b\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 198.51.100.75 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 ens1\u0412\u043e\u0442 \u0442\u0430\u043a \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u0445\u0435\u043c\u0430\u041d\u0430\u0447\u043d\u0451\u043c \u0441\u0442\u0440\u0430\u0448\u043d\u0443\u044e \u043c\u0430\u0433\u0438\u044e. \u0414\u043b\u044f \u043d\u0430\u0447\u0430\u043b\u0430 \u043d\u0443\u0436\u043d\u043e \u0441\u0432\u044f\u0437\u0430\u0442\u044c \u043e\u0431\u0430 \u0414\u0426 \u043f\u043e \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043a\u0430\u043d\u0430\u043b\u0430\u043c \u0441\u0432\u044f\u0437\u0438. \u042f \u0432\u044b\u0431\u0440\u0430\u043b\u00a0vxlan. \u0427\u0443\u0442\u044c \u043f\u043e\u043f\u043e\u0437\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443, \u043f\u043e\u0447\u0435\u043c\u0443 \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0433\u043e.\u0414\u04261:sudo ip link add vxlan0 type vxlan id 1 dstport 4789 dev eth0sudo ip link set vxlan0 upsudo ip link set vxlan0 address de:ad:be:ef:00:01sudo bridge fdb append to 00:00:00:00:00:00 dst 198.51.100.75 dev vxlan0\u0414\u04262:sudo ip link add vxlan0 type vxlan id 1 dstport 4789 dev ens1sudo ip link set vxlan0 upsudo ip link set vxlan0 address de:ad:be:ef:00:02sudo bridge fdb append to 00:00:00:00:00:00 dst 192.0.2.135 dev vxlan0\u041c\u0430\u043a \u0430\u0434\u0440\u0435\u0441 \u0437\u0430\u0434\u0430\u043d \u043f\u0440\u043e\u0441\u0442\u043e \u0442\u0430\u043a, \u043d\u043e \u044f \u043e\u0447\u0435\u043d\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u0437\u0430\u0434\u0430\u0432\u0430\u0442\u044c \u0435\u0433\u043e \u0432\u0440\u0443\u0447\u043d\u0443\u044e, \u0447\u0442\u043e\u0431\u044b \u043d\u0435 \u043f\u043e\u0438\u043c\u0435\u0442\u044c \u0432\u0435\u0441\u0435\u043b\u044c\u044f \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\u0415\u0441\u043b\u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0437\u043d\u0430\u0447\u0438\u0442\u044c \u043d\u0430 \u044d\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b ip \u0430\u0434\u0440\u0435\u0441\u0430, \u0442\u043e \u0441\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u043d\u043e \u043e\u0449\u0443\u0442\u0438\u0442\u044c \u0441\u043e\u0432\u0435\u0440\u0448\u0435\u043d\u043d\u043e \u044f\u0432\u043d\u043e. \u0412 tcpdump \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u044f\u0432\u043d\u044b\u0439 vxlan \u0442\u0440\u0430\u0444\u0444\u0438\u043a:ICMP:In  IP (tos 0x0, ttl 64, id 28479, offset 0, flags [none], proto UDP (17), length 134)    192.0.2.135.33821 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 11502, offset 0, flags [DF], proto ICMP (1), length 84)    10.255.255.1 &gt; 10.255.255.2: ICMP echo request, id 4, seq 1, length 64&#8230;IP (tos 0x0, ttl 63, id 28479, offset 0, flags [none], proto UDP (17), length 134)    192.0.2.135.33821 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 11502, offset 0, flags [DF], proto ICMP (1), length 84)    10.255.255.1 &gt; 10.255.255.2: ICMP echo request, id 4, seq 1, length 64&#8230;IP (tos 0x0, ttl 64, id 8166, offset 0, flags [none], proto UDP (17), length 134)    198.51.100.75.52381 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 48699, offset 0, flags [none], proto ICMP (1), length 84)    10.255.255.2 &gt; 10.255.255.1: ICMP echo reply, id 4, seq 1, length 64&#8230;IP (tos 0x0, ttl 63, id 8166, offset 0, flags [none], proto UDP (17), length 134)    198.51.100.75.52381 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 48699, offset 0, flags [none], proto ICMP (1), length 84)    10.255.255.2 &gt; 10.255.255.1: ICMP echo reply, id 4, seq 1, length 64SSH:In  IP (tos 0x0, ttl 64, id 33722, offset 0, flags [none], proto UDP (17), length 110)    192.0.2.135.54311 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x10, ttl 64, id 3431, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.1.52204 &gt; 10.255.255.2.22: Flags [S], cksum 0x2400 (correct), seq 1922400959, win 64860, options [mss 1410,sackOK,TS val 538325349 ecr 0,nop,wscale 7], length 0Out IP (tos 0x0, ttl 63, id 33722, offset 0, flags [none], proto UDP (17), length 110)    192.0.2.135.54311 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x10, ttl 64, id 3431, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.1.52204 &gt; 10.255.255.2.22: Flags [S], cksum 0x2400 (correct), seq 1922400959, win 64860, options [mss 1410,sackOK,TS val 538325349 ecr 0,nop,wscale 7], length 0In  IP (tos 0x0, ttl 64, id 19783, offset 0, flags [none], proto UDP (17), length 110)    198.51.100.75.48800 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.2.22 &gt; 10.255.255.1.52204: Flags [S.], cksum 0x645e (correct), seq 2242386131, ack 1922400960, win 64308, options [mss 1410,sackOK,TS val 1891742331 ecr 538325349,nop,wscale 7], length 0Out IP (tos 0x0, ttl 63, id 19783, offset 0, flags [none], proto UDP (17), length 110)    198.51.100.75.48800 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)    10.255.255.2.22 &gt; 10.255.255.1.52204: Flags [S.], cksum 0x645e (correct), seq 2242386131, ack 1922400960, win 64308, options [mss 1410,sackOK,TS val 1891742331 ecr 538325349,nop,wscale 7], length 0\u0421\u0445\u0435\u043c\u0430 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0442\u0430\u043a\u0412\u0441\u0451 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0445\u043e\u0440\u043e\u0448\u043e. \u0421\u0432\u044f\u0437\u043d\u043e\u0441\u0442\u044c \u0435\u0441\u0442\u044c&#8230; \u041d\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0430\u043a-\u0442\u043e \u043d\u0435 \u043e\u0447\u0435\u043d\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u041c\u043d\u0435 \u044d\u0442\u043e \u043d\u0435 \u043d\u0440\u0430\u0432\u0438\u0442\u0441\u044f. \u041c\u043e\u0436\u043d\u043e \u043e\u0431\u043c\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0434\u043e \u0443\u0448\u0435\u0439 TLS, \u043d\u043e \u044d\u0442\u043e \u043d\u0435 \u043d\u0430\u0448 \u043c\u0435\u0442\u043e\u0434. \u0412\u0435\u0434\u044c \u043d\u0435 \u043d\u0430\u0448 \u0436\u0435, \u0434\u0430? \u0417\u043d\u0430\u0447\u0438\u0442, \u043d\u0430\u0434\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u0442\u044c. \u041d\u0430 \u0443\u043c \u043f\u0440\u0438\u0448\u043b\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u0435:\u00a0MacSec. \u0427\u0435\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0445\u043e\u0440\u043e\u0448? \u0422\u0435\u043c, \u0447\u0442\u043e \u043e\u043d \u043d\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u044b\u0439 \u043f\u043e \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u043f\u0440\u0438\u043a\u0440\u0435\u043f\u043b\u044f\u0435\u0442\u0441\u044f MAC \u0430\u0434\u0440\u0435\u0441\u0443, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442 \u0431\u043e\u043b\u0435\u0435-\u043c\u0435\u043d\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0435\u043d. \u0412 \u0447\u0451\u043c \u0438\u0434\u0435\u044f? \u041f\u043e\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 vxlan \u0442\u0443\u043d\u043d\u0435\u043b\u044c \u0437\u0430\u043a\u0440\u044b\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u0438\u043c. \u041f\u0440\u0438\u0441\u0442\u0443\u043f\u0430\u0435\u043c:\u0414\u04261:sudo ip link add link vxlan0 macsec0 type macsec encrypt onsudo ip macsec add macsec0 tx sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip link set macsec0 upsudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:02 port 1 sa 0 pn 1 on key 02 fedcba9876543210fedcba9876543210sudo ip address add 192.168.255.1\/24 dev macsec0\u0414\u04262:sudo ip link add link vxlan0 macsec0 type macsec encrypt onsudo ip macsec add macsec0 tx sa 0 pn 1 on key 02 fedcba9876543210fedcba9876543210sudo ip link set macsec0 upsudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1sudo ip macsec add macsec0 rx address de:ad:be:ef:00:01 port 1 sa 0 pn 1 on key 01 0123456789abcdef0123456789abcdefsudo ip address add 192.168.255.2\/24 dev macsec0\u0427\u0442\u043e \u043c\u044b \u0438\u043c\u0435\u0435\u043c?\u0412\u0435\u0441\u044c \u0442\u0440\u0430\u0444\u0444\u0438\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0434\u0451\u0442 \u043f\u043e vxlan \u0443 \u043d\u0430\u0441 \u043d\u0430\u0434\u0451\u0436\u043d\u043e \u0437\u0430\u0449\u0438\u0449\u0451\u043d \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c. \u0425\u043e\u0440\u043e\u0448\u043e \u0436\u0435! \u0414\u0430\u0436\u0435 tcpdump \u0440\u0430\u0434\u0443\u0435\u0442:In  IP (tos 0x0, ttl 64, id 52234, offset 0, flags [none], proto UDP (17), length 166)    192.0.2.135.48609 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:01 &gt; de:ad:be:ef:00:02 802.1AE MACsec, an 0, pn 21, flags ECI, sci deadbeef00010001,        0x0000:  72d9 d31f ade5 9be7 25e3 f9d0 06e5 0774  r&#8230;&#8230;.%&#8230;&#8230;t        0x0010:  7f90 41e7 bf12 b12c 9bd9 06b8 7fde 27c2  ..A&#8230;.,&#8230;&#8230;&#8217;.        0x0020:  1672 3666 9f1b f43f 5dc1 92ca 39c3 bbc5  .r6f&#8230;?]&#8230;9&#8230;        0x0030:  8f27 e3ea 810c 9394 99a5 edc6 64ea 446c  .&#8217;&#8230;&#8230;&#8230;.d.Dl        0x0040:  12ed 6eaa e467 aa2c 751d 4afc 88f4 fcbd  ..n..g.,u.J&#8230;..        0x0050:  29ab 1748 0510 c1cd 32a8 3fa8 499b 9f3a  )..H&#8230;.2.?.I..:        0x0060:  3e32 aec3 1b63                           &gt;2&#8230;cOut IP (tos 0x0, ttl 63, id 52234, offset 0, flags [none], proto UDP (17), length 166)    192.0.2.135.48609 &gt; 198.51.100.75.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:01 &gt; de:ad:be:ef:00:02 802.1AE MACsec, an 0, pn 21, flags ECI, sci deadbeef00010001,        0x0000:  72d9 d31f ade5 9be7 25e3 f9d0 06e5 0774  r&#8230;&#8230;.%&#8230;&#8230;t        0x0010:  7f90 41e7 bf12 b12c 9bd9 06b8 7fde 27c2  ..A&#8230;.,&#8230;&#8230;&#8217;.        0x0020:  1672 3666 9f1b f43f 5dc1 92ca 39c3 bbc5  .r6f&#8230;?]&#8230;9&#8230;        0x0030:  8f27 e3ea 810c 9394 99a5 edc6 64ea 446c  .&#8217;&#8230;&#8230;&#8230;.d.Dl        0x0040:  12ed 6eaa e467 aa2c 751d 4afc 88f4 fcbd  ..n..g.,u.J&#8230;..        0x0050:  29ab 1748 0510 c1cd 32a8 3fa8 499b 9f3a  )..H&#8230;.2.?.I..:        0x0060:  3e32 aec3 1b63                           &gt;2&#8230;cIn  IP (tos 0x0, ttl 64, id 22307, offset 0, flags [none], proto UDP (17), length 166)    198.51.100.75.56215 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:02 &gt; de:ad:be:ef:00:01 802.1AE MACsec, an 0, pn 25, flags ECI, sci deadbeef00020001,        0x0000:  5852 16a6 d772 da3a 96cc 04ce ebe9 06e0  XR&#8230;r.:&#8230;&#8230;..        0x0010:  bf31 f5c2 3c8b 798e 05e8 5bc4 b9a7 5d7d  .1..&lt;.y&#8230;[&#8230;]}        0x0020:  1911 9a79 a339 1fbf 49b9 7833 858b a76a  &#8230;y.9..I.x3&#8230;j        0x0030:  910c 8a56 8811 ba0b 61d9 d38f a17a 73f6  &#8230;V&#8230;.a&#8230;.zs.        0x0040:  843d 5e5b 2df8 57d8 3713 8381 890a da79  .=^[-.W.7&#8230;&#8230;y        0x0050:  e073 75cc cfab 3ab2 0991 1684 72fe 743a  .su&#8230;:&#8230;..r.t:        0x0060:  a75c fe36 266e                           .\\.6&amp;nOut IP (tos 0x0, ttl 63, id 22307, offset 0, flags [none], proto UDP (17), length 166)    198.51.100.75.56215 &gt; 192.0.2.135.4789: [udp sum ok] VXLAN, flags [I] (0x08), vni 1de:ad:be:ef:00:02 &gt; de:ad:be:ef:00:01 802.1AE MACsec, an 0, pn 25, flags ECI, sci deadbeef00020001,        0x0000:  5852 16a6 d772 da3a 96cc 04ce ebe9 06e0  XR&#8230;r.:&#8230;&#8230;..        0x0010:  bf31 f5c2 3c8b 798e 05e8 5bc4 b9a7 5d7d  .1..&lt;.y&#8230;[&#8230;]}        0x0020:  1911 9a79 a339 1fbf 49b9 7833 858b a76a  &#8230;y.9..I.x3&#8230;j        0x0030:  910c 8a56 8811 ba0b 61d9 d38f a17a 73f6  &#8230;V&#8230;.a&#8230;.zs.        0x0040:  843d 5e5b 2df8 57d8 3713 8381 890a da79  .=^[-.W.7&#8230;&#8230;y        0x0050:  e073 75cc cfab 3ab2 0991 1684 72fe 743a  .su&#8230;:&#8230;..r.t:        0x0060:  a75c fe36 266e                           .\\.6&amp;n\u0422\u043e \u0435\u0441\u0442\u044c \u043c\u044b \u0432\u0438\u0434\u0438\u043c, \u0447\u0442\u043e \u0447\u0442\u043e-\u0442\u043e \u0445\u043e\u0434\u0438\u0442, \u0430 \u0447\u0442\u043e &#8212; \u043d\u0435 \u044f\u0441\u043d\u043e. \u042f\u0441\u043d\u043e \u0442\u043e\u043b\u044c\u043a\u043e, \u0447\u0442\u043e \u044d\u0442\u043e macsec. \u0418, \u043f\u043b\u044e\u0441\u043e\u043c, \u044d\u0442\u043e L2!\u0410 \u0441\u0435\u0439\u0447\u0430\u0441 \u0432\u043e\u0442 \u0442\u0430\u043a\u0410 \u0434\u0430\u043b\u044c\u0448\u0435 \u0447\u0442\u043e? \u0410 \u0435\u0441\u043b\u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043c \u043d\u043e\u0432\u044b\u0439 \u0414\u0426? \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043e\u043c\u0430\u0448\u043d\u044e\u044e \u0438\u043d\u0444\u0440\u0443?\u0412 \u0414\u04263 (\u0434\u043e\u043c\u0430\u0448\u043d\u044f\u044f \u043b\u0430\u0431\u0430) \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f:\u041c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0411\u0435\u043a\u0430\u043f\u044b\u0412\u043d\u0435\u0448\u043d\u0438\u0439 ip \u0430\u0434\u0440\u0435\u0441: 203.0.113.52 \u043d\u0430 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 enp3s0\u0427\u0442\u043e \u0436. \u0422\u0443\u0442&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-475619","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/475619","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=475619"}],"version-history":[{"count":0,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=\/wp\/v2\/posts\/475619\/revisions"}],"wp:attachment":[{"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=475619"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=475619"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/savepearlharbor.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=475619"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}