[EMAIL PROTECTED] wrote: > John > > So loopback is used for interprocess communication?? > And each port is associated with a process??
Okay Keep it easy. When a process binds to a port, it binds to a port and an IP. Often, that IP is 0.0.0.0, which is *all* IP's on that system. This includes 127.0.0.1. Let me give you a *great* example of using the loopback for something worthwhile: I run a DNS cache for my network. It is on 132.236.23.1. I also run a dns server. On the same box. On the same port. On IP 127.0.0.1. I tell my cache to look at 127.0.0.1 for certain domains. The server on 127.0.0.1 answers for those domains. Mostly it is my own domain that it answers for, and gives the internal (192.168.23.0/24) IP's. It also answers for other domains that I would rather just blackhols (doubleclick.net comes to mind). So ports do not associate with processes. Processes bind to ports. If I connect to localhost port 25, chances are an MTA will answer. However, if I started my SSH server on that port, that is what will answer. That jsut got me to thinking about those places that block outgoing 22, but leave 80 open. If you took your SSHd and put it on port 80, and SSL wrapped it, would the network gurus be able to see that it is not HTTP traffic at all, but indeed SSH inside SSL? Traffic analysis might give it away, but I mean just looking at the packets. Hmm. > How come powers that be gave loopback a zillion addresses > instead of just 127.0.0.1/32?? Don't know. Don't care. It is not a real problem. I do not worry about it. Why is the whole of 0.0.0.0/8 reserved also? Who cares? > > -john -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
