{"id":523,"date":"2020-04-06T21:15:40","date_gmt":"2020-04-06T19:15:40","guid":{"rendered":"http:\/\/tech.sosthe.sk\/?page_id=523"},"modified":"2020-04-06T21:15:40","modified_gmt":"2020-04-06T19:15:40","slug":"18-inter-vlan-routing-a-acl-smerovanie-medzi-vlany","status":"publish","type":"page","link":"http:\/\/tech.sosthe.sk\/index.php\/ccna\/cisco-ios\/18-inter-vlan-routing-a-acl-smerovanie-medzi-vlany\/","title":{"rendered":"18. Inter-VLAN routing a ACL – smerovanie medzi VLANy"},"content":{"rendered":"

V tomto \u010dl\u00e1nku budem vych\u00e1dza\u0165 z (mysl\u00edm be\u017en\u00e9) topol\u00f3gie, kedy m\u00e1me switche v dvoch vrstv\u00e1ch (a nie odpor\u00fa\u010dan\u00fdch troch).\u00a0Je tu\u00a0<\/span>jadro<\/span><\/strong>\u00a0(core), \u010do je L3 switch (alebo dva kv\u00f4li redundanciu), ktor\u00fd vykon\u00e1va vlastn\u00e9\u00a0<\/span>inter-VLAN routing<\/span><\/em><\/strong>\u00a0.\u00a0Druh\u00e1 vrstva je\u00a0<\/span>pr\u00edstupov\u00e1<\/span><\/strong>\u00a0(access), do nej sa aktivovali v\u0161etky zariadenia (stanice, v tomto pr\u00edpade i servery, tla\u010diarne a pod.).\u00a0V\u0161etky switche pr\u00edstupov\u00e9 vrstvy s\u00fa zapojen\u00e9 do jadra, tieto spoje s\u00fa konfigurovan\u00e9 ako\u00a0<\/span>trunk<\/span><\/strong>\u00a0a pou\u017e\u00edvame\u00a0<\/span>VLAN Trunking Protocol<\/span><\/em><\/strong>\u00a0(VTP), tak\u017ee rovnak\u00e9 VLANy m\u00e1me na v\u0161etk\u00fdch switchoch.<\/span><\/p>\n

Pozn .:<\/span><\/em><\/strong>\u00a0Obdobne sa d\u00e1 pou\u017ei\u0165 aj zapojenie, kedy nevyu\u017e\u00edvame L3 switch, ale router.\u00a0Z\u00e1kladn\u00e9 inform\u00e1cie s\u00fa v \u010dl\u00e1nku<\/span>\u00a0VLAN – Virtual Local Area Network<\/span>\u00a0.<\/span><\/p>\n

Zapnutie routovanie medzi VLAN<\/span><\/h3>\n

Defaultne je switch v m\u00f3de L2 switchovan\u00e9, ak chceme pou\u017ei\u0165 L3 vlastnos\u0165 IP routing, tak ju mus\u00edme zapn\u00fa\u0165.<\/span><\/p>\n

SWITCH (config) # ip routing<\/strong><\/span><\/pre>\n
Nepotrebujeme pou\u017ei\u0165 \u017eiadny\u00a0<\/span>routovacie protokol<\/span><\/em><\/strong>\u00a0, preto\u017ee v\u0161etky routovanie sa odohr\u00e1va na jednom zariaden\u00ed.\u00a0Cisco IOS automaticky vklad\u00e1\u00a0<\/span>priamo pripojen\u00e9 interface<\/span><\/em><\/strong>\u00a0do routovacie tabu\u013eky.\u00a0Ak je zapnut\u00e9 routovanie, tak IOS routuje pod\u013ea z\u00e1znamov tabu\u013eky Routing, \u010do s\u00fa statick\u00e9 ruty a priamo pripojen\u00e9 interface.<\/span><\/p>\n
To je v\u00fdhoda inter-VLAN routingu, \u017ee pre z\u00e1kladn\u00fa funkcionalitu netreba takmer \u017eiadna konfigur\u00e1cia.\u00a0VLAN Interface s\u00fa na core switchi\u00a0<\/span>priamo pripojen\u00e9 interface<\/span><\/em><\/strong>\u00a0, medzi ktor\u00fdmi sa vykon\u00e1va routovanie automaticky.\u00a0Mus\u00edme iba pre\u00a0<\/span>VLANy<\/span><\/strong>\u00a0, ktor\u00e9 chceme routovat, vytvori\u0165\u00a0<\/span>VLAN interface<\/span><\/em><\/strong>\u00a0a nastavi\u0165 jeho IP adresu.\u00a0<\/span>IP adresa<\/span><\/em><\/strong>\u00a0je rovnako potrebn\u00e1, preto\u017ee sa jedn\u00e1 o\u00a0<\/span>gateway<\/span><\/em><\/strong>\u00a0(br\u00e1nu) pre dan\u00fd subnet.<\/span><\/p>\n
Nasleduj\u00faci pr\u00edklad vytv\u00e1ra VLAN interface pre VLAN 100, ktor\u00e1 m\u00e1 subnet 10.0.1.0\/24 a chceme adresu gateway 10.0.1.1.\u00a0VLAN 100 u\u017e m\u00e1me vytvoren\u00fa.<\/span><\/p>\n
SWITCH (config) # interface vlan 100<\/strong> \r\nSWITCH (config-if) # ip address 10.0.1.1 255.255.255.0\u00a0  <\/strong>\/\/ zadanie IP adresy spolu s maskou, ktor\u00e1 ur\u010duje subnet \r\nSWITCH (config-if) # no shutdown\u00a0                        <\/strong>\/\/ v\u00fdchodiskov\u00fd stav interface je vypnut\u00fd<\/span><\/pre>\n
E\u0161te je vhodn\u00e9 nastavi\u0165\u00a0<\/span>default gateway<\/span><\/em><\/strong>\u00a0, ak chceme komunikova\u0165 napr\u00edklad do internetu, aby router vedel, kam posla\u0165 prev\u00e1dzku, ktor\u00fd nepatr\u00ed do \u017eiadnej z jeho VLAN.\u00a0Mo\u017enos\u0165ou nastavenia je nieko\u013eko, ale prv\u00e1 mo\u017enos\u0165 je len pre \u00faplnos\u0165, tu nem\u00f4\u017eeme pou\u017ei\u0165!<\/span><\/p>\n
SWITCH (config) # ip default-gateway 10.0.1.250 <\/strong>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \/\/ m\u00f4\u017eem pou\u017ei\u0165, iba ak nie je zapnut\u00e9 routovanie \r\nSWITCH (config) # ip default-network 10.0.1.0 <\/strong>\u00a0\u00a0\u00a0       \/\/ nastav\u00ed defaultn\u00fd sie\u0165, pri pou\u017e\u00edvan\u00ed routovanie \r\nSWITCH (config) # ip route 0.0.0.0 0.0.0.0 <\/strong>10.0.1.250 <\/strong>  \/\/ naj\u010dastej\u0161ia met\u00f3da, vytvor\u00edm priamo z\u00e1znam do routovacie tabu\u013eky<\/span><\/pre>\n
Iba ako pozn\u00e1mku tu zmienim u\u017eito\u010dn\u00fa vec.\u00a0Ak sme rozdelili p\u00f4vodn\u00fa jednu sie\u0165 na VLANy a vyu\u017e\u00edvali sme jeden DHCP server, tak m\u00f4\u017eeme st\u00e1le pokra\u010dova\u0165 v pou\u017e\u00edvan\u00ed jedn\u00e9ho servera.\u00a0Na serveri vytvor\u00edme nieko\u013eko poolov (pre ka\u017ed\u00fd subnet jeden).\u00a0A na switchi nakonfigurujeme pre dan\u00e9 VLANy\u00a0<\/span>DHCP Relay Agenta<\/span><\/em><\/strong>\u00a0, ten odovzd\u00e1va broadcast po\u017eiadavky na pridelenie IP adresy pomocou unicast na zadan\u00fd server.<\/span><\/p>\n
SWITCH (config-if) # ip helper-address 10.0.1.10<\/strong><\/span><\/pre>\n
Obmedzenie routovania a neroutovan\u00e9 VLANy<\/span><\/h3>\n
Mysl\u00edm, \u017ee m\u00f4\u017eu nasta\u0165 dve situ\u00e1cie, ak nechceme v\u0161etko routovat, a to<\/span><\/p>\n
    \n
  • neroutovan\u00e1 VLAN<\/span><\/strong>\u00a0– chceme ma\u0165 izolovan\u00fa VLAN, tu absol\u00fatne neroutovanou s ostatn\u00fdmi VLAN, bu\u010f funguje ako uzavret\u00e1 sie\u0165 alebo ju \u010falej prep\u00e1jame pomocou firewallu \u010di in\u00e9 GW<\/span><\/li>\n
  • obmedzene routovanie VLAN<\/span><\/strong>\u00a0– chceme, aby sa jedna VLAN mohla komunikova\u0165 iba s niektor\u00fdmi \u010fal\u0161\u00edmi, pr\u00edpadne aby bola povolen\u00e1 iba ur\u010dit\u00e1 komunik\u00e1cia<\/span><\/li>\n<\/ul>\n
    Neroutovan\u00e1 VLAN<\/span><\/h4>\n
    Z predch\u00e1dzaj\u00facej kapitoly je jasn\u00e9, ako jednoducho vytvor\u00edme izolovan\u00fa VLAN.\u00a0Sta\u010d\u00ed, aby jej\u00a0<\/span>VLAN interface nemal zadan\u00fa IP adresu<\/span><\/em><\/strong>\u00a0(nemus\u00ed v\u00f4bec existova\u0165 \u010di m\u00f4\u017ee by\u0165 shutdown).\u00a0Tak\u00e1to VLAN sa nez\u00fa\u010dast\u0148uje routovac\u00edho procesu.\u00a0IP adresu potrebujeme ma\u0165 na VLAN z nieko\u013ek\u00fdch d\u00f4vodov, napr\u00edklad ke\u010f chceme v tejto VLAN pristupova\u0165 na switch (na jeho CLI alebo webov\u00e9 rozhranie) alebo ke\u010f chceme vyu\u017ei\u0165 pride\u013eovanie IP adries z DHCP servera na switchi (do tejto VLAN).\u00a0Ale po premyslenie sa asi v\u017edy ob\u00eddeme bez toho, aby VLAN, ktor\u00fa nechceme routovat, mala adresu.<\/span><\/p>\n
    Druh\u00e1 mo\u017enos\u0165 je tro\u0161ku zlo\u017eitej\u0161ia a znamen\u00e1 vytvorenie ACL. O tom pojedn\u00e1va \u010fal\u0161ia kapitola.<\/span><\/p>\n
    Obmedzene routovanie VLAN pomocou ACL<\/span><\/h4>\n
    Ak chceme, aby niektor\u00e9 VLAN bola routovanie (mohla komunikova\u0165) iba s niektor\u00fdmi \u010fal\u0161\u00edmi (a nie so v\u0161etk\u00fdmi).\u00a0Pr\u00edpadne chceme e\u0161te viac \u0161pecifikova\u0165 komunik\u00e1ciu medzi VLAN (alebo ju \u00faplne zak\u00e1za\u0165).\u00a0Tak k tomu m\u00f4\u017eeme pou\u017ei\u0165\u00a0<\/span>Access Control List (ACL)<\/span><\/strong>\u00a0.\u00a0A tieto ACL aplikujeme na\u00a0<\/span>VLAN interface<\/span><\/em><\/strong>\u00a0na routeri (v na\u0161om pr\u00edpade core switchu), t\u00fdmto ACL sa hovor\u00ed\u00a0<\/span>Router ACL<\/span><\/em><\/strong>\u00a0.<\/span><\/p>\n
    Pozn .:<\/span><\/em><\/strong>\u00a0\u010eal\u0161ou mo\u017enos\u0165ou je pou\u017eitie<\/span>\u00a0VLAN ACL<\/span><\/strong>\u00a0(Vacl), inak povedan\u00e9<\/span>\u00a0VLAN m\u00e1p<\/span><\/strong>\u00a0(vlan access-m\u00e1p), tie sa uplat\u0148uj\u00fa nielen na routovanie prev\u00e1dzku (ako Router ACL), ale aj na bridgovanie (switchovan\u00e9) prev\u00e1dzka vn\u00fatri VLANy, teda na v\u0161etky pakety.\u00a0Maj\u00fa ur\u010dit\u00e9 v\u00fdhody, ale aj nev\u00fdhody.\u00a0V tomto \u010dl\u00e1nku sa im nevenujem.<\/span><\/p>\n
    Podrobn\u00fd (d\u00fafam) opis ACL je v \u010dl\u00e1nku<\/span>\u00a0– Access Control List<\/span>\u00a0, tak\u017ee sa tu nebudem venova\u0165 vytv\u00e1raniu ACL.\u00a0Ale sk\u00fasim podrobne vysvetli\u0165\u00a0<\/span>aplik\u00e1ciu ACL na interface<\/span><\/em><\/strong>\u00a0, preto\u017ee som to dlh\u0161iu dobu nech\u00e1pal.\u00a0Ak uva\u017eujeme\u00a0<\/span>port ACL<\/span><\/em><\/strong>\u00a0, ktor\u00e9 sa aplikuje na nejak\u00fd port, tak je situ\u00e1cia relat\u00edvne jednoduch\u00e1.\u00a0V \u010dl\u00e1nku o ACL je schematick\u00fd obr\u00e1zok, ktor\u00fd sn\u00e1\u010f jasne ukazuje, \u017ee sa na komunik\u00e1ciu pozer\u00e1me z poh\u013eadu routeru, a ak sa chceme venova\u0165 prich\u00e1dzaj\u00face komunik\u00e1ciu do portu (do routeru), tak sa aplikuje\u00a0<\/span>in<\/span><\/strong>\u00a0a ak odch\u00e1dzaj\u00faci, tak\u00a0<\/span>out<\/span><\/strong>\u00a0.<\/span><\/p>\n
    Aplik\u00e1cia ACL na port<\/span><\/strong><\/p>\n
    Nasleduj\u00faci obr\u00e1zok obdobne ilustruje situ\u00e1ciu.\u00a0Po\u010d\u00edta\u010d X je pripojen\u00fd do portu 1. Server Y je pripojen\u00fd do portu 47 switche.\u00a0Ak aplikujeme ACL na port 1 ako vstupn\u00e1, tak sa zaober\u00e1me komunik\u00e1ciou, ktor\u00e1 odch\u00e1dza zo stanice X a smeruje (nemus\u00ed len na neho) na server Y. V tom pr\u00edpade zdrojovej adresy s\u00fa stanice X (S = X) a cie\u013eovej adresy s\u00fa servera Y (D = Y).\u00a0\u010eal\u0161ie varianty s\u00fa zn\u00e1zornen\u00e9 v obr\u00e1zku.<\/span><\/p>\n
    \"\"<\/p>\n
    Aplik\u00e1cia ACL na VLAN<\/span><\/strong><\/p>\n
    Ak situ\u00e1ciu prenesieme na n\u00e1\u0161 L3 core switch, tak je situ\u00e1cia rovnak\u00e1, ale mysl\u00edm, \u017ee vy\u017eaduje v\u00e1\u017enej\u0161ie zamyslenie.\u00a0My s\u00edce ACL aplikujeme na VLAN interface, ale nepozer\u00e1me sa na smery z poh\u013eadu VLAN, ale z poh\u013eadu switcha (alebo jeho routovac\u00edho procesu – VLAN interfacu).\u00a0Akoby VLAN bola mimo switch a v\u0161etko z nej vstupovalo do routeru cez VLAN interface, na ktor\u00fd aplikujeme ACL.\u00a0Ke\u010f aplikujeme ACL ako vstupn\u00e9 na VLAN, tak rie\u0161i komunik\u00e1ciu, ktor\u00e1 z tejto VLAN odch\u00e1dza a vstupuje do routovac\u00edho procesu (do interfacu).\u00a0Situ\u00e1ciu som sa pok\u00fasil schematicky zobrazi\u0165 na nasleduj\u00facom obr\u00e1zku.<\/span><\/p>\n
    \"\"<\/p>\n
    Vo\u013eba ACL a smeru<\/span><\/strong><\/p>\n
    Cisco ud\u00e1va jedin\u00e9 v\u0161eobecn\u00e9 odpor\u00fa\u010dania:<\/span><\/p>\n
      \n
    • \u0161tandard ACL<\/span><\/strong>\u00a0aplikova\u0165 bl\u00edzko\u00a0<\/span>cie\u013ea<\/span><\/em><\/strong>\u00a0na ako\u00a0<\/span>out<\/span><\/em><\/strong>\u00a0(pravidl\u00e1 obsahuj\u00fa iba zdrojov\u00e9 adresy, tak\u017ee obmedzujeme, \u010do do cie\u013ea vstupuje)<\/span><\/li>\n
    • extended ACL<\/span><\/strong>\u00a0aplikova\u0165 bl\u00edzko\u00a0<\/span>zdroja<\/span><\/em><\/strong>\u00a0ako\u00a0<\/span>in<\/span><\/em><\/strong>\u00a0(pravidl\u00e1 obsahuj\u00fa zdrojovej aj cie\u013eovej adresy, obmedzujeme prev\u00e1dzku, ktor\u00fd odch\u00e1dza zo zdroja, teda e\u0161te sk\u00f4r ako je spracovan\u00fd routovac\u00edm procesom)<\/span><\/li>\n<\/ul>\n
      V praxi m\u00e1me mo\u017enos\u0165\u00a0<\/span>aplikova\u0165 ACL<\/span><\/em><\/strong>\u00a0u\u00a0<\/span>zdroja<\/span><\/em><\/strong>\u00a0alebo u\u00a0<\/span>ciele<\/span><\/em><\/strong>\u00a0a aplikova\u0165 bu\u010f smer\u00a0<\/span>in<\/span><\/em><\/strong>\u00a0, smer\u00a0<\/span>out<\/span><\/em><\/strong>\u00a0alebo oba\u00a0<\/span>in<\/span><\/em><\/strong>\u00a0i\u00a0<\/span>out<\/span><\/em><\/strong>\u00a0.\u00a0V pr\u00edpade, \u017ee riadime prev\u00e1dzku na \u00farovni portov, tak si mus\u00edme tie\u017e uvedomi\u0165, na ktor\u00fa stranu komunik\u00e1cie (zdroj, cie\u013e) nastavujeme port.<\/span><\/p>\n
      U\u00a0<\/span>interVLAN routingu<\/span><\/strong>\u00a0n\u00e1m niekedy m\u00f4\u017ee sta\u010di\u0165\u00a0<\/span>\u0161tandard ACL<\/span><\/em><\/strong>\u00a0, ale asi \u010dastej\u0161ie pou\u017eijeme\u00a0<\/span>extended ACL<\/span><\/em><\/strong>\u00a0.\u00a0\u010ci ho nastav\u00edme\u00a0<\/span>in<\/span><\/em><\/strong>\u00a0,\u00a0<\/span>out<\/span><\/em><\/strong>\u00a0alebo\u00a0<\/span>oboje<\/span><\/em><\/strong>\u00a0dohromady je potrebn\u00e9 d\u00f4kladne zv\u00e1\u017ei\u0165.\u00a0Valn\u00e9 \u010das\u0165 komunik\u00e1cie (TCP) potrebuje nadviaza\u0165 spojenie, tak\u017ee ke\u010f obmedz\u00edme iba jeden smer, spojenie sa nenadvia\u017ee, a komunik\u00e1cia neprebieha.\u00a0Ale ur\u010dit\u00e1 komunik\u00e1cia prebieha jednosmerne (klasicky UDP protokol).<\/span><\/p>\n
      Ak aplikujeme ACL ako vstupn\u00e9 u zdrojov\u00e9 VLANy, tak ho sta\u010d\u00ed nastavi\u0165 iba na jednu VLAN (t\u00fa zdrojov\u00fa a obmedzujeme, s k\u00fdm m\u00f4\u017ee komunikova\u0165).\u00a0Ak by sme ho chceli nastavi\u0165 pri cieli, tak ho mus\u00edme nastavi\u0165 u v\u0161etk\u00fdch cie\u013eov, do ktor\u00fdch nesmie zdrojov\u00e1 VLAN komunikova\u0165.<\/span><\/p>\n
      Mal\u00e9 zhrnutie, ako m\u00f4\u017eeme ACL aplikova\u0165:<\/span><\/p>\n
        \n
      • na\u00a0<\/span>in<\/span><\/strong>\u00a0u obmedzovan\u00e9 VLANy – zdroj je obmedzovan\u00e1 VLAN, cie\u013e bu\u010f povo\u013eujeme, alebo zakazujeme, riadime, \u010do m\u00f4\u017ee z VLANy odch\u00e1dza\u0165<\/span><\/li>\n
      • na\u00a0<\/span>out<\/span><\/strong>\u00a0u obmedzovan\u00e9 VLANy – cie\u013e je obmedzovan\u00e1 VLAN, riadime, \u010do do nej m\u00f4\u017ee vst\u00fapi\u0165<\/span><\/li>\n
      • na\u00a0<\/span>in<\/span><\/strong>\u00a0i\u00a0<\/span>out<\/span><\/strong>\u00a0u obmedzovan\u00e9 VLANy – cie\u013e a zdroj v oboch variantoch, zamedz\u00edme vstupe i v\u00fdstupe d\u00e1t do danej VLANy<\/span><\/li>\n
      • na\u00a0<\/span>out<\/span><\/strong>\u00a0u cie\u013eovej VLANy – v niektor\u00fdch pr\u00edpadoch m\u00f4\u017eeme potrebova\u0165 aplikova\u0165 ACL iu cie\u013eov\u00fdch VLAN, napr\u00edklad chceme, aby v\u0161etky VLANy mohli komunikova\u0165 iba s jednou (napr\u00edklad so servermi) a nie medzi sebou<\/span><\/li>\n<\/ul>\n
        Pr\u00edklad pou\u017eitia<\/span><\/h4>\n
        Pok\u00fasim sa o komplexnej\u0161ie pr\u00edklad.\u00a0Vezmeme situ\u00e1ciu z predch\u00e1dzaj\u00faceho obr\u00e1zku, kde m\u00e1me VLAN 100, VLAN 200 a prid\u00e1me e\u0161te VLAN 300. Chceme, aby VLAN 100 komunikovala s VLAN 200 a VLAN 300, ale VLAN 300 komunikovala iba s VLAN 100, rovnako ako VLAN 200. Inak povedan\u00e9 plnej routovanie , kde sa VLAN 300 obmedz\u00ed len na komunik\u00e1ciu s VLAN 100.<\/span><\/p>\n
        SWITCH (config) # ip routing<\/strong> \r\nSWITCH (config) # interface vlan 100<\/strong> \r\nSWITCH (config-if) # ip address 10.0.1.1 255.255.255.0\u00a0 <\/strong> \r\nSWITCH (config-if) # no shutdown<\/strong> \r\nSWITCH (config) # interface vlan 200<\/strong> \r\nSWITCH (config -if) # ip address 10.0.2.1 255.255.255.0\u00a0 <\/strong> \r\nSWITCH (config-if) # no shutdown<\/strong> \r\nSWITCH (config) # interface vlan 300<\/strong> \r\nSWITCH (config-if) # ip address 10.0.3.1 255.255.255.0\u00a0 <\/strong> \r\nSWITCH (config-if) # no shutdown<\/strong> \r\nSWITCH (config) # ip access-list extended vlan300in<\/strong> \r\nSWITCH (config-ext-nacl) # permit ip 10.0.3.0 0.0.0.255 10.0.1.0 0.0.0.255<\/strong> \r\nSWITCH (config) #interface vlan 300<\/strong> \r\nSWITCH (config-if) # ip access-group vlan300in in<\/strong><\/span><\/pre>\n
        Druh\u00fd pr\u00edklad ukazuje mo\u017enos\u0165 izol\u00e1cie jednej VLANy.<\/span><\/p>\n
        SWITCH (config) # ip access-list extended vlan300<\/strong> \r\nSWITCH (config-ext-nacl) # deny ip any any<\/strong> \r\nSWITCH (config) # interface vlan 300<\/strong> \r\nSWITCH (config-if) # ip access-group vlan300 in<\/strong> \r\nSWITCH (config-if ) # ip access-group vlan300 out<\/strong><\/span><\/pre>\n","protected":false},"excerpt":{"rendered":"
        V tomto \u010dl\u00e1nku budem vych\u00e1dza\u0165 z (mysl\u00edm be\u017en\u00e9) topol\u00f3gie, kedy m\u00e1me switche v dvoch vrstv\u00e1ch (a nie odpor\u00fa\u010dan\u00fdch troch).\u00a0Je tu\u00a0jadro\u00a0(core), \u010do je L3 switch (alebo…<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":431,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/523"}],"collection":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/comments?post=523"}],"version-history":[{"count":1,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/523\/revisions"}],"predecessor-version":[{"id":526,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/523\/revisions\/526"}],"up":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/pages\/431"}],"wp:attachment":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/media?parent=523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}