ISC Consortium Sakin uwar garken DHCP , maye gurbin ISC DHCP na gargajiya. Tushen aikin karkashin lasisi , maimakon lasisin ISC da aka yi amfani da shi don ISC DHCP.
Kea DHCP uwar garken ya dogara ne akan BIND 10 da ta amfani da tsarin gine-gine na zamani, wanda ke nuna rarraba ayyuka zuwa hanyoyin sarrafawa daban-daban. Samfurin ya ƙunshi cikakken aiwatarwar uwar garken tare da goyan bayan ka'idojin DHCPv4 da DHCPv6, mai iya maye gurbin ISC DHCP. Kea yana da kayan aikin ginannun kayan aikin don haɓaka sabbin yankuna na DNS (Dynamic DNS), yana tallafawa hanyoyin gano uwar garken, aikin adireshi, sabuntawa da sake haɗawa, buƙatun bayanan sabis, adana adireshi don runduna, da booting PXE. Hakanan aiwatar da DHCPv6 yana ba da damar wakilcin prefixes. Ana ba da API na musamman don yin hulɗa tare da aikace-aikacen waje. Yana yiwuwa a sabunta saitin akan tashi ba tare da sake kunna uwar garken ba.
Ana iya adana bayanai game da adiresoshin da aka keɓe da sigogin abokin ciniki a cikin nau'ikan ajiya daban-daban - a halin yanzu ana ba da bayanan baya don ajiya a cikin fayilolin CSV, MySQL DBMS, Apache Cassandra da PostgreSQL. Za a iya ƙayyade sigogin ajiyar mai watsa shiri a cikin fayil ɗin sanyi a tsarin JSON ko azaman tebur a MySQL da PostgreSQL. Ya haɗa da kayan aikin perfdhcp don auna aikin uwar garken DHCP da abubuwan da aka haɗa don tattara ƙididdiga. Kea yana nuna kyakkyawan aiki, misali, lokacin amfani da MySQL backend, uwar garken na iya yin ayyukan adireshi 1000 a sakan daya (kimanin fakiti 4000 a sakan daya), kuma lokacin amfani da memfile backend, aikin ya kai ayyukan 7500 a sakan daya.
Maɓalli a cikin Kea 1.6:
- An aiwatar da tsarin baya na daidaitawa (CB, Ƙaƙwalwar Kanfigareshan), yana ba ku damar sarrafa saitunan sabobin DHCPv4 da DHCPv6 da yawa. Ana iya amfani da ƙarshen baya don adana yawancin saitunan Kea, gami da saitunan duniya, cibiyoyin sadarwar da aka raba, raƙuman ƙasa, zaɓuɓɓuka, wuraren waha, da ma'anar zaɓi. Maimakon adana duk waɗannan saitunan a cikin fayil ɗin daidaitawa na gida, ana iya sanya su a cikin bayanan bayanan waje. A wannan yanayin, yana yiwuwa a ƙayyade ba duka ba, amma wasu saitunan ta hanyar CB, ma'auni masu rufewa daga bayanan waje da fayilolin sanyi na gida (alal misali, saitunan cibiyar sadarwa za a iya barin su a cikin fayilolin gida).
Daga cikin DBMSs don adana sanyi, MySQL ne kawai ake tallafawa a halin yanzu (MySQL, PostgreSQL da Cassandra ana iya amfani da su don adana bayanan ayyukan adireshi (leases), kuma ana iya amfani da MySQL da PostgreSQL don ajiyar runduna). Za'a iya canza tsarin da ke cikin ma'ajin bayanai ta hanyar kai tsaye zuwa DBMS ko ta hanyar ɗakunan karatu na musamman da aka shirya waɗanda ke ba da daidaitattun umarni don sarrafa tsarin, kamar ƙarawa da share sigogi, ɗaure, zaɓuɓɓukan DHCP da ƙananan raƙuman ruwa;
- An ƙara sabon aji mai kula da "DROP" (duk fakitin da ke da alaƙa da ajin DROP ana sauke su nan da nan), waɗanda za a iya amfani da su don sauke zirga-zirga maras so, misali, wasu nau'ikan saƙon DHCP;
- An ƙara sabbin sigogi max-lease-time da min-lease-time, yana ba ku damar tantance tsawon rayuwar adireshin da ke ɗaure ga abokin ciniki (lease) ba ta hanyar ƙima mai ƙarfi ba, amma a cikin hanyar m kewayon;
- Ingantacciyar dacewa tare da na'urorin da basu cika cika ka'idodin DHCP ba. Don yin aiki a kan batutuwan, Kea yanzu yana aika nau'in saƙon DHCPv4 a farkon farkon jerin zaɓi, yana kula da wakilci daban-daban na sunayen masu masaukin baki, ya gane watsa sunan mai masauki mara komai, kuma yana ba da damar lambobi 0 ta hanyar 255 suboption su bayyana;
- An ƙara soket ɗin sarrafawa daban don DDNS daemon, ta inda zaku iya aika umarni kai tsaye kuma kuyi canje-canje na tsari. Ana goyan bayan waɗannan umarni masu zuwa: gina-rahoto, config-samun, sakewa-sake-sake-sake-sake-sake-sake-saba, saita-gwajin, saita-rubutu, jerin-umarni, rufewa da sigar-samun;
- An kawar (CVE-2019-6472, CVE-2019-6473, CVE-2019-6474), wanda za'a iya amfani dashi don haifar da ƙin sabis (wanda ya haifar da haɗarin DHCPv4 da DHCPv6 masu kula da uwar garken) ta hanyar aika buƙatun tare da zaɓuɓɓukan da ba daidai ba da ƙima. Babban haɗari shine matsala , wanda, idan ana amfani da ma'ajin memfile don ɗaure, yana sa ba zai yiwu a sake kunna tsarin uwar garken da kansa ba, don haka ana buƙatar sa hannun mai gudanarwa ta hannu (tsabtace bayanan ɗaurin) don dawo da aiki.
source: budenet.ru