ProHoster > Блог > labaran intanet > Sauki mai ɗaukar hoto na OpenBGPD 8.2

Sauki mai ɗaukar hoto na OpenBGPD 8.2

An gabatar da shi ne fitowar bugu mai ɗaukuwa na fakitin kewayawa na OpenBGPD 8.2, wanda masu haɓaka aikin OpenBSD suka haɓaka kuma an daidaita su don amfani akan FreeBSD da Linux (tallafin Alpine, Debian, Fedora, RHEL/CentOS, Ubuntu an ayyana). Don tabbatar da ɗaukar nauyi, an yi amfani da sassan lambar daga ayyukan OpenNTPD, OpenSSH da LibreSSL. Aikin yana goyan bayan mafi yawan ƙayyadaddun bayanai na BGP 4 kuma ya dace da buƙatun RFC8212, amma baya ƙoƙarin rungumar fa'ida kuma yana bayar da galibin tallafi ga mafi shahara da ayyuka masu yaduwa.

Ana gudanar da ci gaban OpenBGPD tare da goyon bayan mai rejista na Intanet na yanki RIPE NCC, wanda ke da sha'awar kawo ayyukan OpenBGPD zuwa dacewa don amfani da sabobin don yin tuƙi a wuraren musayar zirga-zirga (IXP) da kuma samar da cikakken aiki. madadin kunshin BIRD (daga buɗaɗɗen madadin tare da aiwatar da ka'idar BGP, zaku iya lura da ayyukan FRRouting, GoBGP, ExaBGP da Bio-Routing).

Aikin yana mai da hankali kan tabbatar da matsakaicin matakin aminci da aminci. Don karewa, ana amfani da tsauraran tabbatar da daidaiton duk sigogi, na nufin sa ido kan yarda da iyakoki, raba gata, da ƙuntatawa ga kiran tsarin. Sauran fa'idodin sun haɗa da dacewa daidaitaccen harshe na ma'anar daidaitawa, babban aiki da ingancin ƙwaƙwalwar ajiya (misali, OpenBGPD na iya aiki tare da tebur mai tuƙi mai ɗauke da ɗaruruwan dubban shigarwar).

Canje-canje masu mahimmanci a cikin sabon sigar:

  • An sabunta aiwatar da tsarin ASPA (Izinin Mai Ba da Tsari Mai Zaman Kanta) da aka yi amfani da shi a cikin BPG don tabbatar da hanyoyin AS_PATH, ba da izini ga tsarin samarwa masu cin gashin kai, da kuma kariya daga zubewar hanyoyin da ba daidai ba. An kawo aiwatar da ASPA cikin yarda da daftarin-ietf-sidrops-aspa-verification-16 da kuma daftarin-ietf-sirops-aspa-profile-16 ƙayyadaddun bayanai, kuma an canza shi don amfani da tebur na dubawa ba tare da AFI (Adireshin Iyali ba). ).
  • Kafaffen bug a cikin lambar tantance saƙon saƙon netlink mai alaƙa da ƙayyadaddun girman girman saƙon da ba daidai ba kuma yana haifar da haɗari akan dandamalin Linux.
  • An canza lambar don samar da saƙonnin UPDATE zuwa amfani da sabon API na ibuf.
  • Ingantattun saƙonnin kuskure da aka nuna a cikin bgpctl lokacin ƙoƙarin yin amfani da fasalulluka waɗanda ba su da tallafi a sigar OpenBGPD mai ɗaukuwa.
  • An gyara misalin ƙa'idar tacewa GRACEFUL_SHUTDOWN don gudanar da zaman ebgp kawai.

source: budenet.ru

Add a comment