ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > DHCP server Kea 1.6, tsim los ntawm ISC consortium, tau luam tawm

DHCP server Kea 1.6, tsim los ntawm ISC consortium, tau luam tawm

IB Consortium luam tawm DHCP server tso tawm qee 1.6.0, hloov cov classic ISC DHCP. Qhov project qhov chaw kis mus nyob rau hauv daim ntawv tso cai Mozilla Public License (MPL) 2.0, tsis yog ISC Daim Ntawv Tso Cai yav dhau los siv rau ISC DHCP.

Kea DHCP server yog raws li BIND 10 thiab txhim tsa siv cov qauv tsim qauv, uas qhia txog kev faib ua haujlwm rau hauv cov txheej txheem sib txawv. Cov khoom lag luam suav nrog kev siv tag nrho cov neeg rau zaub mov nrog kev txhawb nqa rau DHCPv4 thiab DHCPv6 raws tu qauv, muaj peev xwm hloov ISC DHCP. Kea muaj cov cuab yeej built-in rau dynamically hloov kho DNS zones (Dynamic DNS), txhawb cov txheej txheem rau kev tshawb nrhiav neeg rau zaub mov, chaw nyob, hloov kho thiab rov txuas dua, kev pabcuam cov ntaub ntawv thov, khaws chaw nyob rau cov tswv, thiab PXE booting. Qhov kev siv DHCPv6 kuj tseem muab lub peev xwm los xaiv tsa ua ntej. API tshwj xeeb yog muab los cuam tshuam nrog cov ntawv thov sab nraud. Nws tuaj yeem hloov kho qhov kev teeb tsa ntawm ya yam tsis tau rov pib lub server.

Cov ntaub ntawv hais txog kev faib chaw nyob thiab cov neeg siv tsis tau tuaj yeem khaws cia hauv ntau hom kev khaws cia - tam sim no cov ntaub ntawv rov qab tau muab rau khaws cia hauv CSV cov ntaub ntawv, MySQL DBMS, Apache Cassandra thiab PostgreSQL. Tus tswv tsev txwv tsis pub tuaj yeem teev nyob rau hauv cov ntaub ntawv teeb tsa hauv JSON hom lossis ua ib lub rooj hauv MySQL thiab PostgreSQL. Nws suav nrog cov cuab yeej perfdhcp rau ntsuas DHCP server kev ua tau zoo thiab cov khoom siv rau kev sau cov txheeb cais. Kea qhia tau hais tias kev ua tau zoo, piv txwv li, thaum siv MySQL backend, tus neeg rau zaub mov tuaj yeem ua 1000 qhov chaw nyob hauv ib ob (txog 4000 pob ntawv ib ob), thiab thaum siv memfile backend, kev ua tau zoo nce mus txog 7500 assignments ib ob.

DHCP server Kea 1.6, tsim los ntawm ISC consortium, tau luam tawm

Ntsiab kev txhim kho hauv Kea 1.6:

  • Ib qho kev teeb tsa rov qab (CB, Configuration Backend) tau ua tiav, tso cai rau koj los tswj hwm qhov chaw nruab nrab ntawm ntau lub DHCPv4 thiab DHCPv6 servers. Cov backend tuaj yeem siv los khaws Kea ntau qhov chaw, suav nrog cov chaw thoob ntiaj teb, sib koom tes hauj lwm, subnets, kev xaiv, pas dej ua ke, thiab kev xaiv txhais. Hloov chaw khaws tag nrho cov chaw no hauv cov ntaub ntawv teeb tsa hauv zos, tam sim no lawv tuaj yeem muab tso rau hauv ib qho chaw sab nraud. Hauv qhov no, nws tuaj yeem txiav txim siab tsis yog tag nrho, tab sis qee qhov kev teeb tsa los ntawm CB, overlaying tsis los ntawm cov ntaub ntawv sab nraud thiab cov ntaub ntawv teeb tsa hauv zos (piv txwv li, kev teeb tsa network interface tuaj yeem tso rau hauv cov ntaub ntawv hauv zos).

    Ntawm DBMSs rau khaws cia kev teeb tsa, tsuas yog MySQL tau txais kev txhawb nqa tam sim no (MySQL, PostgreSQL thiab Cassandra tuaj yeem siv los khaws cov chaw nyob hauv databases (nqi), thiab MySQL thiab PostgreSQL tuaj yeem siv los khaws cov tswv). Cov kev teeb tsa hauv cov ntaub ntawv tuaj yeem hloov pauv los ntawm kev nkag ncaj qha mus rau DBMS lossis los ntawm cov tsev qiv ntawv tshwj xeeb npaj txheej txheem uas muab cov txheej txheem ntawm cov lus txib rau kev tswj hwm kev teeb tsa, xws li ntxiv thiab tshem tawm qhov tsis sib xws, khi, DHCP kev xaiv thiab subnets;

  • Ntxiv cov chav kawm "DROP" tshiab (txhua cov pob ntawv cuam tshuam nrog DROP chav kawm tam sim ntawd poob), uas tuaj yeem siv los tso cov tsheb tsis xav tau, piv txwv li, qee yam ntawm DHCP cov lus;
  • Cov kev txwv tshiab max-lease-time thiab min-lease-time tau ntxiv, tso cai rau koj los txiav txim siab lub neej ntawm qhov chaw nyob khi rau tus neeg siv khoom (nqis) tsis nyob rau hauv daim ntawv ntawm tus nqi nyuaj, tab sis nyob rau hauv daim ntawv ntawm ib tug txais tau ntau yam;
  • Txhim kho kev sib raug zoo nrog cov khoom siv uas tsis ua raws li DHCP cov qauv. Txhawm rau ua haujlwm ib puag ncig cov teeb meem, Kea tam sim no xa DHCPv4 cov ntaub ntawv hom lus thaum pib ntawm cov npe xaiv, ua haujlwm sib txawv ntawm cov npe hostnames, lees paub qhov kev sib kis ntawm lub npe khoob, thiab tso cai rau cov lej lej 0 txog 255 kom txhais tau;
  • Ib lub qhov (socket) tswj cais tau ntxiv rau DDNS daemon, uas koj tuaj yeem xa cov lus txib ncaj qha thiab ua kev hloov pauv. Cov lus txib hauv qab no tau txais kev txhawb nqa: build-report, config-get, config-reload, config-set, config-test, config-sau, list-commands, shutdown thiab version-get;
  • Tshem tawm yooj yim (CVE-2019-6472, CVE-2019-6473, CVE-2019-6474), uas tuaj yeem siv los ua qhov tsis lees txais kev pabcuam (ua rau kev sib tsoo ntawm DHCPv4 thiab DHCPv6 server handlers) los ntawm kev xa cov lus thov nrog cov kev xaiv tsis raug thiab cov nqi. Qhov txaus ntshai tshaj plaws yog qhov teeb meem SWB-2019-6474, uas, thaum siv rau memfile cia rau bindings, ua rau nws tsis yooj yim sua kom rov pib cov txheej txheem neeg rau zaub mov ntawm nws tus kheej, yog li phau ntawv kev cuam tshuam los ntawm tus thawj tswj hwm (ntxuav cov ntaub ntawv binding) yuav tsum tau rov ua haujlwm.

Tau qhov twg los: opennet.ru

Ntxiv ib saib